Hi,
I am using nessus 1.2.6 on the MacOSX 10.2.2(via fink) and FreeBSD
4.6-stable(via ports). I am having the following symptoms on both systems.
1) from the point I click on the "connect" button to the the log showing
"Redirecting debugging output to /var/nessus/logs/nessusd.dump" there is a
long wait, about 3 minutes or so. I tried connecting both local and remote
nessusd, using -x with batch-mode, same lag. After which everything seems
to operating normally.
2) I did a bunch of nmap scans with the following flags manually.
(took up about 2 hours per IP)
nmap -P0 -n -sS -O -p1-65535 -oX ip.xml > ip.txt
I have been trying to feed the "ip.txt" files to nessus via the
configuration file without success. It still launches nessus to do a
portscan. I turned the "unscanned_closed" to yes, hoping to short-circuit
the nmap launch; I checked the mailing archive and followed closely to all
the suggestions. However, it still won't take the previously nmap output.
Afraid of the minor differences between the -oN and the stdout, I even
tried manually rescanning one machine with (as indicated in the FAQ)
nmap -oN ip.txt -sT -sU -O ip
and feeding that result, still no go.
Here is a list of the relevant flags from the nessusrc file that I am
using. Would you experts here please shed some light on this. Thank you.
jake.
ps. please let me kow if you would like more data
port_range = 1-65535
detached_scan = no
continuous_scan = no
unscanned_closed = yes
diff_scan = no
Nmap[radio]:TCP scanning technique : = SYN scan
Nmap[checkbox]:UDP port scan = no
Nmap[checkbox]:RPC port scan = no
Nmap[checkbox]:Ping the remote host = no
Nmap[checkbox]:Identify the remote OS = no
Nmap[checkbox]:Use hidden option to identify the remote OS = no
Nmap[checkbox]:Fragment IP packets (bypasses firewalls) = no
Nmap[checkbox]:Get Identd info = no
Nmap[radio]:Port range = User specified range
Nmap[checkbox]:Do not randomize the order in which ports are scanned = yes
Nmap[entry]:Source port : = any
Nmap[radio]:Timing policy : = Normal
Nmap[file]:File containing nmap's results : = /tmp/ip.txt
Nmap[entry]:Data length : =
Nmap[entry]:Ports scanned in parallel =
Nmap[entry]:Host Timeout (ms) : =
Nmap[entry]:Min RTT Timeout (ms) : =
Nmap[entry]:Max RTT Timeout (ms) : =
Nmap[entry]:Initial RTT timeout (ms) =
Nmap[entry]:Minimum wait between probes (ms) =
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
