safe_checks only applies to NASL scripts that look at that setting. Use "grep" to discover exactly how safe_checks is used...
Suggest you use the GUI to disable all checks in the "Denial of Service" family. Also, review each check that appears set = 'yes' in your settings to determine if it has the category ACT_DESTRUCTIVE_ATTACK. You probably want to disable those, too. Enhancement request: Provide some UI tool that allows selection based on category. e.g., enable all information gathering checks, disable all DoS checks, etc. Best Regards, -Mike Slifcak -----Original Message----- From: Adam Kosmin [mailto:[EMAIL PROTECTED]] Sent: Monday, September 09, 2002 8:11 AM To: [EMAIL PROTECTED] Subject: can I run a safe scan in batch mode? This is a repost from last week. I'm still looking for some feedback. Thanks... I've written a script to automate the scanning of several servers that I manage and need to understand this "safe checks" feature a little better. I've noticed the "Enable safe plugins only" option that is available in the GUI but can't make use if it since I'm calling the client from within a script. I'm running version 1.2.5 and don't see any switch available for this purpose. Therefore, I'm wondering how I can use nessus to run a non threatening test against my remote machines. Does nessusd.conf's safe_checks parameter handle this? If so, how reliable is it? Last friday after I ran nessus-update-plugins, I took down a few boxes during a scan because the SMBDie DOS attack was attempted. This makes me think that either the safe_checks parameter in nessusd.conf is unreliable at best, or I just don't understand the purpose of it. In the event that this functionality is not available in the current version of nessus, are there any plans to add it? The feature is available in the GUI, just not in batch mode. Thanks for any guidance, Adam -- :wq! Adam Kosmin [212] 585-6548 Resist The Trusted Computer Platform Alliance / Palladium http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html Registered Linux User #218030 http://counter.li.org - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body. - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
