Bill, If those 2 are your only requirements, your best bet is to just use hydra and skip nessus entirely.
Regards, Dan Muldoon Security Consultant http://www.spohnassoc.com/ <http://www.spohnassoc.com/> On 9/29/05 11:09 AM, "Bill Petersen" <[EMAIL PROTECTED]> wrote: I would like to run a simple test against a group of systems. I want to only test for 1. No passwords for ids like root, oracle, mysql, etc. 2. Default userid & passwords (like oracle's scott/tiger) Is there any easy way to tell nessus to JUST do this type of test? There are userid / password lists on the net which I would like to take advantage of. I tried to 'filter' the plugins, but I guess I don't understand the expression syntax. I tried 'blank password|unpassword|default password' The only expressions I get much result with are default password password Yes, I am also looking at Hydra and Nikto (Thanks George). I am just trying to keep the number of different tools and data output formats to a minimum so I don't have to write so many translation programs to consolidate the data into a standard format and database for tracking purposes. Regards, Bill _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
