--- Josh Zlatin-Amishav <josh@tkos.co.il> wrote:
On Mon, 20 Feb 2006, Ameet Zaveri wrote:
I am using Nessus 3.0.1 on Red Hat Linux to scan multiple
hosts
on a network. The scan is initiated by a shell script
running
NessusClient 1.0.0.RC4 (not via GUI). I am getting different
results during different runs on the same hosts. In
particular
there are 2 NT 4.0 based web servers which have OpenSSL
security
holes. If I run a scan with only a single target host, it
seems
to always find (and report) the vulnerability. When I run
the
scan with a target list specified in a file - about 10
targets -
it sometimes misses the same vulnerability. I ran a test
with a
couple of hosts deleted from the target list and it found
the
hole in one of the 2 hosts that are known to have this hole.
How do I go about debugging this situation? In looking at
the
message log on the server side I noticed the following. It
said
"Not launching openssl_denial.nasl against xx.xx.xx.197 none
of
the required tcp ports are open (this is not an error)" for
the
host where it did not find the hole. But it said "launching
openssl_denial.nasl against xx.xx.xx.198 [1060]" for the
similar
host where it found the hole.
Which port scanner[s] are you using?
--
- Josh
I am using the built-in scanner and ping, I think. Here are the
settings from the config file:
begin(SCANNER_SET)
10180 = yes
10335 = yes
[rest are no]
end
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
