Thanks!!
-- Brent
On Wed, 2005-05-25 at 09:50 -0400, Nicolas Pouvesle wrote:
It is fixed in cvs. Now even if udp port 137 can't be scanned SMB
login will work on port 139.
Thanks,
Nicolas
PS: updated plugin tarball should be available in 1-2 hours.
On May 24, 2005, at 6:06 PM, Brent Deterding wrote:
I need to resolve this; does anyone have any pointers for me as to
where
I can look or what I can try?
tcpdump shows differences between smbclient -L and Nessus against
an NT
host. smbclient returns valid results, Nessus does not :(
Nessus doesn't appear to be pulling the hostname to provide in the SMB
query. How can I modify this behevior?
Thanks!
-- Brent
On Mon, 2005-05-23 at 15:57 -0500, Brent Deterding wrote:
Hello,
I am trying to scan an NT host on tcp/139. I believe I am having
problems with name resolution. It is preventing me from getting
results
I know are present but unable to get out of nessus. I'm on 2.2.4 with
latest plugins (direct feed).
I know the host can have it's shares browsed and can verify as
much with
smblient. The applicable info seems to be:
Session request, to 1.1.1.210<20> from SCANNER1<00>
Negative session response, Called name not present
Session request, to 1<20> from SCANNER1<00>
Negative session response, Called name not present
Session request, to *SMBSERVER<20> from SCANNER1<00>
Positive session response
When I tcpdump the Nessus scan I get a lot of these:
Session request, to 1.1.1.210<20> from <20>
Negative session response, Called name not present
This happens quite a few times without changing to destination name.
/etc/hosts and /etc/resolv.conf look fine (it runs fine from
smbclient
after all).
Where can I look next?
Thank You.
-- Brent
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
--
===================
Brent Deterding
SOC Supervisor
(630) 371-4704
LURHQ - Protection Through Partnership
Sign up for LURHQ's newsletter:
http://www.lurhq.com/newsletters.html
This E-mail and any of its attachments may contain LURHQ proprietary
information, which is privileged, confidential, or subject to
copyright
belonging to LURHQ. This E-mail is intended solely for the use of the
individual or entity to which it is addressed. If you are not the
intended recipient of this Email, you are hereby notified that any
dissemination, distribution, copying, or action taken in relation
to the
contents of and attachments to this E-mail is strictly prohibited and
may be unlawful. If you have received this E-mail in error, please
notify the sender immediately and permanently delete the original and
any copy of this E-mail and any printout.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
--
===================
Brent Deterding
SOC Supervisor
(630) 371-4704
LURHQ - Protection Through Partnership
Sign up for LURHQ's newsletter:
http://www.lurhq.com/newsletters.html
This E-mail and any of its attachments may contain LURHQ proprietary
information, which is privileged, confidential, or subject to copyright
belonging to LURHQ. This E-mail is intended solely for the use of the
individual or entity to which it is addressed. If you are not the
intended recipient of this Email, you are hereby notified that any
dissemination, distribution, copying, or action taken in relation to the
contents of and attachments to this E-mail is strictly prohibited and
may be unlawful. If you have received this E-mail in error, please
notify the sender immediately and permanently delete the original and
any copy of this E-mail and any printout.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
