Hello, I'm running a scan against a /16 checking for the MS03-039 vulnerability. A couple days ago, I ran the entire scan and it came back with about 3000 hosts vulnerable. The scan was conducted in the following manner..
# nessus -q -T nbe -c ms03-039.rc localhost 1241 \ username password network.txt results.nbe # cat network.txt 172.16.0.0/16 Unfortunately, all I see in the log is the following # tail /usr/local/nessus/var/nessus/logs/nessus.log [Mon Sep 15 20:42:32 2003][9829] user username : new KB will be saved as /usr/local/nessus/var/nessus/users/username/kbs/172.16.0.106 [Mon Sep 15 20:42:32 2003][31532] user username : new KB will be saved as /usr/local/nessus/var/nessus/users/username/kbs/172.16.0.7 Is there anyway to force the scan to run again on already-scanned hosts while keeping a record of each host? Here is my .rc file for the scan, as well as my server config -- thank you in advance for any pointers. Maybe I'm just braindead from all of the activity in the past month :-\ # cat ms03-039.rc # This file was automagically created by nessus trusted_ca = /path/to/nessus.pem nessusd_host = localhost nessusd_user = username paranoia_level = 1 begin(SCANNER_SET) 10180 = yes 10277 = no 10278 = no 10331 = no 10335 = no 10841 = no 10336 = no 10796 = no 11219 = no end(SCANNER_SET) begin(SERVER_PREFS) max_hosts = 192 max_checks = 128 log_whole_attack = yes cgi_path = /cgi-bin:/scripts:/c:/msadc:/ port_range = 1-65535 optimize_test = yes language = english checks_read_timeout = 5 non_simult_ports = 139, 445 plugins_timeout = 220 safe_checks = yes auto_enable_dependencies = no use_mac_addr = no save_knowledge_base = yes kb_restore = no only_test_hosts_whose_kb_we_dont_have = no only_test_hosts_whose_kb_we_have = no kb_dont_replay_scanners = no kb_dont_replay_info_gathering = no kb_dont_replay_attacks = no kb_dont_replay_denials = no kb_max_age = 10 plugin_upload = no plugin_upload_suffixes = .nasl admin_user = root save_session = yes save_empty_sessions = no host_expansion = ip ping_hosts = yes reverse_lookup = no detached_scan = no continuous_scan = no unscanned_closed = no diff_scan = no slice_network_addresses = no end(SERVER_PREFS) begin(SERVER_INFO) server_info_nessusd_version = 2.0.7 server_info_libnasl_version = 2.0.7 server_info_libnessus_version = 2.0.7 server_info_thread_manager = fork server_info_os = OpenBSD server_info_os_version = 3.3 end(SERVER_INFO) begin(RULES) end(RULES) begin(PLUGIN_SET) 10427 = no 11017 = no 10766 = no 10804 = no 11265 = no 10311 = no 11341 = no 10680 = no 11100 = no 11727 = no 11006 = no 11679 = no 10474 = no 10086 = no 10252 = no 10374 = no 10672 = no 10856 = no 10098 = no 10597 = no 11049 = no 10345 = no 10036 = no 11759 = no 10666 = no 11044 = no 11793 = no 11751 = no 11590 = no 11389 = no 10266 = no 11052 = no 11470 = no 10702 = no 11646 = no 10507 = no 10816 = no 10756 = no 10648 = no 11136 = no 11334 = no 11160 = no 11220 = no 11661 = no 11835 = yes 10984 = no 10323 = no 10483 = no 11767 = no 10357 = no 11373 = no 11292 = no 10401 = no 11347 = no 10863 = no 11402 = no 10870 = no 10289 = no 11427 = no 11353 = no 11739 = no 11225 = no 11562 = no 10652 = no 11131 = no 11623 = no 11476 = no 11359 = no 10891 = no 10416 = no 11678 = no 10109 = no 11625 = no 11425 = no 10546 = no 10200 = no 10145 = no 10830 = no 10935 = no 10755 = no 11376 = no 10708 = no 10808 = no 10384 = no 10547 = no 10865 = no 11257 = no 10455 = no 10921 = no 11127 = no 10567 = no 10736 = no 11221 = no 10171 = no 11700 = no 10365 = no 11323 = no 11390 = no 11637 = no 11800 = no 11452 = no 10372 = no 10650 = no 10470 = no 10308 = no 10936 = no 11540 = no 10510 = no 11504 = no 11563 = no 10029 = no 11258 = no 11534 = no 10551 = no 11473 = no 10929 = no 11211 = no 10701 = no 10703 = no 11377 = no 10739 = no 11015 = no 11723 = no 11050 = no 11135 = no 10705 = no 11058 = no 10831 = no 11138 = no 10123 = no 11628 = no 10225 = no 10746 = no 11424 = no 11022 = no 11481 = no 10538 = no 11069 = no 11410 = no 11230 = no 10641 = no 11331 = no 11728 = no 10411 = no 11618 = no 10148 = no 11012 = no 10678 = no 11771 = no 10247 = no 10787 = no 10146 = no 10498 = no 10876 = no 10717 = no 10961 = no 10114 = no 10679 = no 10725 = no 10586 = no 11126 = no 11073 = no 11605 = no 10242 = no 11754 = no 10206 = no 10744 = no 11289 = no 11332 = no 11075 = no 10016 = no 10975 = no 11492 = no 11614 = no 10073 = no 11107 = no 11794 = no 11108 = no 11396 = no 11493 = no 10028 = no 10962 = no 10434 = no 11642 = no 11125 = no 11363 = no 11550 = no 10826 = no 10698 = no 11827 = no 10958 = no 10071 = no 10008 = no 10528 = no 10791 = no 10275 = no 11503 = no 11785 = no 11638 = no 11584 = no 11129 = no 11309 = no 10523 = no 11430 = no 10436 = no 10913 = no 11229 = no 11322 = no 10488 = no 11036 = no 11698 = no 10438 = no 11174 = no 11474 = no 10022 = no 10956 = no 10715 = no 10977 = no 10193 = no 10042 = no 11585 = no 10750 = no 10385 = no 10906 = no 11622 = no 10950 = no 10312 = no 11117 = no 11570 = no 11455 = no 11557 = no 10710 = no 10797 = no 11832 = no 11343 = no 10482 = no 11249 = no 10133 = no 10205 = no 10210 = no 10049 = no 10604 = no 11412 = no 10653 = no 11137 = no 11158 = no 11736 = no 10391 = no 10639 = no 11753 = no 10140 = no 11788 = no 11495 = no 10854 = no 10274 = no 10654 = no 11613 = no 11033 = no 11205 = no 10326 = no 11209 = no 11719 = no 11770 = no 10360 = no 10138 = no 11521 = no 11351 = no 10776 = no 10090 = no 11415 = no 11460 = no 10526 = no 10593 = no 10170 = no 10835 = no 11532 = no 11167 = no 11505 = no 10505 = no 10504 = no 10043 = no 10945 = no 11165 = no 11496 = no 11477 = no 10369 = no 11256 = no 11365 = no 11552 = no 10772 = no 10161 = no 10235 = no 10622 = no 10418 = no 10942 = no 10282 = no 10306 = no 10509 = no 11706 = no 10520 = no 10174 = no 10472 = no 10607 = no 10875 = no 10557 = no 11735 = no 10473 = no 10837 = no 10677 = no 11596 = no 10064 = no 10938 = no 11297 = no 11183 = no 11490 = no 10544 = no 10349 = no 11406 = no 11760 = no 11217 = no 11451 = no 10801 = no 10763 = yes 11231 = no 10153 = no 11263 = no 10489 = no 11419 = no 10061 = no 10920 = no 11250 = no 10405 = no 11371 = no 10811 = no 11345 = no 11314 = no 10623 = no 10732 = no 10579 = no 11478 = no 10846 = no 11143 = no 10629 = no 10969 = no 10728 = no 10718 = no 10682 = no 10847 = no 11769 = no 10314 = no 11799 = no 10257 = no 10068 = no 10222 = no 11317 = no 10259 = no 11090 = no 11254 = no 10465 = no 10642 = no 11449 = no 11690 = no 10067 = no 10258 = no 11685 = no 11688 = no 10848 = no 11354 = no 11404 = no 10063 = no 11164 = no 10458 = no 10033 = no 11779 = no 11283 = no 10690 = no 10037 = no 10893 = no 11358 = no 10978 = no 10748 = no 10583 = no 10141 = no 11039 = no 10987 = no 11019 = no 11032 = no 11239 = no 11166 = no 10806 = no 10996 = no 11214 = no 11344 = no 11732 = no 10788 = no 11768 = no 10241 = no 10231 = no 11641 = no 11746 = no 11577 = no 10163 = no 10469 = no 10933 = no 11020 = no 11670 = no 10934 = no 10203 = no 10767 = no 10605 = no 11744 = no 11370 = no 11409 = no 10940 = no 11598 = no 10093 = no 11831 = no 11423 = no 11110 = no 10089 = no 10917 = no 10888 = no 11180 = no 11198 = no 11791 = no 10155 = no 11810 = no 10014 = no 11624 = no 11128 = no 10570 = no 10399 = no 10403 = no 11643 = no 10285 = no 11101 = no 11253 = no 11497 = no 11535 = no 10368 = no 11692 = no 11636 = no 10914 = no 10013 = no 10782 = no 10129 = no 10292 = no 10674 = no 10298 = no 10430 = no 10081 = no 11291 = no 11602 = no 10457 = no 10976 = no 11616 = no 10375 = no 10226 = no 11045 = no 11176 = no 10127 = no 11523 = no 10215 = no 11035 = no 10297 = no 10644 = no 10722 = no 10288 = no 10126 = no 10092 = no 11506 = no 10662 = no 11328 = no 10582 = no 11660 = no 11023 = no 10371 = no 10872 = no 10877 = no 11193 = no 10453 = no 10759 = no 11543 = no 10069 = no 10481 = no 11041 = no 10730 = no 10187 = no 10688 = no 10606 = no 10646 = no 10747 = no 11594 = no 11750 = no 10901 = no 10925 = no 10745 = no 10768 = no 10694 = no 11203 = no 11680 = no 10339 = no 10832 = no 10443 = no 10027 = no 11609 = no 10254 = no 10217 = no 10382 = no 10572 = no 11185 = no 10188 = no 11173 = no 10433 = no 11333 = no 10347 = no 11682 = no 11087 = no 10754 = no 11468 = no 10343 = no 11102 = no 11277 = no 11418 = no 11178 = no 10172 = no 10320 = no 11150 = no 11064 = no 10044 = no 11383 = no 10615 = no 11120 = no 10513 = no 10046 = no 11445 = no 11589 = no 11671 = no 10196 = no 11320 = no 11298 = no 10277 = no 10276 = no 10359 = no 11687 = no 11315 = no 11086 = no 11805 = no 11224 = no 10032 = no 10054 = no 11436 = no 11586 = no 11168 = no 10216 = no 11324 = no 10676 = no 10212 = no 11001 = no 10575 = no 10087 = no 11701 = no 10156 = no 10563 = no 10922 = no 11435 = no 11392 = no 11195 = no 11118 = no 11726 = no 10764 = no 10840 = no 11200 = no 11177 = no 10683 = no 11457 = no 11181 = no 11761 = no 10055 = no 10697 = no 10655 = no 11161 = no 11707 = no 11762 = no 11515 = no 11124 = no 10923 = no 10251 = no 11422 = no 11116 = no 11555 = no 11267 = no 10262 = no 10617 = no 11062 = no 10553 = no 10765 = no 11640 = no 10495 = no 11653 = no 11836 = no 10667 = no 11302 = no 11595 = no 10892 = no 10236 = no 10413 = no 11274 = no 11663 = no 11600 = no 11568 = no 10386 = no 10404 = no 10636 = no 11703 = no 11480 = no 10218 = no 11699 = no 11216 = no 10918 = no 11487 = no 11076 = no 10651 = no 11245 = no 11510 = no 11316 = no 10417 = no 11270 = no 10240 = no 11502 = no 11340 = no 10995 = no 10537 = no 11738 = no 10720 = no 11820 = no 10897 = no 11489 = no 10930 = no 11787 = no 11612 = no 11745 = no 11539 = no 10230 = no 11469 = no 11260 = no 11235 = no 10077 = no 10771 = no 11223 = no 11140 = no 10162 = no 10122 = no 10727 = no 11175 = no 11790 = yes 11179 = no 10004 = no 10508 = no 10402 = no 11244 = no 11516 = no 10545 = no 10883 = no 10684 = no 10738 = no 11387 = no 11461 = no 11421 = no 10106 = no 10272 = no 11148 = no 11581 = no 10515 = no 10867 = no 10390 = no 11696 = no 10954 = no 10419 = no 11349 = no 10588 = no 10506 = no 11246 = no 10637 = no 11772 = no 11797 = no 10295 = no 10229 = no 10611 = no 10487 = no 10454 = no 10533 = no 10177 = no 10911 = no 10219 = no 11364 = no 11686 = no 10527 = no 11651 = no 11669 = no 11348 = no 11416 = no 10742 = no 10986 = no 10500 = no 10569 = no 11342 = no 11465 = no 10786 = no 10631 = no 11629 = no 10178 = no 10532 = no 11306 = no 10919 = no 11051 = no 11765 = no 10380 = no 11482 = no 10985 = no 10973 = no 10101 = no 10839 = no 10154 = no 10406 = no 10468 = no 10972 = no 10485 = no 11264 = no 10861 = no 11145 = no 10011 = no 10023 = no 11327 = no 11533 = no 10592 = no 10790 = no 10355 = no 10932 = no 10322 = no 10333 = no 10620 = no 11042 = no 10018 = no 11431 = no 10559 = no 11599 = no 10449 = no 10352 = no 10552 = no 10536 = no 10595 = no 10511 = no 10394 = no 10959 = no 10558 = no 11714 = no 11567 = no 10960 = no 10741 = no 10459 = no 11463 = no 10232 = no 11828 = no 10843 = no 11241 = no 11632 = no 10903 = no 11627 = no 10565 = no 11544 = no 11312 = no 11713 = no 10800 = no 10633 = no 10420 = no 11182 = no 10713 = no 10144 = no 10329 = no 11228 = no 10982 = no 10712 = no 11453 = no 11467 = no 11559 = no 10431 = no 10484 = no 11621 = no 11748 = no 11335 = no 11060 = no 10327 = no 11588 = no 10350 = no 10707 = no 11603 = no 11522 = no 10827 = no 11494 = no 10681 = no 11654 = no 11028 = no 10075 = no 11657 = no 10428 = no 10330 = no 10499 = no 10735 = no 11047 = no 11441 = no 11063 = no 10496 = no 10729 = no 11644 = no 11299 = no 11078 = no 10078 = no 10740 = no 10670 = no 11210 = no 11626 = no 10926 = no 11338 = no 11818 = no 10924 = no 11381 = no 10657 = no 11668 = no 11096 = no 11413 = no 10548 = no 10466 = no 11199 = no 10039 = no 10025 = no 11311 = no 10435 = no 10564 = no 11702 = no 10894 = no 10462 = no 11393 = no 11386 = no 11538 = no 10290 = no 10908 = no 11397 = no 11237 = no 11310 = no 11587 = no 10589 = no 11775 = no 10501 = no 10279 = no 10113 = no 11407 = no 11809 = no 11242 = no 10407 = no 10220 = no 10052 = no 10798 = no 11755 = no 