Hi Joe,
To be direct it does work, just not well if you make the wrong architectural choices. To more complete in my answer: Yes, you can use Nessus to scan or be hosted in any virtual machine you want assuming the virtual machine has its own bridged ip (in my experience it does not work if you try to use VMware Nat or vpc Nat). That said, I find virtual machines tend to drop allot of packets esp. under load and when not using the virtual machines "extensions". So host Nessus on the host system, and scan the bridged ip from the host to the VM works the best. I find scanning the host from the Virtual Machine is less effective. It's also more effective to have your Virtual machine on its own hard drive - using a different adapter (or less effectively, a separate channel) from the drive that holds the host os. I find that VMware drops packets less than VPC 2004 (I've not used VPC 2007 so I can't say if the virtual nic code has gotten better or not). In my experience, Nessus and virtual machines work the best when your host system uses a professional grade dual or quad Intel or 3com based nic (AVOID Adaptec, Broadcom and Realtek based nics they are cheap for a reason) and assign the virtual machine a different physical port on that nic than the host uses; then scan over a professional quality switch that is not set to firewall or filter any traffic (even broadcast traffic). You can also link the two ports with a crossover cable. Also, you need to completely disable the XP firewall by stopping the "Firewall and ics" service - otherwise it will silently drop certain forms of inbound traffic (regardless of your logging options) - especially broadcast traffic. Lastly, make certain the virtual machine is hosted fully in memory and is not swapped out to swap file. HTH Sam S. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Sunday, May 18, 2008 8:25 AM To: [email protected] Subject: Nessus and MS Virtual PC 2007 Hello, Nobody has an answer to my question? -------------- Forwarded Message: -------------- From: [EMAIL PROTECTED] To: [email protected] Subject: Nessus and MS Virtual PC 2007 Date: Fri, 16 May 2008 14:15:08 +0000 Hello, Can Nessus 3.2 for Windows XP Pro be used on Microsoft Virtual PC 2007? After installing Nessus and trying to connect through the client I keep receiving a message that no connection to the server can be made because the IP and/or the port is incorrect. There is no anti-virus installed and the firewall is turned off on the virtual machine instance. All defaults are used during the setup and plugins were updated. Thanks, Joe
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
