Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Thorough test of a Web server

from [Arkadi.Kosmynin] Network Security [Permanent Link]
Subject: RE: Thorough test of a Web server
Date: Sat, 20 Jan 2007 19:40:18 +1100 
Thanks,

AFAIK, this will add DoS tests that I don't want at this stage.

Regards,

Arkadi


-----Original Message-----
From: Justin Seitz [mailto:jms@bughunter.ca]
Sent: Friday, 19 January 2007 7:35 PM
To: Kosmynin, Arkadi (ATNF, Marsfield)
Cc: nessus@list.nessus.org
Subject: Re: Thorough test of a Web server

Are you using NessusWX? If so just disable the "Safe" scans, as I

believe

this is essentially setting it to thorough.

Then again, it's late and sleep hasn't arrived at my door for days!


JS


Hello,

I am trying to scan a web site with Nessus. Nessus server and client

are

both installed on my computer. The web server is on the local

network.


I am using Nessus 3.0.4 on Win XP. I can configure it scan the

server,

but I don't think that it does what is expected. The web site has a

few

thousand pages, but scan takes only 20-30 minutes (I disable port

scans,

except port 80). I select all plugins, except the DoS group. The
webmiror plugin is selected too, but I don't think that it does
anything.

I see this in scan information:

Nessus version : 3.0.4
Plugin feed version : 200701161815
Type of plugin feed : Registered (7 days delay)
Scanner IP : <removed>
Port scanner(s) : synscan
Port range : 80
Thorough tests : no
Experimental tests : no
Paranoia level : 1
Report Verbosity : 1
Safe checks : yes
Max hosts : 20
Max checks : 4
Scan Start Date : 2007/1/18 12:20
Scan duration : 1676 sec

The question is, how do I enable thorough tests? I want as tough

scan as

possible, even if it takes a couple days to do.

The other question is, how to get the webmirror plugin working? I do
increase the number of cached pages to the max (99999).

I found a couple of books describing Nessus, but they talk about

Nessus

2. The new Nessus 3 interface is intuitive, but not well documented.

Thanks,

Arkadi
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus





_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  i can't make nessus for windows work, andre nenhum
Next by Date:  RE: Thorough test of a Web server, Arkadi.Kosmynin
Previous by Thread:  Re: Thorough test of a Web server, Justin Seitz
Next by Thread:  Re: Thorough test of a Web server, George A. Theall
Indexes:  [Date] [Thread] [Top] [All Lists]