Thanks for answering my question. I may go the plug in route but adding the
IP addresses is a great fix for now.
I checked the logs and it appears that nessus does indeed scan the address's
that are allowed and skips the reject/denied ones. the WX Gui is a bit
misleading, I receive the E2002 error when the audit is complete but
the interface still states that its scanning.
On 10/25/06, Renaud Deraison <deraison@nessus.org> wrote:
On Oct 24, 2006, at 9:38 PM, Jeff T wrote:
> Hello all.
>
> First I would like to say I appsoluly love this project. Nessus is
> a wonderful tool.
>
> I'm trying to be creative and deny close to 60 host from being
> scanned during our audits. I want to utilize the nessusd.rules file
> keep track rather then having to brake apart my subnets when
> inputting them for the audit.
>
> I'm trying to figure out why my scan is hanging with error "E2002 -
> These hosts could not be tested because you are not allowed to do
> so." after adding deny addresses to the nessusd.rules file. I want
> to scan the subnet and have purposely denied IP address. Should I
> be using reject instead of deny? Is their an error log I should be
> looking at.
>
> My scan works flawlessly until it hits a deny host and then just
> stops.
The scan does not stop when an attempt to scan a "forbidden" IP is
made. In other words, the error message you're seeing is displayed
only at the end of the scan, but every other IP in your network
should have been scanned (check nessusd.messages to have more details
about what is going on).
-- Renaud
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
