am i the only one who's experienced this problem? -----Forwarded Message-----
From: Tom Schouteden <[EMAIL PROTECTED]> To: Renaud Deraison <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Subject: Re: multipe IP's Date: 11 Jun 2003 15:28:40 +0200 On Wed, 2003-06-11 at 15:34, Renaud Deraison wrote: > On Wed, Jun 11, 2003 at 02:30:34PM +0200, Tom Schouteden wrote: > > On Wed, 2003-06-11 at 13:23, Renaud Deraison wrote: > > > On Wed, Jun 11, 2003 at 11:47:03AM +0200, Tom Schouteden wrote: > > > > Now I noticed that when I scan each IP separately, Nessus does continue > > > > scanning and finds vulnerabilities on almost each of these IP's. How is > > > > this possible? Has any had similar experiences? > > > > > > > > Any feedback would be welcome. > > > > > > Which operating system is Nessus running on ? What kind of connection > > > was there between it and the tested hosts ? > > > > The server is running Debian, and the client is running RH9. We have > > 512Kb permanent connection to the internet. > > And you were testing a local subnet or a remote one ? Do you use the > nmap port scanner or something else ? (ie: the built-in ping). What does > nessusd.conf says when scanning a subnet vs. scanning a lone IP ? I was testing a remote one (ie. customer's subnet). I tried with the default Nessus settings, as well asl with some NIDS bypassing. Both yielded the same result. I did not really check nessusd.conf though .. and I don't have access to it right now. But I did not change anything in between both tests. tom
