> On Wed, Nov 10, 2004 at 10:32:56AM -0600, Sawall, Christopher L wrote: > > > > begin(SERVER_INFO) > > server_info_nessusd_version = 2.2.0 server_info_libnasl_version = > > 2.2.0 server_info_libnessus_version = 2.2.0 > > server_info_thread_manager = fork > > server_info_os = Linux > > server_info_os_version = 2.6.8-1.521smp > > end(SERVER_INFO) > > Send the PLUGINS_PREFS section from your .nessusrc file as > well please.
Here are the PLUGIN_PREFS. More details from the strace to follow. begin(PLUGINS_PREFS) Brute force login (Hydra)[entry]:Number of simultaneous connections : = 4 Brute force login (Hydra)[checkbox]:Brute force telnet = no Brute force login (Hydra)[checkbox]:Brute force FTP = no Brute force login (Hydra)[checkbox]:Brute force POP3 = no Brute force login (Hydra)[checkbox]:Brute force IMAP = no Brute force login (Hydra)[checkbox]:Brute force cisco = no Brute force login (Hydra)[checkbox]:Brute force cisco-enable = no Brute force login (Hydra)[checkbox]:Brute force VNC = no Brute force login (Hydra)[checkbox]:Brute force SOCKS 5 = no Brute force login (Hydra)[checkbox]:Brute force rexec = no Brute force login (Hydra)[checkbox]:Brute force NNTP = no Brute force login (Hydra)[checkbox]:Brute force HTTP = no Brute force login (Hydra)[checkbox]:Brute force ICQ = no Brute force login (Hydra)[checkbox]:Brute force PCNFS = no Brute force login (Hydra)[checkbox]:Brute force SMB = no Brute force login (Hydra)[checkbox]:Brute force LDAP = no Login configurations[entry]:FTP account : = anonymous Login configurations[password]:FTP password (sent in clear) : = [EMAIL PROTECTED] Login configurations[entry]:FTP writeable directory : = /incoming Login configurations[checkbox]:Never send SMB credentials in clear text = yes Login configurations[checkbox]:Only use NTLMv2 = no Services[entry]:Number of connections done in parallel : = 5 Services[entry]:Network connection timeout : = 5 Services[entry]:Network read/write timeout : = 5 Services[entry]:Wrapped service read timeout : = 2 Services[radio]:Test SSL based services = All Global variable settings[checkbox]:Enable experimental scripts = no Global variable settings[checkbox]:Thorough tests (slow) = no Global variable settings[radio]:Report verbosity = Normal Global variable settings[radio]:Report paranoia = Normal Global variable settings[radio]:Log verbosity = Normal Global variable settings[entry]:Debug level = 0 SMB Scope[checkbox]:Request information about the domain = yes HTTP NIDS evasion[checkbox]:Use HTTP HEAD instead of GET = no HTTP NIDS evasion[radio]:URL encoding = none HTTP NIDS evasion[radio]:Absolute URI type = none HTTP NIDS evasion[radio]:Absolute URI host = none HTTP NIDS evasion[checkbox]:Double slashes = no HTTP NIDS evasion[radio]:Reverse traversal = none HTTP NIDS evasion[checkbox]:Self-reference directories = no HTTP NIDS evasion[checkbox]:Premature request ending = no HTTP NIDS evasion[checkbox]:CGI.pm semicolon separator = no HTTP NIDS evasion[checkbox]:Parameter hiding = no HTTP NIDS evasion[checkbox]:Dos/Windows syntax = no HTTP NIDS evasion[checkbox]:Null method = no HTTP NIDS evasion[checkbox]:TAB separator = no HTTP NIDS evasion[checkbox]:HTTP/0.9 requests = no HTTP NIDS evasion[checkbox]:Random case sensitivity (Nikto only) = no SMTP settings[entry]:Third party domain : = example.com SMTP settings[entry]:From address : = [EMAIL PROTECTED] SMTP settings[entry]:To address : = [EMAIL PROTECTED] ftp writeable directories[radio]:How to check if directories are writeable : = Trust the permissions (drwxrwx---) SMB use domain SID to enumerate users[entry]:Start UID : = 1000 SMB use domain SID to enumerate users[entry]:End UID : = 1200 SSH settings[entry]:SSH user name : = root Unknown CGIs arguments torture[checkbox]:Send POST requests = no HTTP login page[entry]:Login page : = / HTTP login page[entry]:Login form fields : = user=%USER%&pass=%PASS% SMB use host SID to enumerate local users[entry]:Start UID : = 1000 SMB use host SID to enumerate local users[entry]:End UID : = 1200 Misc information on News server[entry]:From address : = Nessus <[EMAIL PROTECTED]> Misc information on News server[entry]:Test group name regex : = f[a-z]\.tests? Misc information on News server[entry]:Max crosspost : = 7 Misc information on News server[checkbox]:Local distribution = yes Misc information on News server[checkbox]:No archive = no NIDS