> On Wed, Jan 08, 2003 at 03:57:12PM -0600, Neal Dawson wrote: > > I'm testing Nessus against a test MySQL server. > > I started MySQL on a non-mysql port (5506) and ran Nessus against > > the server. Nessus did not find MySQL. I changed MySQL port back > > to 3306 and ran Nessus again. In the security note of the report it > > stated: "Unknown service running on this port" However, this time it > > did find the applicable MySQL security hole-- multiple MySQL flaws > > (I'm running MySQL 3.23.49 as my test server). > > > > Shouldn't Nessus find mysql regardless of what port it is on? > > Yes it should. What banner does it show you when telling you that an > unknown service is running on port 5506 ?
it doesn't show anything. I just ran telnet on port 5506 and noticed that there was a significant delay (maybe > 5 seconds, but not much more) before it spewed the info listed below: Could that have something to do with it? Escape character is '^]'. , 3.23.49-log 7oI]yi$sConnection closed by foreign host. - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
