On Thu, Feb 20, 2003 at 10:55:26AM -0600, Darren Evans-Young wrote: > Well, it has started again. I have a config file with a few > plugins enabled, but when the scan (batch mode) starts running, > more plugins get enabled. ... > The extra plugins that get enabled after the scan starts: > > oracle9i_jspdefaulterror.nasl: script_id(11226); > oracle9i_owautil.nasl: script_id(11225); > oracle9i_soapconfig.nasl: script_id(11224); > oracle9i_soapdocs.nasl: script_id(11223); > oracle9i_soaprouter.nasl: script_id(11227); > writesrv.nasl: script_id(11222); > phpinfo.nasl: script_id(11229); > stronghold_swish.nasl: script_id(11230); > unreal_game_engine.nasl: script_id(11228); > dns_server.nasl: script_id(11002); > smb_nt_ms03-005.nasl: script_id(11231); > nx_web_content_file_include.nasl: script_id(11233); > php_nuke_installed.nasl: script_id(11236); > sendmail_dns_map_txt_overflow.nasl: script_id(11232); > php_4_3_0.nasl: script_id(11237);
I suspect that plugins not explicitly listed in the config file are being enabled by the server. All of these you list above seem to be rather new. Do you know when you last updated your configuration file? [Don't bother looking at the file's timestamp as that changes each time you scan with the nessus client.] I bet you used the Nessus client to select plugins at some point and then ran nessus-update-plugins at a later date, which then transfered those new plugins to your system. Further, I bet those new plugins now appear as enabled in the config file. Am I right? While I don't see anything documented, I had thought that plugins were not enabled by default, or at least not all types were. But a quick check showed this to be wrong, with both 1.2.7 and 1.3.4. Further, this behaviour seems independent of the plugin's category; even DoS plugins seem to be! I haven't had the time to track this down yet so it might be some option I have enabled or a lack of understanding on my part. Perhaps others can clear up my, and your, confusion. George -- [EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
