Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Varying results from scans

from [Ameet Zaveri] Network Security [Permanent Link]
Subject: Re: Varying results from scans
Date: Tue, 21 Feb 2006 17:31:14 -0800 (PST) 


--- "Jesper S. Jensen" <jesper.skou.jensen@uni-c.dk> wrote:


Josh Zlatin-Amishav wrote:

On Mon, 20 Feb 2006, Ameet Zaveri wrote:

How do I go about debugging this situation? In looking at

the

message log on the server side I noticed the following. It

said

"Not launching openssl_denial.nasl against xx.xx.xx.197

none of

the required tcp ports are open (this is not an error)" for

the

host where it did not find the hole. But it said "launching
openssl_denial.nasl against xx.xx.xx.198 [1060]" for the

similar

host where it found the hole.


Which port scanner[s] are you using?


And are you behind a firewall, that might start dropping
packages while 
you are portscanning? That way you sometimes get results of a
open port 
and other times you don't.

I know firewalls like in Cisco IOS based routers get
aggressive and 
start dropping packages, if there are more than xxxx packages
/ second 
from a given host. Maybe that's the case here?

-- 

   Jesper S. Jensen


Yes, we are behind a firewall. I am going to try a run with
delays between scans for each host to see if that is a
workaround for this issue.

Is aggressive firewalls a known issue? Are there recommended
workarounds for this? 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Varying results from scans, Ameet Zaveri
Next by Date:  Reason 0.4.0 Nessus Client (new Command Line Interface), Janos Szatmary
Previous by Thread:  Re: Varying results from scans, Jesper S. Jensen
Next by Thread:  Re: Varying results from scans, Josh Zlatin-Amishav
Indexes:  [Date] [Thread] [Top] [All Lists]