-------------------------------------------------------------------------------
SESSIONS SAVING
-------------------------------------------------------------------------------


	Starting with Nessus 1.0.4, the experimental "sessions saving"
feature has been added.

Why experimental ?
------------------

	Mainly because it has not been tested by many people, so we can
expect it to generate bugs reports or user panics.
This feature will be enabled by default at the next major release of 
Nessus (1.2)

What is it ?
------------

	"Session savings" allows you to make an audit without fearing
any problems (power outage, crash of the nessus client, and so on...),
because if any problem occurs, you know that you can reboot your server
and continue the test where you left it (nearly - see the limitations for
details).

How to make it work ?
---------------------

./configure --enable-save-sessions, in nessus-core, then :
make
make install


Then, in the 'target' panel of the client, you have your list of sessions. You
can either delete them (to save disk space and make sure that nobody will
ever read them) or restore the sessions. 

If you chose to restore a session, then your client acts as if the test
was occuring in fast forward mode.

Note that each user has his own sessions, so if you share your nessusd
server with other people, they won't see your sessions, and you won't see
theirs.

Limitations
-----------

. Only the host whose test has been finished will have their
data saved. Suppose you are testing 200 hosts, 8 hosts at a time,
and that a power failure occurs when you are testings the hosts
#100, 101, 102, ... 108. If you ask to nessusd to restore your session,
you'll test _again_ these eight hosts (but not the 99 hosts that you
already tested). So, if you only use Nessus to test your localhost,
this feature is less interesting.

. If you change your plugin set, then the new tests will be done
with your new plugin set, but the old results won't change.


Files
-----

All your report are saved on the server side, in 
  ${prefix}/var/nessus/<username>/

But you should not handle the files there directly. Instead, you should use
the Nessus client to do this job.




------------------------------------------------------------------------------
Renaud Deraison <deraison@cvs.nessus.org>
$Id: session_saving.txt,v 1.3 2000/08/26 18:51:06 renaud Exp $
