Currently Nessus enables any new plugins that are not mentioned explicitly by number in the config file. Is there a way to disable this? I.e. if I run nessus-update-plugins and it downloads the new plugin set and this contains plugin id 23456 and then I run a scan using an old config file that doesn't mention 23456 then nessus helpfully (!) enables this plugin and runs the test. I remember there was some discussion about this before - was there a keyword added that stopped it from doing this?
What prompts me to ask is that I ran an automated scan the other day and the machine that ran the test developed a dodgy hard disk and the config file I was running from was getting I/O errors so only the first portion of it was readable. Nessus read the first 100 or so lines of the config file and then enabled all safe plugins that were not mentioned in the first 100 lines of the file! This meant that this machine proceeded to run about 1000 tests instead of the 200 I expected. Trevor Hemsley, Security Specialist, Atos Origin Ltd, Whyteleafe, +44-(0)1883-628139 [This e-mail is privileged and may contain confidential information intended only for the person(s) named above. If you receive this e-mail in error, please notify the addressee immediately by telephone or return e-mail. Although the sender endeavours to maintain a computer virus free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted.]
