Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Funky webserver scannings

from [Jesper S. Jensen] Network Security [Permanent Link]
Subject: Funky webserver scannings
Date: Mon, 19 Dec 2005 11:13:54 +0100
I've earlier asked about Nessus ability to scan vhosts on web servers, but never really got any useful responses. In the mean time I've been testing Nessus in various ways, and the other day I tried Nessus 3 but got some rather funky/weird results.

I used NessusClient to set up a scan for www.mydomain.dk (that's of course not the real domain I scanned!). I selected plugins for CGI abuses and Web Servers, and tried various nmap/cgi/etc. setting changes in NessusClient with little change in the result.

Now on to the weird part. When I scan my webserver/vhost some of the scans are launched against the the vhost, that is including the right http headers. But way most are launched directly against the webserver/IP.

My question is: How come Nessus does this? Is it only some scripts that are made for using the correct http headers, or what's going on? Can Nessus somehow be persuaded to scan the vhosts with the right http headers?

I've tried a couple of other dedicated webserver scanners, such as Nikto, and it scans the vhost just fine. It's just that I would like to try Nessus for it, since it's usually the best or one of the best for "normal" security scanning and I was hoping it was the case here as well.

--

Jesper S. Jensen
Uni-C - Aarhus, Denmark

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Funky webserver scannings, Jesper S. Jensen <=
Previous by Date:  Re: Nortel {eriphonics, Michel Arboi
Next by Date:  Re: where's "nessus -T html" in nessus-v3?, Renaud Deraison
Previous by Thread:  where's "nessus -T html" in nessus-v3?, Jason Haar
Next by Thread:  Scan is aborted in batch mode, B. R.
Indexes:  [Date] [Thread] [Top] [All Lists]