10619 = no 11667 = no 10316 = no 11647 = no 10686 = no 11414 = no 10818 = no 10751 = no 11155 = no 10429 = no 10916 = no 10663 = no 10001 = no 10494 = no 11556 = no 11141 = no 11426 = no 10116 = no 10778 = no 10878 = no 11674 = no 10991 = no 11184 = no 10293 = no 11440 = no 10072 = no 10497 = no 10017 = no 11000 = no 10529 = no 10341 = no 11380 = no 11518 = no 10685 = no 10194 = no 10999 = no 11695 = no 11520 = no 10895 = no 11408 = no 11021 = no 10596 = no 11259 = no 10731 = no 10121 = no 11399 = no 10981 = no 10392 = no 11232 = no 10056 = no 10836 = no 10821 = no 11694 = no 10590 = no 11085 = no 11123 = no 10286 = no 10281 = no 10396 = no 10540 = no 11038 = no 11369 = no 10675 = no 11725 = no 11236 = no 11280 = no 11130 = no 10577 = no 11446 = no 11010 = no 10656 = no 10762 = no 10342 = no 10065 = no 10627 = no 10191 = no 10354 = no 11382 = no 11374 = no 10714 = no 10941 = no 10147 = no 11814 = no 11803 = no 11352 = no 10562 = no 11112 = no 10214 = no 10409 = no 10852 = no 11275 = no 10777 = no 10773 = no 10574 = no 10152 = no 10383 = no 11752 = no 10810 = no 10946 = no 10057 = no 10167 = no 11262 = no 10117 = no 11134 = no 11119 = no 10943 = no 11207 = no 11079 = no 10814 = no 11684 = no 10050 = no 11293 = no 11133 = no 10168 = no 10554 = no 10283 = no 11279 = no 10302 = no 10291 = no 11159 = no 11068 = no 11305 = no 11398 = no 10183 = no 11655 = no 11710 = no 10444 = no 10450 = no 10649 = no 11227 = no 11003 = no 10471 = no 11059 = no 10965 = no 11301 = no 11801 = no 11704 = no 10321 = no 10531 = no 11583 = no 10125 = no 11672 = no 10160 = no 11139 = no 10238 = no 10900 = no 10041 = no 10201 = no 10517 = no 10871 = no 11014 = no 11608 = no 10304 = no 11218 = no 10944 = no 11405 = no 10278 = no 10195 = no 11355 = no 11630 = no 10221 = no 11798 = no 11196 = no 10351 = no 10244 = no 11824 = no 11778 = no 10784 = no 11780 = no 10305 = no 10213 = no 10460 = no 10695 = no 11428 = no 10317 = no 11233 = no 10166 = no 11215 = no 11247 = no 10410 = no 10476 = no 11388 = no 11519 = no 11766 = no 10363 = no 10120 = no 11286 = no 10602 = no 11088 = no 10132 = no 11817 = no 10964 = no 11004 = no 10630 = no 10809 = no 10530 = no 11278 = no 10889 = no 11464 = no 11114 = no 10207 = no 10006 = no 10189 = no 10030 = no 10186 = no 11092 = no 10585 = no 10716 = no 11288 = no 11564 = no 11576 = no 11066 = no 10408 = no 10928 = no 10395 = no 10245 = no 10223 = no 11266 = no 10021 = no 10002 = no 11439 = no 10691 = no 11757 = no 11711 = no 11080 = no 11095 = no 10452 = no 11084 = no 10224 = no 10344 = no 11724 = no 10696 = no 11362 = no 11104 = no 10795 = no 11057 = no 11716 = no 10881 = no 10860 = no 11747 = no 10609 = no 10581 = no 10757 = no 11401 = no 10199 = no 10535 = no 10781 = no 11709 = no 11379 = no 10340 = no 11053 = no 11776 = no 11447 = no 10819 = no 11693 = no 10309 = no 10440 = no 10882 = no 10774 = no 10115 = no 10300 = no 10502 = no 10734 = no 11197 = no 11526 = no 10084 = no 11056 = no 10971 = no 10412 = no 11617 = no 11607 = no 10711 = no 11272 = no 11169 = no 11743 = no 10866 = no 11411 = no 11816 = no 11517 = no 10665 = no 11665 = no 10467 = no 11013 = no 11190 = no 10026 = no 10994 = no 10197 = no 10561 = no 10880 = no 11438 = no 10118 = no 10539 = no 10775 = no 11676 = no 10580 = no 10271 = no 10370 = no 11781 = no 10364 = no 10268 = no 10157 = no 10110 = no 11420 = no 10456 = no 10378 = no 10031 = no 10668 = no 11458 = no 10543 = no 10451 = no 10974 = no 10192 = no 10812 = no 10802 = no 11834 = no 10366 = no 11202 = no 11009 = no 10542 = no 10088 = no 11162 = no 10414 = no 10211 = no 11825 = no 11652 = no 10348 = no 11356 = no 10124 = no 10828 = no 10534 = no 11606 = no 11099 = no 11488 = no 11360 = no 10613 = no 11829 = no 10645 = no 10823 = no 11082 = no 10912 = no 11764 = no 10770 = no 11712 = no 11261 = no 10522 = no 11485 = no 10638 = no 10997 = no 11098 = no 10270 = no 10915 = no 10783 = no 11635 = no 10038 = no 11683 = no 10898 = no 10851 = no 11304 = no 11691 = no 11303 = no 11367 = no 10902 = no 