Ray, Do you know for sure there are ports open on that system? Try looking at some interesting ports first. Like smtp/http(s)/ssh etc. don't use all port at once.
Scan a few ports first, some systems have a blocking function that if you hit some interessting ports in a short time they block you and report all ports as filtered/closed, or there is some other protection in front (IPS). If nessus doesn't find any ports it will not find any vulnerabilities. -- Ferdy Ray DuBose wrote: > Hey, > > > > Fairly new to nessus so be kind. I have 2 IP’s that I’ve been asked to > scan. When I run NMAP against them using –sS I get several filtered ports: > > > > (The 56612 ports scanned but not shown below are in state: closed) > > PORT STATE SERVICE > > 21/tcp filtered ftp > > 22/tcp filtered ssh > > 23/tcp filtered telnet > > 80/tcp filtered http > > 137/tcp filtered netbios-ns > > 161/tcp filtered snmp > > 162/tcp filtered snmptrap > > 443/tcp filtered https > > 491/tcp filtered go-login > > 554/tcp filtered rtsp > > 3389/tcp filtered ms-term-serv > > 4441/tcp filtered unknown > > 4444/tcp filtered krb524 > > 5350/tcp filtered unknown > > 7070/tcp filtered realserver > > 8000/tcp filtered http-alt > > 8080/tcp filtered http-proxy > > 8087/tcp filtered unknown > > 8380/tcp filtered unknown > > 8480/tcp filtered unknown > > 10000/tcp filtered snet-sensor-mgmt > > 10130/tcp filtered unknown > > 11889/tcp filtered unknown > > > > But when I run a Nessus Scan against the same host I get nothing back > other than a genera/tcp > > Information about this scan : > > > > Nessus version : 3.0.2 > > Plugin feed version : 200603211235 > > Type of plugin feed : Release > > Scanner IP : 10.1.11.113 > > Port scanner(s) : synscan > > Port range : 1-65535 > > Thorough tests : no > > Experimental tests : no > > Paranoia level : 1 > > Report Verbosity : 1 > > Safe checks : yes > > Max hosts : 16 > > Max checks : 10 > > Scan Start Date : 2006/5/17 13:15 > > Scan duration : 285 sec > > > > And general/UDP that just shows a traceroute to the host. I’m running > Nessus on Fedora Core 5 and this is the latest version of Nessus as I > just built it today. I’ve tried all the port scanners that are listed > as well as both the Linux Client and the Windows Client. The NMAP was > run from the same Nessus Server. Am I doing something wrong? > > > > Ray > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
