--- Jason Haar <[EMAIL PROTECTED]> wrote:
> Michel Arboi wrote:
>
> >On Thu Apr 28 2005 at 19:33, Jason Haar wrote:
> >
> >
> >
> >>I've been having real difficulty getting nessus to scan a DMZ
> in which
> >>some HTTPS web servers aren't pingable - Nessus has been
> skipping them
> >>(host is dead).
> >>
> >>
> >
> >Enable "TCP ping" option (it is by default) and make sure that
> 443 is
> >in the port list (it is in "built-in" and "extended")
> >Unless your server is not on port 443, of course.
> >
> >
> >
> That isn't what I've found (see previous post: "why is this host
> being
> reported as dead?"
>
> I've found that "built-in" scans 49 ports - not including 443.
Hmm, the documentation states a smaller set than this. I was
having a bugger of a time recently tracking where this was defined
in the source. Can one of the Nessus/Tenable people update the
documentation stating what ports are scanned by 'built-in' if it is
stale information? If it is not stale, where is it defined in the
source?
> I have never heard of "extended" before - the Nessus GUI popup
> makes no
> mention of it? I assume that contains more ports and was probably
> really
> what I wanted all along - thanks for that!
The 'extended' list is within the plugin itself, if you view the
NASL code [1]. Here's the relevant lines:
if (!p) p = defportlist;
if (p == "extended")
p =
"22;80;139;443;445;21;23;25;53;79;110;113;135;143;264;389;993;1454;1723;3389;8080";
HTH,
Jon
[1]
http://cvsweb.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/scripts/ping_host.nasl?content-type=text/plain
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
