On Tue, Jan 03, 2006 at 05:36:38PM +1100, Les G wrote:
> I've noticed both with Nesses 2.2.6 and Nessus 3, that under Debian 3.1
> (and also some versions of RHL) that when nmap is chosen as the
> port-scanner, and you specify some nmap scanning options, such as a FIN
> scan, you still only always get the default SYN scan. Running a "ps
> -ef" reveals that nmap is always invoked with the same command-line
> options. Basically, changing the nmap scan options in the Nessus client
> has no effect.
...
> This does not
> seem to happen running under SUSE.
Excuse me if these seem like silly questions but...
o Have you cross-referenced the pid(s) that you see in the
ps output with the pids reported by nessusd when it
launches nmap.nasl (ie, in nessusd.messages)?
o Have you checked whether the commandline ps reports is being
truncated because it would otherwise exceed the screen size?
o Have you verified whether nmap is indeed always doing a SYN
scan by, say, doing a packet capture?
o Do you have a script named nmap that's being called by
nessusd instead of nmap itself?
o Have you verified that you have a current and valid
version of nmap.nasl?
George
--
[EMAIL PROTECTED]
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
