I don't think we'll be able to scan against a lab environment; I don't
believe they have one in place.
Where can I find the nessusd.messages file(s) - is this enabled by default?
The packet capture idea is a good one...I'll definitely use that during the
next go around. I'm gathering information now about the application and
version that was affected.
On 9/19/06, George A. Theall <theall@tenablesecurity.com> wrote:
On Tue, Sep 19, 2006 at 07:28:05PM -0400, Jason Leuenberger wrote:
> I'm working on an assessment, with Nessus 3.0.2. I have 'Safe Checks'
> chosen, and have unchecked the Denial of Service category....
It's *should be* sufficient to enable safe checks. There are plenty of
plugins in the "Denial of Service" category that work by doing a banner
check or using credentials to determine what's installed.
> I can gather more information tomorrow morning regarding the application
> that's being used. Is there a way I can find out, perhaps for next time,
> through a Nessus log that shows what time a specific IP was scanned for
> a plugin, with the associated result, whether or not it produced an
alert?
Nessusd.messages normally logs when plugins are launched against a
particular target and when they finish. You could try to cross-reference
those logs against what the application on the target offers once you
determine to what extect the system clocks are in agreement. For the
next scan, if there is one, you could take a packet capture while the
scan runs to see what's directed at the application and what responses
it gives. Is it possible to run a test scan against a lab / backup system?
George
--
theall@tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
--
-->j
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
