On Sat, 22 Feb 2003, George A. Theall wrote: >On Thu, Feb 20, 2003 at 10:55:26AM -0600, Darren Evans-Young wrote: > >> Well, it has started again. I have a config file with a few >> plugins enabled, but when the scan (batch mode) starts running, >> more plugins get enabled. >... >> The extra plugins that get enabled after the scan starts: >> >> oracle9i_jspdefaulterror.nasl: script_id(11226); >> oracle9i_owautil.nasl: script_id(11225); >> oracle9i_soapconfig.nasl: script_id(11224); >> oracle9i_soapdocs.nasl: script_id(11223); >> oracle9i_soaprouter.nasl: script_id(11227); >> writesrv.nasl: script_id(11222); >> phpinfo.nasl: script_id(11229); >> stronghold_swish.nasl: script_id(11230); >> unreal_game_engine.nasl: script_id(11228); >> dns_server.nasl: script_id(11002); >> smb_nt_ms03-005.nasl: script_id(11231); >> nx_web_content_file_include.nasl: script_id(11233); >> php_nuke_installed.nasl: script_id(11236); >> sendmail_dns_map_txt_overflow.nasl: script_id(11232); >> php_4_3_0.nasl: script_id(11237); > >I suspect that plugins not explicitly listed in the config file are >being enabled by the server. All of these you list above seem to be >rather new. Do you know when you last updated your configuration file? >[Don't bother looking at the file's timestamp as that changes each time >you scan with the nessus client.] I bet you used the Nessus client to >select plugins at some point and then ran nessus-update-plugins at a >later date, which then transfered those new plugins to your system. >Further, I bet those new plugins now appear as enabled in the config >file. Am I right?
Yup, you are correct. This was exactly the problem. I have a config file saved that I use for specific runs. When I run nessus in batch mode, I point it to that config file. Sure enough, if I run nessus-update-plugins, any new plugins are automatically added to my config file and set to yes. I think the default should be to add them but set them to no. Any chance this could get fixed in a later release? > >While I don't see anything documented, I had thought that plugins were >not enabled by default, or at least not all types were. But a quick >check showed this to be wrong, with both 1.2.7 and 1.3.4. Further, this >behaviour seems independent of the plugin's category; even DoS plugins >seem to be! I haven't had the time to track this down yet so it might be >some option I have enabled or a lack of understanding on my part. > >Perhaps others can clear up my, and your, confusion. > >George >-- >[EMAIL PROTECTED] > Thanks for the heads-up George! Darren
