On Tue, Sep 13, 2005 at 08:31:02AM -0400, Jack Harvey wrote: > When I start the nessus client (on nessusd server) i get a message > indicating that the plugins that can crash remote services or hosts have > been disabled and that for a complete scan i should enable them.
The message refers to the fact that "dangerous" plugins are not enabled; ie, plugins in the denial, destructive_attack, flood, and kill_host categories. > Is > there a listing of these anywhere? Grep plugins on the category names uppercased and prefixed by "ACT_"; eg, ls -1 /usr/local/lib/nessus/plugins | \ xargs egrep -l "ACT_(DENIAL|DESTRUCTIVE_ATTACK|FLOOD|KILL_HOST)" > If I enable them for a scan are they > disabled by default when i restart the server and/or client? No, once you enable a plugin it stays enabled in a config file until you explicitly disable it. That said, safe checks gives you an easy way of ignoring any dangerous plugins you might have enabled in your config file. George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
