Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

recent addition to dont_scan_printers.nasl

from [Douglas Nordwall] Network Security [Permanent Link]
Subject: recent addition to dont_scan_printers.nasl
Date: Thu, 5 Oct 2006 08:12:49 -0700 
so, what's up with this line in dont_scan_printers.nasl?

--code--
if ( ! get_kb_item("Scan/Do_Scan_Printers" ) ) exit(0);
/code

now, taking a look at it, it looks like it works with the dont_Scan_settings.nasl to say if this not in the KB, then it it will exit this script.

Now, the interesting thing here is that if you _check_ Scan Network Printers, it will do the expected behavior, which is to check and see if it's a printer and then count it as dead if it is, returning very quickly from printers. If you _don't_ have it check, it will scan the crap out of the printers, and not check to see if it is a printer, and promptly give you a stack of vulnerabilities.

The other interesting part of this is if you _don't_ have scan network printers checked, it'll hammer my hp 4550dn enough to cause it to print stuff, including http requests and the like :)

Maybe an error in logic?

Doug Nordwall
Unix Administrator
EMSL Computer and Network Support
Unclassified Computer Security
Phone: (509)372-6776; Fax: (509)376-0420
The best book on programming for the layman is "Alice in Wonderland"; but that's because it's the best book on anything for the layman.


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • recent addition to dont_scan_printers.nasl, Douglas Nordwall <=
Previous by Date:  RE: Plugins and Login Configurations, Hardcastle, Tim
Next by Date:  Question on "Do not scan fragile devices" plug-in (fwd), Beth E. Binde
Previous by Thread:  Plugins and Login Configurations, Hardcastle, Tim
Next by Thread:  Question on "Do not scan fragile devices" plug-in (fwd), Beth E. Binde
Indexes:  [Date] [Thread] [Top] [All Lists]