Depends on how nmap does the identification and what you really are trying to do. It is nmap that identifies it or nessus?
nmap -p 1241 mynessushost Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-04-08 14:32 EDT Interesting ports on mynessushost: PORT STATE SERVICE 1241/tcp open nessus Nmap just knows about nessus. Who are you trying to hide it from anyway? 'the unwashed hoard' in the k12 schools? Real security professionals? If you just want it to go away, do this: (all nmap does is look at port 1241, then does a lookup in nmap-services) Doesn't pick a banner up at all (again, try it, telnet to 1241 and look for a banner locate nmap-services (assumes: /usr/local/share/nmap/nmap-services sed -i"" 's/nessus/bogus/' /usr/local/share/nmap/nmap-services Answer those questions, then select one of my three options that best solves the problem, and let nmap try. (or try starting nessus on another port to 'hide' it, that fixes nmap, but doesn't stop a hacker) _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
