Javier Fernandez-Sanguino <[EMAIL PROTECTED]> writes: > That is not usually the case and most certaintly is not when pen-testing.
And even during audits where I had a root access on the target machine, I saw some very odd network glitches. One time, an HTTPS server was identified by find_service as running SSL/TLS, but HTTP was missed. This means that the target answered to the SSL negociation and timed out on the HTTP request. Very odd... The HTTP server was later recognized by find_service2.nasl, but some HTTP tests did not run (because they depend upon find_service.nes) I'm still looking for a smart method to solve this kind of problem. I'm not sure there is one. The simplest way currently is to increase the read timeout, as Renaud said, but Nessus may run like a slug if there are many "silent" services or firewalled ports.