11830 = no 11697 = no 10855 = no 10576 = no 11149 = no 10104 = no 10080 = no 11749 = no 11498 = no 11553 = no 11633 = no 11018 = no 10051 = no 10475 = no 11170 = no 10301 = no 11645 = no 11400 = no 11048 = no 10873 = no 10182 = no 10803 = no 11796 = no 10723 = no 10307 = no 10108 = no 11295 = no 11722 = no 10353 = no 11152 = no 10332 = no 11206 = no 10256 = no 10019 = no 10142 = no 11271 = no 11615 = no 11089 = no 10102 = no 10062 = no 10521 = no 11619 = no 10249 = no 10003 = no 10400 = no 11756 = no 11285 = no 10700 = no 11582 = no 10376 = no 10103 = no 10568 = no 10603 = no 10671 = no 11106 = no 11011 = no 10699 = no 10758 = no 10099 = no 10228 = no 10519 = no 11222 = no 10441 = no 10425 = no 10857 = no 10541 = no 11731 = no 11575 = no 11631 = no 11290 = no 10514 = no 11450 = no 10612 = no 11486 = no 10269 = no 10185 = no 10303 = no 11339 = no 10356 = no 11071 = no 11016 = no 10948 = no 11091 = no 10661 = no 11773 = no 10439 = no 10393 = no 11720 = no 11074 = no 11043 = no 10753 = no 11737 = no 10179 = no 10886 = no 10525 = no 10058 = no 11730 = no 10009 = no 11330 = no 11578 = no 10035 = no 11212 = no 11648 = no 11662 = no 11804 = no 10591 = no 10493 = no 10927 = no 10012 = no 11300 = no 11507 = no 11554 = no 11546 = no 11097 = no 10024 = no 10573 = no 11366 = no 11611 = no 10130 = no 11268 = no 10070 = no 11142 = no 10947 = no 10931 = no 11675 = no 10780 = no 11307 = no 11471 = no 11508 = no 11649 = no 10884 = no 10313 = no 11548 = no 11806 = no 10381 = no 10287 = no 10315 = no 10150 = no 11238 = no 10389 = no 11558 = no 11077 = no 11113 = no 11545 = no 10556 = no 10793 = no 10477 = no 10687 = no 10618 = no 10555 = no 11547 = no 10237 = no 11717 = no 10647 = no 11308 = no 11034 = no 10074 = no 10053 = no 11561 = no 10045 = no 11634 = no 10159 = no 10137 = no 11741 = no 11601 = no 10358 = no 11591 = no 11456 = no 10128 = no 10151 = no 11566 = no 11204 = no 10105 = no 11448 = no 11466 = no 11786 = no 10549 = no 10660 = no 11444 = no 10789 = no 11681 = no 11403 = no 10578 = no 11187 = no 11417 = no 11782 = no 10094 = no 10859 = no 10761 = no 10248 = no 11378 = no 11007 = no 11499 = no 11597 = no 10785 = no 11255 = no 11527 = no 11194 = no 10980 = no 10737 = no 10516 = no 11375 = no 11282 = no 11192 = no 11147 = no 11574 = no 11284 = no 10970 = no 10993 = no 11513 = no 10426 = no 10095 = no 10007 = no 11549 = no 10246 = no 10096 = no 10020 = no 11443 = no 11395 = no 11475 = no 10905 = no 11580 = no 10325 = no 11459 = no 11715 = no 10849 = no 10079 = no 11639 = no 11248 = no 10284 = no 10635 = no 10388 = no 10486 = no 10202 = no 10937 = no 11046 = no 10047 = no 10669 = no 11821 = no 10034 = no 11122 = no 11030 = no 11121 = no 10951 = no 11105 = no 10346 = no 10899 = no 10968 = no 11394 = no 10614 = no 10910 = no 10704 = no 11372 = no 10135 = no 11188 = no 10601 = no 11434 = no 11276 = no 10844 = no 11070 = no 10324 = no 10584 = no 11718 = no 11454 = no 10442 = no 11811 = no 10422 = no 10833 = no 10820 = no 11294 = no 11002 = no 10239 = no 11252 = no 11815 = no 10983 = no 11146 = no 11432 = no 10373 = no 10743 = no 10464 = no 11664 = no 10550 = no 10250 = no 11677 = no 11484 = no 11511 = no 10693 = no 10421 = no 11005 = no 11361 = no 10361 = no 10794 = no 10909 = no 10048 = no 10904 = no 11592 = no 10233 = no 10204 = no 11357 = no 11111 = no 10673 = no 11243 = no 11593 = no 11163 = no 11500 = no 11813 = no 11154 = no 10721 = no 11157 = no 10398 = no 10085 = no 10769 = no 11072 = no 11531 = no 11287 = no 11541 = no 11391 = no 10939 = no 10853 = no 11708 = no 10966 = no 11319 = no 10616 = no 11037 = no 11610 = no 10640 = no 10492 = no 11094 = no 10988 = no 11650 = no 10634 = no 10379 = no 10319 = no 11512 = no 10524 = no 11226 = no 10706 = no 11326 = no 11208 = no 11329 = no 10491 = no 10119 = no 11822 = no 11442 = no 10294 = no 10318 = no 10632 = no 11491 = no 11201 = no 11240 = no 11537 = no 11171 = no 10566 = no 10807 = no 11350 = no 10432 = no 10208 = no 10461 = no 11067 = no 10709 = no 10243 = no 10463 = no 10265 = no 10190 = no 10149 = no 11321 = no 10377 = no 11054 = no 11789 = no 11783 = no 11296 = no 10838 = no 11740 = no 10817 = no 10799 = no 11065 = no 10896 = no 10175 = no 10724 = no 11525 = no 11792 = no 11061 = no 10165 = no 10173 = no 10990 = no 10957 = no 10143 = no 10076 = no 10963 = no 11524 = no 11733 = no 11031 = no 10059 = no 10479 = no 11742 = no 10503 = no 10518 = no 11325 = no 11689 = no 10164 = no 11808 = no 10437 = no 11144 = no 11153 = no 10594 = no 11569 = no 10091 = no 11774 = no 10447 = no 11573 = no 10263 = no 11213 = no 10752 = no 10181 = no 10480 = no 10060 = no 10664 = no 11763 = no 11368 = no 10874 = no 10979 = no 11729 = no 10082 = no 11542 = no 11337 = no 10100 = no 10253 = no 10107 = no 11812 = no 10858 = no 11281 = no 11509 = no 10610 = no 10264 = no 10260 = no 11156 = no 11784 = no 11027 = no 11318 = no 11251 = no 11029 = no 10040 = no 11429 = no 10659 = no 10658 = no 10415 = no 10176 = no 11530 = no 10779 = no 10625 = no 11109 = no 11115 = no 10136 = no 11313 = no 11384 = no 11802 = no 10628 = no 10689 = no 10111 = no 10299 = no 11234 = no 11026 = no 11472 = no 10158 = no 10822 = no 10367 = no 11479 = no 10719 = no 10184 = no 10733 = no 10387 = no 10310 = no 10600 = no 10949 = no 10131 = no 10998 = no 10097 = no 10198 = no 10512 = no 10760 = no 11673 = no 10169 = no 10273 = no 11083 = no 11483 = no 11572 = no 11666 = no 11433 = no 10967 = no 10234 = no 11273 = no 11658 = no 10227 = no 10362 = no 11565 = no 10879 = no 11734 = no 10267 = no 11081 = no 10907 = no 11536 = no 10989 = no 11040 = no 11191 = no 10112 = no 10692 = no 11385 = no 11758 = no 11620 = no 10296 = no 11514 = no 10209 = no 10626 = no 11579 = no 10338 = no 10608 = no 10890 = no 10424 = no 11560 = no 11336 = no 11819 = no 10423 = no 10560 = no 10862 = no 10478 = no 10255 = no 11833 = no 10280 = no 11777 = no 10805 = no 10885 = no 11151 = no 11462 = no 10397 = no 10083 = no 10010 = no 10829 = no 10134 = no 11008 = no 11346 = no 11656 = no 11807 = no 11604 = no 10015 = no 10490 = no 10953 = no 11528 = no 10445 = no 11705 = no 10139 = no 11721 = no 11795 = no 10850 = no 11659 = no 11501 = no 11093 = no 11437 = no 11024 = no 10261 = no 10066 = no 10815 = no 10005 = no end(PLUGIN_SET) begin(PLUGINS_PREFS) RedHat 6.2 inetd[radio]:Testing method = quick and dirty Login configurations[entry]:FTP account : = anonymous Login configurations[password]:FTP password (sent in clear) : = [EMAIL PROTECTED] Login configurations[entry]:FTP writeable directory : = /incoming Login configurations[checkbox]:Never send SMB credentials in clear text = yes Test HTTP dangerous methods[checkbox]:Integrist test = no Misc information on News server[entry]:From address : = Nessus <[EMAIL PROTECTED]> Misc information on News server[entry]:Test group name regex : = f[a-z]\.tests? Misc information on News server[entry]:Max crosspost : = 7 Misc information on News server[checkbox]:Local distribution = yes Misc information on News server[checkbox]:No archive = no SMB Scope[checkbox]:Request information about the domain = yes SMB use domain SID to enumerate users[entry]:Start UID : = 1000 SMB use domain SID to enumerate users[entry]:End UID : = 2000 Web mirroring[entry]:Number of pages to mirror : = 20 Web mirroring[entry]:Start page : = / Services[entry]:Number of connections done in parallel : = 5 Services[entry]:Network connection timeout : = 5 Services[entry]:Network read/write timeout : = 5 Services[entry]:Wrapped service read timeout : = 2 Services[radio]:Test SSL based services = All Services[checkbox]:Quick SOCKS proxy checking = yes SMTP settings[entry]:Third party domain : = nessus.org SMTP settings[entry]:From address : = [EMAIL PROTECTED] SMTP settings[entry]:To address : = [EMAIL PROTECTED] NIDS evasion[radio]:TCP evasion technique = none NIDS evasion[checkbox]:Send fake RST when establishing a TCP connection = no SMB use host SID to enumerate local users[entry]:Start UID : = 1000 SMB use host SID to enumerate local users[entry]:End UID : = 1200 