Here's what I'd do. "Enable all but Dangerous Plugins" unless it's a Lab environment, in which case you may enable All the Plugins. Do a Syn Scan Leave all the rest to defaults. You can also tell Nessus to NOT scan itself by excluding its IP from the range. Create a text file with a list of IPs to scan and exclude the IP that the scanner resides on. Then tell nessus to use that file as a list of IPs in the target tab of the client.
Also, the warning due to nessus on port 1241 is fine unless it shows up on machines other than the one running nessus daemon. Keyur -----Original Message----- From: Sridivya Babu [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 30, 2004 10:44 AM To: Darren Spruell Cc: [EMAIL PROTECTED] Subject: Re: nessus on command line > > When I run a nessus scan I get a security hole due to the nessus > > daemon running on port 1241. Is that fine or is there any way in > > which it can be avoided?(I'm using BSD) > > Like running the daemon on localhost, or on an interface you aren't > scanning, or firewalling that port from your scanning location..? > I'm scanning a subnet like 65.0.0.0/27 and am running both the client and the server on 65.0.0.14. so for the client its a local host... and the entire sub-network that the host belongs to is scanned. so was just wondering if the warning due to nessus on 1241 is fine! > > > > Further it takes a lot of time for the test to complete. I'm running > > nessus on commandline. Is there any way in which this time can be reduced? > > I tried running nmap first and then feeding the results of nmap to nessus. > > But that still takes a lot of time. I'm not sure if I'm doing this right. > > I'm setting the "nmap[file]" entry in the nessusrc file to point to > > the report file of nmap. Is there anything else that needs to be done? > > A long time to complete, for scanning how many hosts? Which plugins enabled? > > If you scan a class B subnet you will find it takes a long time. If > you scan a network of Linux servers and have a bunch of MS and > router/switch plugins enabled, it will take longer than it needs to. > > Your configuration is important to answering your question. a long time to complete scanning a 63 host sub-network(it takes around 2 days!!). I have enbled all the plugins. the network contins only FreeBSD boxes. I'm basically trying to feed the results of the nmap port-scan to nessus hoping that it will reduce the time... But I see that nessus still performs a port scan. thats why I'm not sure if I'm doing it right!( I have set "no" for all the plugins in the scanner set of .nessusrc except the one for nmap(10336) I'm trying to do the test in the shortest possible time. please let me know what is the best way to scan on commandline with all plugins enabled to scan all the 65535 ports. Thank you Divya _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
