Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

inconsistent results on the same scan configuration using plugin id 1040

from [monzy merza] Network Security [Permanent Link]
Subject: inconsistent results on the same scan configuration using plugin id 10400
Date: Wed, 23 Feb 2005 13:18:45 -0700 
hello All,

problem: scans with identical configuration yield different results on
the same set of target ip addresses for number of targets greater than
1. the only thing different about each scan is the time when the scan
is started.

more detail: i am scanning a subnet using only one plugin (10400). i
tried 2 different nessus servers (both ver 2.2.2). i am connecting to
both using NessusWx (version 1.4.5).

using a single test target, my results are the same on each scan (as
expected). but when i scan the entire subnet or import a list of
targets from a file, the results differ on each scan.

i was prompted to test 10400 due to inconsistent results for scans
using 11119 and 15894 [ ms04-040 vulnerability and windows xp service
pack leve respectively]. plugin dependencies were enabled for all
scans.

it appeared that i was not getting a 'high severity' result from
either one of the plugins when 10400 did not get a 'medium severity'
result. (to be expected since 10400  accesses the remote registry
using smb credentials).

i have verified my smb credentials and they are valid. even so, even
if my smb credentials were bad, i would expect to get similar results
for each time the scan is run.

any thoughts would be much appreciated. 

regards

monzy
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Question on setting up a scan, Michael Scheidell
Next by Date:  Re: Is "Get Identd info" used at all?, Michel Arboi
Previous by Thread:  Updating plgins, Joe
Next by Thread:  Re: inconsistent results on the same scan configuration using plugin id 10400, Renaud Deraison
Indexes:  [Date] [Thread] [Top] [All Lists]