Just confirmed this on the latest version of Ghost from Symantec, it takes
a few minutes to peg the processor, my guess it that it is not
find_service at all.
The 'ngserver' process listens on TCP and UDP ports 1347, going to try to
track down whats causing the problem...
-HD
On Wednesday 14 July 2004 15:26, Jason Dravet wrote:
I am using Nessus 2.0.10a to scan some of my servers. When I do a
non-destructive scan of the servers the ngserver.exe process shoots to
100% CPU utilization, effectively causing a denial of service. The
servers I am scanning have the Symantec Ghost 8 Enterprise server
software installed on them. I have traced the plugin that is causing
the problem to plugin ID 10330. It is the Services entry under Misc.
I unchecked everything in the plugins tab except Services and ran a
scan and ngserver.exe service shot to 100% CPU usage. I checked
everything except services and ran the scan, nothing happened to
ngserver.exe
By now you are thinking why am I posting this here? I should be going
to Symantec for help. The answer is I have already contacted Symantec
and they basically told me there is nothing they can do because I am
the only person to report the problem. I am posting this here so I can
get some information on how the services plugin works so I can relay it
back to Symantec so they can fix the problem. I tried to search the
plugin database for 10330 but nothing was returned. So how does the
Services plugin work?
Thanks,
Jason
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
