Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Ports required for a scan

from [Oscar Francisco Castaneda Villagran] Network Security [Permanent Link]
Subject: Re: Ports required for a scan
Date: Wed, 15 Sep 2004 09:11:24 -0600 
Philip,

Ok, then I hadn't quite understood what you were after. For finding out the
ports for specific plugins I would have a script parse the plugins and look
inside script_require_ports line (for nasl), eg: [ssh_proto_version.nasl]

script_require_ports("Services/ssh", 22);

Another suggestion would be to build a port dictionary file that will get the
port numbers you want to scan, then put these into Nessus readable form. Every
time you were to add a new plugin to your list you would go over the CVE or
related info, add the port to the dictionary and aprove it for use.

Just remember that services can run on ports other than the ones you expect them
to run in, this could impair your ability to detect unwanted services.

hth,

-oscar




Oscar Francisco Castaneda Villagran wrote:

Philip,

To do this in the Nessus client go to "Scan Options" you have to enter the

ports

in the Port Range field.

What do you mean by "on-the-fly"?
I'm not sure if the Port Range can be given as an argument when using

nessus in

batch mode... You'd have to find out if this is possible if you wanted to

do

this with some sort of script to automate this.

-oscar


Oscar,

We currently use a script to generate a nessusrc file with only certain
plugins turned on.  This works well, except that to ensure that all plugins
will work we are currently scanning all ports on the target host.

I would like to be able to determine which ports are required to be open for
each of the plugins which are to be enabled, and then enter that range in the
nessusrc file.  This will hopefully have a significant impact on the speed of
the scan.

Thanks
Phil




Hello,

I'd like to be able to generate on-the-fly a list of ports required to be
scanned given a list or class of vulnerabilities (such as backdoors), so as
not to need to scan all ports on each remote host.

Any thoughts?

Thanks
Phil
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus







----------------------------------------------------------------
Servicio de correo - Universidad Galileo - Guatemala








----------------------------------------------------------------
Servicio de correo - Universidad Galileo - Guatemala

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: nessus-update-plugins signature error, Renaud Deraison
Next by Date:  Binding nessus to a specific interface?, Wendell Smith
Previous by Thread:  Re: Ports required for a scan, Philip Webster
Next by Thread:  Scripted runs against multiple /24s., Matthew Romanek
Indexes:  [Date] [Thread] [Top] [All Lists]