Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: False negatives?

from [George A. Theall] Network Security [Permanent Link]
Subject: Re: False negatives?
Date: Tue, 14 Nov 2006 08:44:30 -0500 
On Mon, Nov 13, 2006 at 11:35:02AM -0600, felix lin wrote:

Running Nessus 3.0.0 on Fedora Core 4. It was working fine, but recently started giving false negatives.

Do you know when the change occurred? What if anything changed in the Nessus environment (eg, plugin updates, scan configs)? Have you looked at Nessus' logs and/or KBs for the affected hosts to see if they contain any clues?

> Specifically, it will only
report vulnerabilities for 11890 (Messenger Service). Using NessusWX client, which is telling me that it is scanning more than that port on each host.

Have you verified that the remote hosts are still running additional services that Nessus should pick up? Is the scanned running afoul of any sort of IPS? Have you done a packet capture while running a scan to see what traffic is being exchanged?


George
--
theall@tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Relating CVE IDs in Nessus Plugins, Shingari, Nitin V.
Next by Date:  Re: Nessus 3 logging.., George A. Theall
Previous by Thread:  False negatives?, felix lin
Next by Thread:  Relating CVE IDs in Nessus Plugins, Shingari, Nitin V.
Indexes:  [Date] [Thread] [Top] [All Lists]