> I think I know the answer to this, but I need > to be sure. > > nessus detects and identifies services that are > running on non-standard ports. Is this true even > when the non-standard port is a reserved port? > Say, a web server running on a port in the 600s?
yes. As long as you ran nmap and nessus knows its an open port. Prior to nessus running the tests, it looks at all open ports that were found by nmap and tries to figure out what is running on it. It then logs that info into the kb database and uses THAT info (in the kb database) to run tests. ie, all 'web servers' regardless of port are tested for web server problems. -- Michael Scheidell SECNAP Network Security, LLC Main: 561-368-9561 / www.secnap.net Looking for a career in Internet security? http://www.secnap.net/employment/
