No, it means that ping_host.nasl is defined as a dependency of
nmap.nasl. So if you enable dependencies, ping_host.nasl will be run
first to ensure the host is alive before wasting time scanning for open
ports on a dead host. This can lead to problems if pings fail, as you've
uncovered.
So if I got you right to make sure that the nmap wrapper finds a host the
way the standalone nmap does I have to disable dependencies of plug-ins. Ok,
I can do that but does this have other side effects? Actually, I would
prefer this over the extended TCP ping option. Even if the scan takes
longer. What do you propose?
Another question is this fragmented option of nmap. Correct me if I'm wrong
but isn't fragmentation an IP feature that all modern products should be
capable of? So does nmap not finding the host with -f option enabled mean
the host (or maybe a device in between) is not understanding fragmented
packets? And if yes wouldn't that be off standard (quick read through man
nmap does not inform of nmap beeing off standard)?
Anyway, I enabled the option simply to stress the host some more. I disabled
it now (no need to hide for me).
Straight from ping_host.nasl itself:
# H D Moore & Michel Arboi's Port list :
# if you want more reliable but slower results, use 'extended' as the
port list
# 21, 22, 23, 25, 53, 79, 80, 110, 113, 135, 139, 143, 264, 389, 443,
445,
# 993, 1454, 1723, 3389, 8080
Hehe, yessa. I mean it's open-source, right (kind of)?
You can always feed Nessus nmap output in grepable format; ie, see "Nmap
(NASL wrapper)[file]:File containing grepable results".
Yeah, once again you got a point.
Big respect again to tenable security and the Nessus crew.
Thank you all very much.
Greetz
Chris
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
