Command line enables denial of service by default

Mon, 04 Feb 2002 11:27:21 -0800 

I found a description of the exact problem I am having (see below) with
Nessus and DoS scripts running by default from the CLI (even though nessus
tells me they have been disabled).  I haven't been able to find any fix
posted on this problem.  Is there currently a solution available?

This is Nessus 1.0.10 for Linux 2.2.16-22smp
compiled with gcc version 2.96 20000731 (Red Hat Linux 7.0)
Current setup :
        Experimental session-saving    : disabled
        Experimental KB saving         : disabled
        Thread manager                 : fork
        Crypto layer                   : peks/0.8
        nasl                           : 1.0.10
        libnessus                      : 1.0.10
        Running as euid                : 0

Thanks for any help you can provide.

-Rob.
                                                                                 
 On Mon, Nov 13, 2000 at 01:56:27PM -0800, Keeney, Frank wrote:                  
 > I'm running nessus on the command line. The host never had a nessus GUI       
 > client. I found that when I run the command line client for the first time    
 > it creates a .nessusrc like this:                                             
                                                                                 
 Hi,                                                                             
                                                                                 
 I have added your mail in the Nessus bugtracker. I'll investigate this          
 issue asap.                                                                     
                                                                                 
                                                                                 
     -- Renaud                                                                   
                                                                                 
                                                                                 
                                                                                 




                                                                                 
 I'm running nessus on the command line. The host never had a nessus GUI         
 client. I found that when I run the command line client for the first time      
 it creates a .nessusrc like this:                                               
                                                                                 
 # This file was automagically created by nessus                                 
 nessusd_host = localhost                                                        
 nessusd_user = root                                                             
 begin(SCANNER_SET)                                                              
  Ping the remote host = yes                                                     
  TCP Ping the remote host = no                                                  
  TCP SYN scan = no                                                              
  FTP bounce scan = no                                                           
  Nmap tcp connect() scan = no                                                   
  Nmap = yes                                                                     
 end(SCANNER_SET)                                                                
                                                                                 
 begin(PLUGINS_PREFS)                                                            
 end(PLUGINS_PREFS)                                                              
                                                                                 
                                                                                 
 It does not list yes or no for the individual plugins.                          
                                                                                 
 When I run nessus on the command line I see this:                               
                                                                                 
 nessus localhost 3001 root fwk123 target.txt result.nsr                         
 *** The plugins that have the ability to crash remote services or hosts         
 have been disabled. You should activate them if you want your security          
 audit to be complete                                                            
                                                                                 
 However, even though it says the denial of service plugins are disabled it      
 runs them anyway, from nessusd.messages:                                        
                                                                                 
 launching smb_crash_winlogon.nasl against x.x.x.5                               
 launching imail_host_overflow.nasl against x.x.x.5                              
 launching nestea.nasl against x.x.x.5                                           
 launching iis_crash.nasl against x.x.x.5                                        
 launching land.nasl against x.x.x.5                                             
 launching rfpoison.nasl against x.x.x.5                                         
 launching iis_buffer_overflow.nasl against x.x.x.5                              
 launching firewall1_dos.nasl against x.x.x.5                                    
                                                                                 
                                                                                 
 Frank

Reply via email to