Renaud and Doug (from other post),
Thanks for your responses. I've used this off and on in the past (very
recent past) with my Ubuntu workstation and laptop. However, we recently
found some easy of use issues related to a combo of features
options/reporting/features and our VPN that have made using Nessus-WX more
favorable. It appears that this option, to consider unscanned ports as
closed, is not available in Nessux-WX or at least I am unable to find it
(must be well hidden if it's there). In the linux client it's under the
Scan Options right where you specify the ports. I also cannot seem to find
any option to make this a default setting in nessusd.conf to consider the
unscanned ports as closed. Is there a way to do this?
Subsequently this brings us to another issue we've had with Nessus as of
late. Starting a month or so ago when trying to start a scan with an of
the *nix clients it just freezes and nothing happens. Just now I tested
with the 2.2.8 client as well as NessuClient 1.0.1. Both connect to the
server fine and grab all the plugins, but once you hit Start or Execute..
it just freezes and never initiates a thing. This started some time ago
and I actually just completely wiped our last Nessus 2.2.8 (or 2.2.6)
install and put on 2.2.9 yesterday. On the client end I wiped all the
.nessusrc or related files in the event they were causing a problem. I'm
still exhibiting this same issue even after doing this. As is one of my
co-workers. Any ideas on that too? Hopefully these e-mails aren't too
long winded. :)
Thanks
Steven
Hi,
On Dec 20, 2006, at 3:53 PM, Steven Adair wrote:
To recap from above:
Issue 1: Using just a scanner plugin and 1 port.. Nessus seems to scan
multiple other ports for no reason. Why is this?
Probably because ping.nasl is enabled anyways due to the dependencies.
To disable ping, you should disable ICMP and TCP pings from Prefs-
>Advanced->Ping Options
Issue 2: Even if the host is dead and/or no ports are open Nessus
still
runs the same vulnerability checks on it. Why is this and can we
disable
this?
This is happening because nessusd only knows about the status of port
8888 -- maybe port 445 is wide open, maybe it's not. We can't tell
because you chose not to scan it.
So what nessusd does is that it attempts to connect to that port, and
when the attempt eventually times out, it marks it as being a port
not to connect to in the future. Since there are plenty of plugins,
it still takes some time.
To avoid this, enable the option 'Consider unscanned ports as closed'
and try again. Some UDP checks will still take place, though.
-- Renaud
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
!DSPAM:4589506120141619519546!
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
