Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Nessus scan never finishes...

from [Saad Kadhi] Network Security [Permanent Link]
Subject: Re: Nessus scan never finishes...
Date: Fri, 28 Mar 2008 00:18:39 +0100 
Hi,

On Mar 27, 2008, at 5:04 PM, Joe Lawson wrote:

I've installed the 3.2 server on a FreeBSD box and it appears to be
working correctly.   However, I've installed the NessusClient v3.2  
on an
XP SP2 box and am running into a problem.

Specifically, I can connect to the Nessus Server and create a simple
scan against say, one host/Microsoft Patches but the scan never  
finishes
(as in 8 hours later).   A PS shows the  "nessusd: testing boxa
(nessusd) and no error messages.



I have witnessed the same thing on my side. I am running also a Nessus  
Client 3.2.0 on Windows XP SP2 (fully patched, English version) and  
Nessus 3.2.0 on FreeBSD 6.3-RELEASE (without and with patches applied  
through freebsd-update).

Here are some details that might interest you wrt further tests I've  
conducted when I noticed this:
---
- I use the default scan policy.
- I request a scan of 10 _live_ targets (a mixture of Unix/Linux and  
Windows boxen). Before each test described below, I confirmed that the  
targets were alive using ICMP.  During each test described below, I  
ran an nmap scan which successfully completed on each of the targets.
- There is no filtering device such as a firewall/IPS/etc. involved.
- When I use a Nessus Client 3.2.0 on Windows XP and nessusd 3.2.0 on  
FreeBSD 6.3-RELEASE, I see on the server side a process for each  
selected target. I don't see anything on the left-side of the GUI. I  
let the scan run for 24 hours with no displayed results on the GUI.  
Then I decided to tcpdump on the server side only to see that from  
time to time (not measured precisely but seemed to me very long), a  
packet is sent towards one of the targets. When I click on Stop  on  
the GUI, I get a message which I don't recall precisely but which  
basically says that I was disconnected by the server. The nessusd  
scanning processes still shows up on the server side and only way to  
get rid of them is a SIGKILL.
Should have strace'ed them maybe beforehand?
- When I use a nessus CLI client and a nessusd 3.2.0 on FreeBSD 6.3- 
RELEASE, I have the same results as above. tcpdump about 30 minutes  
after starting the scan shows also the same behavior.
- When I use a Nessus Client 3.2.0 on Windows XP and the server is  
also on the same machine, Only two targets shows up and are fully  
scanned. I repeated the operation twice and during the two following  
runs, 2 targets were scanned again (not the ones that were scanned  
during the first scan) then 1 target (neither from the first or the  
second scan).
- When I use a Nessus Client 3.2.0 on Mac OS X 10.5.2 and the server  
on the same machine, all ten targets shows up in the GUI and are  
scanned.
---

HTH to diagnose the problem if any.
--
Saad Kadhi -- saad@docisland.org
"True security is born from love alone" -- Antibalas






_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  nessusrc owner changes from time to time, Pedro Pozuelo
Next by Date:  Nessusd on Ubuntu 7.1, Larry Petty
Previous by Thread:  Re: Nessus scan never finishes..., Renaud Deraison (lists)
Next by Thread:  Re: Nessus scan never finishes..., Renaud Deraison (lists)
Indexes:  [Date] [Thread] [Top] [All Lists]