You have probably thought of this already, but if port scans are crashing
the applications there are already some big issues there that need to be
resolved. We all want to be cautious in a production environment, but if
a port scan cause a DoS by way of killing the app -- something is wrong.
You've already identified a problem that an attacker could exploit..on
accident or on purpose.
Like the previous reply said though, if you choose the treat unscanned
ports as closed option it will not check as many. I believe it still does
some ports from my testing. I sent in an e-mail about this some time ago
related to experiences with the Nessus-WX client, which doesn't have this
option. For this client, even setting the option in the conf file, it
will still do connect to unscanned ports.
Steven
securityzone.org
Steven
I have a question regarding port scan and plugins. If I disable port
scanning all together, do all of the plugins still run as expected. I
do a regular scan of a bunch of servers, different OS', and have found
that port scanning is crashing the applications on the servers. I am
wondering if I disable port scanning and just run the tests, if the test
will run. I would expect that they would, the only effect being that
the "optimize tests" do not work because Nessus will known nothing of
the device it is scanning.
Thanks,
Pete
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
