Under the "Prefs." tab I am removing the check from "Do a TCP ping" and there is no check in "Do an ICMP ping" ..
Under NMAP options "Ping the remote host" was not checked. My targets still show up as dead almost immediately! A port scan is not being performed. The Nessus message is "The remote host is considered as dead - not scanning." These targets are running ZoneAlarm on W2K boxes. Any ideas? TCP Ping to a specific port is not an option because none of the machines are running consistent services. Thanks! Mark -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Goverts IV, Paul Sent: Monday, April 15, 2002 5:01 PM To: [EMAIL PROTECTED] Subject: RE: Scanning targets with personal firewalls running? You need to make sure you have the "ping host" option disabled in both the NMAP options and the nessus scanning preferences. The drawback is that it will take much longer, especially if scanning a range of IP's that have many non-active IP's in it. This is because most personal firewalls block Ping requests. The other option would be to set nessus to do a "TCP" ping, and configure it to a port that all the machines have running. Paul -----Original Message----- From: Mark G. Spencer [mailto:[EMAIL PROTECTED]] Sent: Monday, April 15, 2002 7:05 PM To: [EMAIL PROTECTED] Subject: Scanning targets with personal firewalls running? I was playing with Nessus (default options, except scanning 65535 ports) and noticed that my machines running personal firewalls came back as dead. I'm not extremely familiar with nmap, which I'm assuming is the component I need to tweak to force a "full" scan on these targets. Any advice on how to configure Nessus to scan targets running personal firewalls? As an example, I have one box that only has a single inbound port open, running a Return to Castle Wolfenstein Server. Running Nessus w/ default options shows this to me as a dead box. Thanks for the help! Mark
