Just my two cents, so feel free to ignore. If you are wanting to compare the two results I would think you would want to have nmap do its port scan, nessus do one, and compare the results of the two. I haven't checked so much with port scans, but I know from personal experience that when using nmap for host discovery and nessus scanning the same network:
1. mostly they have the same results 2. some systems found by nmap are not found by nessus 3. some systems found by nessus are not found by nmap 4. some systems are found by neither I don't have a reason for the above to be the case, it is simply what I have observed. Consequently I run both nmap and nessus and compare the results of the two. It is the closest I can get to a view of what is really on the network. Tim Doty -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, September 02, 2008 8:16 AM To: [EMAIL PROTECTED] Cc: [email protected] Subject: Re: Command line report export Not quite what I was getting at. Let me explain. We are aiming to complete a NMAP scan (TCP and UDP) and store this in a structured database as well as grepable output. We would then like to import the grepable nmap output into Nessus and have Nessus restrict it's scans to only those ports that NMAP has found to be open. This then prevents Nessus scanning 65535 ports, but still gives us a comparison between the NMAP and Nessus service discovery. Once the NMAP and Nessus scans are finished we will output the report to HTML and process this to compare it with previous results. I know it's not a perfect option, but we've been asked to look at it as a possiblity instead of comercial options. @Raleel, thanks for the link. One of our guys here was looking at the NASL plugin option but couldn't get it to import through a command-line. I'll have to take another look though as it seems he's not been looking too hard for a solution. [EMAIL PROTECTED]@inet 02.09.2008 15:00 An [EMAIL PROTECTED] Kopie [email protected] Thema Re: Command line report export On Tuesday 02 September 2008 14:52:12 [EMAIL PROTECTED] wrote: > I guess it's a personal choice, but mainly as we're using the NMAP Service > Discovery and comparing them against the Nessus results to make sure that > we're covering everything. If you import Nmap results into Nessus and disable all other portscanners to save bandwidth, the probability that you discover a new open port is exactly 0. What's the use of comparing? > Plus NMAP gives a lot more options on how we scan Are they useful? If yes, maybe we can add them to Nessus. ---------------------------------------- Raiffeisen Informatik GmbH, Firmenbuchnr. 88239p, Handelsgericht Wien, DVR 0486809, UID ATU 16351908 Der Austausch von Nachrichten mit oben angefuehrtem Absender via E-Mail dient ausschliesslich Informationszwecken. Rechtsgeschaeftliche Erklaerungen duerfen ueber dieses Medium nicht ausgetauscht werden. Correspondence with above mentioned sender via e-mail is only for information purposes. This medium may not be used for exchange of legally-binding communications. ---------------------------------------- _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
