Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: XP SP2

from [Martin] Network Security [Permanent Link]
Subject: Re: XP SP2
Date: Tue, 26 Apr 2005 15:49:45 +0100
Ooops - that could well be it, I presumed that I would get some sort of information back, I just was not expecting to get no information at all.
I feel a bit of a muppet now ;(
Bear with me, I drew the short straw, and got 'internal LAN security' as my project - having never touched Linux before, and knowing very little about security, (other than pointing people to windows update!!!) I will be the first to admit Im struggling....
So saying, on the reading I have done, its important, and yes I would like to strangle someone over Linux, its a bit confusing after windows, but I will get there....
Wish I was back with my routers.

Many thanks

Martin

Rochford, Paul wrote:
It could simply be the fact that there are no ports open on this machine
because they are all filtered by the firewall. Have you tried telnetting
to the basic windows ports. Outgoing connections from the machine are
probably not filtered but un-established incoming requests most likely
are.

Telnet [host-ip] 139
Telnet [host-ip] 445

Or just do a simple nmap port check on the above. Nmap -sS [ip] -p
139,445 -vv

Kind Regards,
Paul Rochford 

-----Original Message-----
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of Jonathan Clark
Sent: Tuesday, April 26, 2005 2:47 PM
To: Martin; nessus@list.nessus.org
Subject: RE: XP SP2

I had a similar issue some time back.

Enable ICMP ping.  Check your nessus logs because it might be the nessus
scanner is reporting these hosts as dead which means it doesn't even see
them on the network.

Enable ICMP ping.  If it fails than...  I don't know and I'll let the
more advance guys tell ya lol..

-----Original Message-----
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of Martin
Sent: Tuesday, April 26, 2005 9:24 AM
To: nessus@list.nessus.org
Subject: XP SP2

Hi Guys,
        Is there an FAQ for how to deal with Firewalls, - it seems to me
that alot of people have trouble with this issue.

I am getting back no test results for scanning XP machines with the SP2
service pack firewall enabled. The scan completes in seconds but comes
back with a 'there are no results to view for this' message

Scanning the mailing list I can confirm that I have disabled pinging the

remote host, the SMB credentials are correct. I am using the Nessus TCP
scanner.
I tried to use Nmap scanner with the option for fragment IP packets but
this made no difference.
I understand that firewalls make things very difficult, but thought Id
post before banging my head against the wall and giving up on firewalled

machines.

Also regarding best practice for XP, on a windows 2000 box, a complete
(1-65535) port scan using TCP scanner and all the windows family plugins

enabled takes about 7-10 mins depending on time of day.
In XP, with the same settings, I am averaging two hours or more per
host, is this normal? Searching for slow XP scans hasn't brought up
anything that I can see to help...
Im happy to upload a report with the config options if that would help
with the diagnosis...

Many thanks
Martin

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

______________________________________________________________________

This email has been scanned by the MessageLabs Email Security System
on behalf of the London Business School community.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Samba swat warnings in 2.2.4, Knut Hellebø
Next by Date:  RE: XP SP2, Jonathan Clark
Previous by Thread:  RE: XP SP2, Rochford, Paul
Next by Thread:  RE: XP SP2, Jonathan Clark
Indexes:  [Date] [Thread] [Top] [All Lists]