Hi, I have been using Nessus for the last couple of days and I have experienced some behavior that confuses me. I have been running a scan on 16 hosts. Most of the hosts are scanned with no problems but one host in particular (call it x.x.x.3) does not get scanned correctly. I know for a fact that the host is running an SMTP server however this does not show up in the port scan results. If I run nmap or hping I can see that the host is listening on tcp port 25. I can also telnet to port 25 of the host and receive an SMTP banner. I ran tcpdump during the scan and noticed that when Nessus scans this particular host, all of the traffic has a source port of 0 and very few ports are checked. I know for certain that the host is behind a PIX firewall along with the rest of the hosts on the network. SMTP may be the only service listening on this host. Can anybody give me some idea of why Nessus may not be able to see this host?
Thanks, Tom D'Aquino
