I am new to the list and at best a casual user of Nessus. Nessus has worked well for me in the past.
Last week I pen tested a machine and experienced no problems, but today the pen test failed to completed (without really finishing). I found my ethernet port locked. In my place of employement we have port security based on MAC address. When the network guys unlocked my port the said that the MAC address that caused the lockout was different than mine (obviously) and different in both cases (sorry I did not write it down before leaving work).
I ran nessus-upgrade-plugins on June 29...
Does anyone know if a new attack (nasl) has been added that changes the MAC and/or is this even possible for Nessus to do this?
I had everything selected and it got very close to finishing ... of course all of the port scanning had completed. The Nessus report indicated that ports found during the scan were not found now ... this would indicate my port being closed.
My Client and Daemon machine is running Debian unstable Linux 2.4.18-bf2.4-xfs with Nessus 2.0 installed via apt-get from deb http://people.debian.org/~jfs/nessus/ 2.0.0/.
apt-get upgrade was run on Sunday 6th but the previous deb line was removed on July 1st.
The machine that I was attacking was Windows NT 4.0 with Apache 2.0.46 and other network applications.
Any help or advisce would be greatly appreciated. Thanks,
Chris Lewis