evasion[radio]:TCP evasion technique = none NIDS evasion[checkbox]:Send fake RST when establishing a TCP connection = no Web mirroring[entry]:Number of pages to mirror : = 200 Web mirroring[entry]:Start page : = / snmpwalk 'scanner'[entry]:Community name : = public snmpwalk 'scanner'[radio]:SNMP protocol : = 1 snmpwalk 'scanner'[radio]:SNMP transport layer : = udp Ping the remote host[entry]:TCP ping destination port(s) : = built-in Ping the remote host[checkbox]:Do a TCP ping = yes Ping the remote host[checkbox]:Do an ICMP ping = no Ping the remote host[entry]:Number of retries (ICMP) : = 10 Ping the remote host[checkbox]:Make the dead hosts appear in the report = yes Ping the remote host[checkbox]:Log live hosts in the report = yes Netstat 'scanner'[checkbox]:Check found ports (intrusive) = no Nmap (NASL wrapper)[radio]:TCP scanning technique : = connect() Nmap (NASL wrapper)[checkbox]:UDP port scan = no Nmap (NASL wrapper)[checkbox]:Service scan = no Nmap (NASL wrapper)[checkbox]:RPC port scan = no Nmap (NASL wrapper)[checkbox]:Ping the remote host = no Nmap (NASL wrapper)[checkbox]:Identify the remote OS = no Nmap (NASL wrapper)[checkbox]:Use hidden option to identify the remote OS = no Nmap (NASL wrapper)[checkbox]:Fragment IP packets (bypasses firewalls) = no Nmap (NASL wrapper)[checkbox]:Get Identd info = no Nmap (NASL wrapper)[checkbox]:Do not randomize the order in which ports are scanned = no Nmap (NASL wrapper)[radio]:Timing policy : = Auto (nessus specific!) Brute force login (Hydra)[file]:Logins file : = Brute force login (Hydra)[file]:Passwords file : = Brute force login (Hydra)[entry]:Web page to brute force : = HTTP login page[entry]:Login form : = snmpwalk 'scanner'[entry]:TCP/UDP port : = snmpwalk 'scanner'[entry]:Number of retries : = snmpwalk 'scanner'[entry]:Timeout between retries : = HTTP NIDS evasion[entry]:HTTP User-Agent = HTTP NIDS evasion[entry]:Force protocol string : = Services[file]:SSL certificate : = Services[file]:SSL private key : = Services[password]:PEM password : = Services[file]:CA file : = Login configurations[entry]:HTTP account : = Login configurations[password]:HTTP password (sent in clear) : = Login configurations[entry]:NNTP account : = Login configurations[password]:NNTP password (sent in clear) : = Login configurations[entry]:POP2 account : = Login configurations[password]:POP2 password (sent in clear) : = Login configurations[entry]:POP3 account : = Login configurations[password]:POP3 password (sent in clear) : = Login configurations[entry]:IMAP account : = Login configurations[password]:IMAP password (sent in clear) : = Login configurations[entry]:SMB account : = Login configurations[password]:SMB password : = Login configurations[entry]:SMB domain (optional) : = Login configurations[entry]:SNMP community (sent in clear) : = Nmap (NASL wrapper)[entry]:Source port : = Nmap (NASL wrapper)[entry]:Host Timeout (ms) : = Nmap (NASL wrapper)[entry]:Min RTT Timeout (ms) : = Nmap (NASL wrapper)[entry]:Max RTT Timeout (ms) : = Nmap (NASL wrapper)[entry]:Initial RTT timeout (ms) : = Nmap (NASL wrapper)[entry]:Ports scanned in parallel (max) = Nmap (NASL wrapper)[entry]:Ports scanned in parallel (min) = Nmap (NASL wrapper)[entry]:Minimum wait between probes (ms) = Nmap (NASL wrapper)[file]:File containing grepable results : = Nmap (NASL wrapper)[entry]:Data length : = SSH settings[password]:SSH password (unsafe!) : = SSH settings[file]:SSH public key to use : = SSH settings[file]:SSH private key to use : = SSH settings[password]:Passphrase for SSH key : = end(PLUGINS_PREFS) Thanks, Chris ******************************* The information contained in this message may be privileged and/or confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. Note that any views or opinions presented in this message are solely those of the author and do not necessarily represent those of Ameren. All emails are subject to monitoring and archival. Finally, the recipient should check this message and any attachments for the presence of viruses. Ameren accepts no liability for any damage caused by any virus transmitted by this email. If you have received this in error, please notify the sender immediately by replying to the message and deleting the material from any computer. Ameren Corporation ******************************* _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
