Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Remote host dead?

from [Roman Medina-Heigl Hernandez] Network Security [Permanent Link]
Subject: Remote host dead?
Date: Mon, 23 Jun 2008 21:21:18 +0200 
Hello,

I'm trying to scan a host with the default policy. The host is alive and 
responding to pings. I got no results when scanning with Nessus 3.2.0 
(Windows). Looking at scan.log (in he "logs" dir), I can see a "remote host 
is dead". But my question is why? If I run nmap against the host, I can see 
unprivileged ports open (>1024) and of course it's responding to ping. I 
also entered 1-65535 in "port scanner range". No luck at all. Am I missing 
something? Perhaps a bug in Nessus?

Another question, how could I debug this? If I enable the option to "save a 
packet capture of the scan", I couldn't find any new log on logs dir (where 
should it be placed?)

Log attached (IP stripped; I could provide it in private for 
testing/debugging purposes):
[Mon Jun 23 20:56:43 2008][540] Use default port range
[Mon Jun 23 20:56:48 2008][540] user localuser : testing X.X.X.X (X.X.X.X) 
[540]
[Mon Jun 23 20:56:48 2008][540] Scan X.X.X.X using 21942 plugins
[Mon Jun 23 20:56:48 2008][540] user localuser : launching 
clrtxt_proto_settings.nasl against X.X.X.X [1]
[Mon Jun 23 20:56:48 2008][540] user localuser : launching 
dont_scan_settings.nasl against X.X.X.X [2]
[Mon Jun 23 20:56:48 2008][540] user localuser : launching 
ssh_settings.nasl against X.X.X.X [3]
[Mon Jun 23 20:56:48 2008][540] clrtxt_proto_settings.nasl (process 1) 
finished its job against X.X.X.X in 0.000 seconds
[Mon Jun 23 20:56:48 2008][540] dont_scan_settings.nasl (process 2) 
finished its job against X.X.X.X in 0.000 seconds
[Mon Jun 23 20:56:48 2008][540] ssh_settings.nasl (process 3) finished its 
job against X.X.X.X in 0.000 seconds
[Mon Jun 23 20:56:48 2008][540] user localuser : launching 
snmp_settings.nasl against X.X.X.X [4]
[Mon Jun 23 20:56:52 2008][540] snmp_settings.nasl (process 4) finished its 
job against X.X.X.X in 3.578 seconds
[Mon Jun 23 20:56:52 2008][540] user localuser : launching ping_host.nasl 
against X.X.X.X [5]
[Mon Jun 23 20:56:54 2008][540] ping_host.nasl (process 5) finished its job 
against W.W.W.W in 2.921 seconds
[Mon Jun 23 20:56:54 2008][540] user localuser : launching 
dont_scan_printers.nasl against X.X.X.X [6]
[Mon Jun 23 20:56:54 2008][540] The remote host (X.X.X.X) is dead
[Mon Jun 23 20:56:54 2008][540] Finished testing X.X.X.X. Time : 6.718 
secs, 6 plugins launched
[Mon Jun 23 20:56:54 2008][540] 1 hosts scanned

-- 

Saludos,
-Roman

PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB  29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Windows 64bit Nessus Targets, Nicolas Pouvesle
Next by Date:  Re: Remote host dead?, George A. Theall
Previous by Thread:  Windows 64bit Nessus Targets, Lovering, Ian J
Next by Thread:  Re: Remote host dead?, George A. Theall
Indexes:  [Date] [Thread] [Top] [All Lists]