Hi Jonathan. You may want to consider running nmap externally to do the port scans and OS version detection. Then, use that output to grep out anything non-Windows, then use the resulting data set as nmap results for Nessus to use for scanning.
~Jay On Thu, 1 Apr 2004, Jonathan C. Detert wrote: > Hello All, > > I'm scanning my employer's network with the hopes of limitting viral outbreaks > by identifying vulnerable Ms.Windows machines, and denying them dhcp > service. > > My problem is that my employer's network also has *BSD, MacOS, and Linux > machines, but I don't want to deny those machines dhcp service, even if > they have vulnerabilities, because I'm not worried about them spreading > virii. > > If I limit the plugins used in my scans to the 'Windows' family, then I > miss some plugins that I would like to use against Ms.Windows machines, > such as 11412, which is titled 'IIS : WebDAV Overflow (MS03-007)', and > which belongs to the 'Gain root remotely' family. But, if I enable the > 'Gain root remotely' family, then I also enable plugins that would be > applicable to those o.s.'s that I don't want to scan. > > So, is there a way to instruct nessus to only 'attack' hosts which it > believes are 'Ms.Win*' hosts? Or at least, to not 'attack' hosts which > it believes are not Ms.Win* hosts? > > Thanks > -- .. .. Jay Jacobson .. Edgeos, Inc. - 480.961.5996 - http://www.edgeos.com .. .. Managed Vulnerability Assessment .. Services for Information Security Professionals .. _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
