When a web server with everything blocked except 443 is scanned by the default Nessus configuration, it is considered "not alive" and is ignored.
When that web server is scanned by Nessus with TCP Ping enabled on 443, it is reported as alive and tested for other vulnerabilities. Therefore, please include 443 as a default port in the TCP Ping test. It would eliminate this FAQ as well as improve the overall reporting integrity of Nessus out-of-the-box. I hope this clears up any confusion, but if there is still a question, please let me know how I can clarify further. Thanks to all of you folks for your efforts on Nessus of course. Carl -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Renaud Deraison Sent: Tuesday, December 10, 2002 4:09 PM To: [EMAIL PROTECTED] Subject: Re: Open Port Nessus Didn't Find On Tue, Dec 10, 2002 at 03:51:58PM -0500, Carl Houseman wrote: > Add port 443 to the TCP Ping test. > > I seem to answer this question every month or so, the last time I checked it wasn't >in the FAQ. [HINT]. One wonders why 443 isn't there along with 22, 23, and 80 by >default as well. [BIGGER HINT] TCP ping is used to determine if the host is alive, not if a given port is open (ie: it's not a port scanner). In "Bonk"'s case, the remote host is alive, but port 443 does not appear in the report, that's a different issue. -- Renaud - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body. - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
