Why not run a packet dump? So, prior to running your scan, you do something like: snort -dvi eth0 src or dst IP where 'IP' is the IP of the host which is not getting scanned. You can also use tcpdump (if snort is not installed), t/ethereal, sniffit, etc.
Clean up your results and post them here... John Lampe jwlampe -at- nessus.org http://f00dikator.aceryder.com/ On Wed, 28 Jan 2004, Paul Johnston wrote: > Hi, > > The ping_host.nasl plugin does more than just an ICMP ping, it also > solicits responses from common TCP ports > > I suggest you just turn off "ping the remote host" to force the scan. > > Paul > > > > Ravi Verma wrote: > > >Dear Tom: > > > >Thanks a lot for your response. > > > >We have Linux firewalls on all the servers. Firewall rules prevent > >servers from responding to icmp-echo or ping. Still, 4 of the 5 servers > >respond to nessus scan. It is one particular server which nessus fails > >to scan. > > > >Any other idea? Has anybody else on this list encountered this behavior? > > > >Regards. > > > >Ravi Verma > >9167053261 > > > > > -- > Paul Johnston > Internet Security Specialist > Westpoint Limited > Albion Wharf, 19 Albion Street, > Manchester, M1 5LN > England > Tel: +44 (0)161 237 1028 > Fax: +44 (0)161 237 1031 > email: [EMAIL PROTECTED] > web: www.westpoint.ltd.uk > > > _______________________________________________ > Nessus mailing list > [EMAIL PROTECTED] > http://mail.nessus.org/mailman/listinfo/nessus > _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
