|
I recently ran a scan on a few https web servers from a Nessus-2.2.2
box and the report came back with null results even though I was able to telnet
to the target servers on port 443 from the scanner. When editing the
configuration variable “Make the dead hosts appear in the report”
to yes, the report output said “The
remote host is considered as dead - not scanning”. In
order to determine if the problem was on the individual scanner I was using, I
ran the same scan from a 2.2.3 Nessus box. The report from the 2.2.3 box
produced the web server vulnerability information I expected.
I do know that icmp ping is not allowed through the firewall that protects the
https web servers in question and that port 443 is the only port open on the
boxes. My question is, is there a difference in the way version 2.2.2 and
2.2.3 determine if a host should be scanned before proceeding with the full
scan based on default configurations? Thanks- Steve Steve Trumpower Security Engineer Counterpane Internet Security 703 227-5900 |
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
