log("$username : " . $_SERVER['PHP_SELF'] . " : Accessed Page", PEAR_LOG_DEBUG); echo "

Welcome $username System Status "; $query="select count(id) from plugins"; $result=$dbconn->execute($query); list($plugincount)=$result->fields; echo "There are $plugincount Nessus plugins in the database. "; $query = "select count(id) from nessus_plugins where TO_DAYS(now()) - TO_DAYS(created) <7"; $result = $dbconn->execute($query); list($plugincount)=$result->fields; if ($plugincount>0) { echo ""; } echo "$plugincount"; if ($plugincount>0) { echo ""; } echo " new plugin"; if ($plugincount!=1) { echo "s"; } echo " added within last 7 days. "; $query="select count(sched_id) from nessus_scan as n inner join nessus_schedule as s on n.sched_id=s.id where n.server_id>0 and n.status='R'"; $result=$dbconn->execute($query); list($scancounttotal)=$result->fields; $query.=" and s.username='$username'"; $result=$dbconn->execute($query); list($scancount)=$result->fields; $query="select count(sched_id) from nessus_scan as n inner join nessus_schedule as s on n.sched_id=s.id where n.server_id=0"; $result=$dbconn->execute($query); list($numstill2btestedtotal)=$result->fields; $query.=" and s.username='$username'"; $result=$dbconn->execute($query); list($numstill2btested)=$result->fields; echo "You have: "; if ($scancount>0) { echo ""; } echo "$scancount"; if ($scancount>0) { echo ""; } echo " Nessus scan"; if ($scancount!=1) { echo "s"; } echo " currently running. "; if ($numstill2btested>0) { echo ""; } echo "$numstill2btested"; if ($numstill2btested>0) { echo ""; } echo " Nessus scan"; if ($numstill2btested!=1) { echo "s"; } echo " currently queued for scanning. "; echo " Inprotect has: "; if ($scancount>0) { echo ""; } echo "$scancount"; if ($scancount>0) { echo ""; } echo " Nessus scan"; if ($scancount!=1) { echo "s"; } echo " currently running. "; if ($numstill2btestedtotal>0) { echo ""; } echo "$numstill2btestedtotal"; if ($numstill2btestedtotal>0) { echo ""; } echo " Nessus scan"; if ($numstill2btestedtotal!=1) { echo "s"; } echo " currently queued for scanning."; echo " News Updated Search screen has been released. When adding Notes from a Scan Result page, a popup is now displayed instead of opening in the report window. From the Schedule Scan page you can execute a scan immediately without having to walk through the full scheduling process. Report output standardised in both HTML and PDF versions. Current version and user now displayed at the top of pages. Nmap.nasl is now signed by Nessus - no need to have the signed plugin check option disabled in Nessus! Lots of bugs fixed! See CHANGES file for all of the details. "; if ($acl=="Y") { echo " As an admin, you can now view other user's scan results. "; } echo "

Your Vulnerability Scans Summary: "; //////////////////////////////// $result=$dbconn->Execute("SELECT count(risk) as count, risk FROM `nessus_results` where username='$username' and falsepositive<>'Y' and scriptid <> 10180 and msg<>'' group by risk"); #$result=$dbconn->Execute("SELECT count(risk) as count, risk FROM `nessus_results` where username='$username' and falsepositive<>'Y' and scriptid <> 10180 group by risk"); $totalrisk=0; $prevrisk=0; $chartimg="graph1.php?graph=1"; while (list($riskcount, $risk)=$result->fields) { for ($i=0;$i<$risk-$prevrisk-1;$i++) { $missedrisk=$prevrisk+$i+1; $chartimg.="&risk$missedrisk=0"; } $prevrisk=$risk; $chartimg.="&risk$risk=$riskcount"; $totalrisk=$totalrisk+$riskcount; $result->MoveNext(); } if($totalrisk>0) {echo "";} $query="select count(distinct host) from nessus_results where username='$username'"; $result=$dbconn->execute($query); list ($syscount) = $result->fields; echo " Scanned $syscount systems"; $query="select count(distinct scantime, sched_id) from nessus_results where username='$username'"; $result=$dbconn->execute($query); list ($syscount) = $result->fields; echo ", $syscount times."; if ($acl=="Y") { echo " Total Vulnerability Scans Summary: "; //////////////////////////////// $result=$dbconn->Execute("SELECT count(risk) as count, risk FROM `nessus_results` where falsepositive<>'Y' and scriptid <> 10180 and msg<>'' group by risk"); # $result=$dbconn->Execute("SELECT count(risk) as count, risk FROM `nessus_results` where falsepositive<>'Y' and scriptid <> 10180 group by risk"); $totalrisk=0; $prevrisk=0; $chartimg="graph1.php?graph=1"; while (list($riskcount, $risk)=$result->fields) { for ($i=0;$i<$risk-$prevrisk-1;$i++) { $missedrisk=$prevrisk+$i+1; $chartimg.="&risk$missedrisk=0"; } $prevrisk=$risk; $chartimg.="&risk$risk=$riskcount"; $totalrisk=$totalrisk+$riskcount; $result->MoveNext(); } if($totalrisk>0) {echo "";} $query="select count(distinct host) from nessus_results"; $result=$dbconn->execute($query); list ($syscount) = $result->fields; echo " Scanned $syscount systems"; $query="select count(distinct scantime, sched_id) from nessus_results"; $result=$dbconn->execute($query); list ($syscount) = $result->fields; echo ", $syscount times."; } echo "

"; include ('footer.php'); function getrisk($risk) { switch ($risk) { case 1: $risk="Serious"; break; case 2: $risk="High"; break; case 3: $risk="Medium"; break; case 4: $risk="Medium/Low"; break; case 5: $risk="Low/Medium"; break; case 6: $risk="Low"; break; case 7: $risk="Info"; break; } return $risk; } ?>