Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Not Reporting Ports

from [sanjeev sinha] Network Security [Permanent Link]
Subject: Re: Not Reporting Ports
Date: Wed, 17 May 2006 15:39:30 -0400 
Is there a firewall in between?  What does the nessus log file suggests?  What 
are the various tcp states on the host being scanned while this is going on?

Sanjeev

All work and no play makes Jack a dull boy --- Jack Torrance, The Shining
  ----- Original Message ----- 
  From: Ray DuBose 
  To: nessus@list.nessus.org 
  Sent: Wednesday, May 17, 2006 2:43 PM
  Subject: Not Reporting Ports


  Hey,

   

   Fairly new to nessus so be kind.  I have 2 IP's that I've been asked to 
scan.  When I run NMAP against them using -sS I get several filtered ports:

   

  (The 56612 ports scanned but not shown below are in state: closed)

  PORT      STATE    SERVICE

  21/tcp    filtered ftp

  22/tcp    filtered ssh

  23/tcp    filtered telnet

  80/tcp    filtered http

  137/tcp   filtered netbios-ns

  161/tcp   filtered snmp

  162/tcp   filtered snmptrap

  443/tcp   filtered https

  491/tcp   filtered go-login

  554/tcp   filtered rtsp

  3389/tcp  filtered ms-term-serv

  4441/tcp  filtered unknown

  4444/tcp  filtered krb524

  5350/tcp  filtered unknown

  7070/tcp  filtered realserver

  8000/tcp  filtered http-alt

  8080/tcp  filtered http-proxy

  8087/tcp  filtered unknown

  8380/tcp  filtered unknown

  8480/tcp  filtered unknown

  10000/tcp filtered snet-sensor-mgmt

  10130/tcp filtered unknown

  11889/tcp filtered unknown

   

  But when I run a Nessus Scan against the same host I get nothing back other 
than a genera/tcp

  Information about this scan : 

   

  Nessus version : 3.0.2

  Plugin feed version : 200603211235

  Type of plugin feed : Release

  Scanner IP : 10.1.11.113

  Port scanner(s) : synscan 

  Port range : 1-65535

  Thorough tests : no

  Experimental tests : no

  Paranoia level : 1

  Report Verbosity : 1

  Safe checks : yes

  Max hosts : 16

  Max checks : 10

  Scan Start Date : 2006/5/17 13:15

  Scan duration : 285 sec

   

  And general/UDP that just shows a traceroute to the host. I'm running Nessus 
on Fedora Core 5 and this is the latest version of Nessus as I just built it 
today.  I've tried all the port scanners that are listed as well as both the 
Linux Client and the Windows Client. The NMAP was run from the same Nessus 
Server.  Am I doing something wrong?

   

  Ray

   



------------------------------------------------------------------------------


  _______________________________________________
  Nessus mailing list
  Nessus@list.nessus.org
  http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Not Reporting Ports, Michel Arboi
Next by Date:  Re: Not Reporting Ports, Karl Tatgenhorst
Previous by Thread:  Re: Not Reporting Ports, Michel Arboi
Next by Thread:  Re: Not Reporting Ports, Karl Tatgenhorst
Indexes:  [Date] [Thread] [Top] [All Lists]