Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Buffer overflow causing service to hang?

from [George A. Theall] Network Security [Permanent Link]
Subject: Re: Buffer overflow causing service to hang?
Date: Tue, 19 Sep 2006 20:18:13 -0400 
On Tue, Sep 19, 2006 at 07:28:05PM -0400, Jason Leuenberger wrote:

I'm working on an assessment, with Nessus 3.0.2. I have 'Safe Checks' chosen, and have unchecked the Denial of Service category....

It's *should be* sufficient to enable safe checks. There are plenty of plugins in the "Denial of Service" category that work by doing a banner check or using credentials to determine what's installed.

I can gather more information tomorrow morning regarding the application that's being used. Is there a way I can find out, perhaps for next time, through a Nessus log that shows what time a specific IP was scanned for a plugin, with the associated result, whether or not it produced an alert?

Nessusd.messages normally logs when plugins are launched against a particular target and when they finish. You could try to cross-reference those logs against what the application on the target offers once you determine to what extect the system clocks are in agreement. For the next scan, if there is one, you could take a packet capture while the scan runs to see what's directed at the application and what responses it gives. Is it possible to run a test scan against a lab / backup system?

George
--
theall@tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: How to use Nessus 3.0.3 (Linux) with Nmap port scanning, A User
Next by Date:  Re: Plugin update error, George A. Theall
Previous by Thread:  Buffer overflow causing service to hang?, Jason Leuenberger
Next by Thread:  Re: Buffer overflow causing service to hang?, Jason Leuenberger
Indexes:  [Date] [Thread] [Top] [All Lists]