HTTP login page[entry]:Login page : = / HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS% ftp writeable directories[radio]:How to check if directories are writeable : = Trust the permissions (drwxrwx---) Libwhisker options[radio]:IDS evasion technique: = X (none) Brute force login (Hydra)[entry]:Number of simultaneous connections : = 4 Brute force login (Hydra)[checkbox]:Brute force telnet = no Brute force login (Hydra)[checkbox]:Brute force FTP = no Brute force login (Hydra)[checkbox]:Brute force POP3 = no Brute force login (Hydra)[checkbox]:Brute force IMAP = no Brute force login (Hydra)[checkbox]:Brute force cisco = no Brute force login (Hydra)[checkbox]:Brute force cisco-enable = no Brute force login (Hydra)[checkbox]:Brute force VNC = no Brute force login (Hydra)[checkbox]:Brute force SOCKS 5 = no Brute force login (Hydra)[checkbox]:Brute force rexec = no Brute force login (Hydra)[checkbox]:Brute force NNTP = no Brute force login (Hydra)[checkbox]:Brute force HTTP = no Brute force login (Hydra)[checkbox]:Brute force ICQ = no Brute force login (Hydra)[checkbox]:Brute force PCNFS = no Brute force login (Hydra)[checkbox]:Brute force SMB = no Brute force login (Hydra)[checkbox]:Brute force LDAP = no HTTP NIDS evasion[checkbox]:Use HTTP HEAD instead of GET = no HTTP NIDS evasion[radio]:URL encoding = none HTTP NIDS evasion[radio]:Absolute URI type = none HTTP NIDS evasion[radio]:Absolute URI host = none HTTP NIDS evasion[checkbox]:Double slashes = no HTTP NIDS evasion[radio]:Reverse traversal = none HTTP NIDS evasion[checkbox]:Self-reference directories = no HTTP NIDS evasion[checkbox]:Premature request ending = no HTTP NIDS evasion[checkbox]:CGI.pm semicolon separator = no HTTP NIDS evasion[checkbox]:Parameter hiding = no HTTP NIDS evasion[checkbox]:Dos/Windows syntax = no HTTP NIDS evasion[checkbox]:Null method = no HTTP NIDS evasion[checkbox]:TAB separator = no HTTP NIDS evasion[checkbox]:HTTP/0.9 requests = no Nmap[radio]:TCP scanning technique : = connect() Nmap[checkbox]:UDP port scan = no Nmap[checkbox]:RPC port scan = no Nmap[checkbox]:Ping the remote host = yes Nmap[checkbox]:Identify the remote OS = yes Nmap[checkbox]:Use hidden option to identify the remote OS = yes Nmap[checkbox]:Fragment IP packets (bypasses firewalls) = no Nmap[checkbox]:Get Identd info = no Nmap[radio]:Port range = User specified range Nmap[checkbox]:Do not randomize the order in which ports are scanned = yes Nmap[entry]:Source port : = any Nmap[entry]:Ports scanned in parallel (max) = 128 Nmap[radio]:Timing policy : = Normal Ping the remote host[entry]:TCP ping destination port(s) : = 135 Ping the remote host[checkbox]:Do a TCP ping = yes Ping the remote host[checkbox]:Do an ICMP ping = yes Ping the remote host[entry]:Number of retries (ICMP) : = 5 Ping the remote host[checkbox]:Make the dead hosts appear in the report = no Login configurations[checkbox]:Only use NTLMv2 = no HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS% HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS% HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS% HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS% HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS% HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS% HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS% HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS% Services[file]:SSL certificate : = Services[file]:SSL private key : = Services[password]:PEM password : = Services[file]:CA file : = Login configurations[entry]:HTTP account : = Login configurations[password]:HTTP password (sent in clear) : = Login configurations[entry]:NNTP account : = Login configurations[password]:NNTP password (sent in clear) : = Login configurations[entry]:POP2 account : = Login configurations[password]:POP2 password (sent in clear) : = Login configurations[entry]:POP3 account : = Login configurations[password]:POP3 password (sent in clear) : = Login configurations[entry]:IMAP account : = Login configurations[password]:IMAP password (sent in clear) : = Login configurations[entry]:SMB account : = Login configurations[password]:SMB password : = Login configurations[entry]:SMB domain (optional) : = Login configurations[entry]:SNMP community (sent in clear) : = Brute force login (Hydra)[file]:Logins file : = Brute force login (Hydra)[file]:Passwords file : = Brute force login (Hydra)[entry]:Web page to brute force : = HTTP login page[entry]:Login form : = HTTP login page[entry]:Login form fields : = user=%USER%&pass=%PASS% HTTP NIDS evasion[entry]:HTTP User-Agent = HTTP NIDS evasion[entry]:Force protocol string : = end(PLUGINS_PREFS) # cat /usr/local/nessus/etc/nessus/nessusd.conf # Configuration file of the Nessus Security Scanner # Every line starting with a '#' is a comment # Path to the security checks folder : plugins_folder = /usr/local/nessus/lib/nessus/plugins # Maximum number of simultaneous hosts tested : max_hosts = 192 # Maximum number of simultaneous checks against each host tested : max_checks = 128 # Niceness. If set to 'yes', nessusd will renice itself to 10. be_nice = no # Log file (or 'syslog') : logfile = /usr/local/nessus/var/nessus/logs/nessusd.messages # Shall we log every details of the attack ? log_whole_attack = yes # Log the name of the plugins that are loaded by the server ? log_plugins_name_at_load = no # Dump file for debugging output, use `-' for stdout dumpfile = /usr/local/nessus/var/nessus/logs/nessusd.dump # Rules file : rules = /usr/local/nessus/etc/nessus/nessusd.rules # Users database : users = /usr/local/nessus/etc/nessus/nessusd.users # CGI paths to check for (cgi-bin:/cgi-aws:/ can do) cgi_path = /cgi-bin:/scripts:/cgi:/msadc:/c:/ # Range of the ports the port scanners will scan : # 'default' means that Nessus will scan ports found in its # services file. port_range = 1-65535 # Optimize the test (recommanded) : optimize_test = yes # Language of the plugins : language = english # Optimization : # Read timeout for the sockets of the tests : checks_read_timeout = 5 # Ports against which two plugins should not be run simultaneously : # non_simult_ports = Services/www, 139, Services/finger non_simult_ports = 139, 445 # Maximum lifetime of a plugin (in seconds) : plugins_timeout = 120 # Safe checks rely on banner grabbing : safe_checks = no # Automatically activate the plugins that are depended on auto_enable_dependencies = yes # Designate hosts by MAC address, not IP address (useful for DHCP networks) use_mac_addr = no #--- Knowledge base saving (can be configured by the client) : # Save the knowledge base on disk : save_knowledge_base = yes # Restore the KB for each test : kb_restore = yes # Only test hosts whose KB we do not have : only_test_hosts_whose_kb_we_dont_have = no # Only test hosts whose KB we already have : only_test_hosts_whose_kb_we_have = no # KB test replay : kb_dont_replay_scanners = no kb_dont_replay_info_gathering = no kb_dont_replay_attacks = no kb_dont_replay_denials = no kb_max_age = 18000 #--- end of the KB section # Can users upload their plugins ? plugin_upload = no # Suffixes of the plugins the user can upload : plugin_upload_suffixes = .nasl, .inc # Name of the user who can remotely update the plugins admin_user = root # If this option is set, Nessus will not scan a network incrementally # (10.0.0.1, then 10.0.0.2, 10.0.0.3 and so on..) but will attempt to # slice the workload throughout the whole network (ie: it will scan # 10.0.0.1, then 10.0.0.127, then 10.0.0.2, then 10.0.0.128 and so on... slice_network_addresses = no #end. # # Added by nessus-mkcert # cert_file=/usr/local/nessus/com/nessus/CA/servercert.pem key_file=/usr/local/nessus/var/nessus/CA/serverkey.pem ca_file=/usr/local/nessus/com/nessus/CA/cacert.pem # If you decide to protect your private key with a password, # uncomment and change next line # pem_password=password # If you want to force the use of a client certificate, uncomment next line # force_pubkey_auth = yes
