If you don't care about burning some extra cycles on your nessus box and
just want to limit the network traffic that hits the host, you could setup
a local firewall (ipfilter) to block outbound traffic from nessus to
unwanted ports. Of course, you would have to wrap a shell script around it
to prompt for the port you want to target and change the ACLs before firing
off nessus.
-Rob.
"Alec H.
Peterson" To: Doug Nordwall <[EMAIL PROTECTED]>
<[EMAIL PROTECTED] cc: [EMAIL PROTECTED]
> Subject: Re: Command-line Scan of one
port
Sent by:
owner-nessus@list
.nessus.org
12/05/2002 03:06
PM
--On Thursday, December 5, 2002 13:02 -0800 Doug Nordwall <[EMAIL PROTECTED]>
wrote:
> If you want to check for a ports existance, I would just use nmap -p
> <port> <host> and wrap it in a shell script to generate a random value
> for the port
>
> using nessus for this would be overkill, unless you were planning to an
> actual vulnerability scan. if you were planning on doing a vulnerability
> scan, I might suggest generating a nessusrc file that does what you want
> for a particular port, and then randomly changing the port. of course,
> this won't actually do proper vulnerability scans, since you would have
> to also change which plugins are available.
No. I know what port is open, so I don't want to run the nmap scan. I
just want to run nessus against a specific port that I know is open that
can vary from invocation to invocation.
Alec
--
Alec H. Peterson -- [EMAIL PROTECTED]
Chief Technology Officer
Catbird Networks, http://www.catbird.com
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
