If you run 'all plugins' than that would be redundant. But, if you ran one or two, or a family, or forgot to enable a plugin that needed to provide certain information, or were unaware of their relationship, then running without enabling dependencies could give you false negetives.
As an example: if you did not have services enabled, and ran a scan of http servers that had a Cross Site Scripting problem, then you may miss the Compaq administrative http server on port (2361?). Or, if you ran a test of Microsoft Win2k Service pack3, and forgot to enable the smb__login.nasl, then no access to the remote windows registry would be possible. There are many examples, and to see what they are, you can click on 'show dependenies' on a specific plugin. As you may see, there are dependencies in the smb (windows) plugins, the http plugins (which depend on server version and http version information), as well as many others. The only down side I used to see is when nmap and ping host was called on a host that was behind a firewall. Nessus would run the ping test, and mark the host dead. Now with the ability to specify the ports ping will use for the tcp scan, you can avoid that problem. -- Michael Scheidell, CEO SECNAP Network Security, LLC Sales: 866-SECNAPNET / (1-866-732-6276) Main: 561-368-9561 / www.secnap.net Looking for a career in Internet security? http://www.secnap.net/employment/ - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
