I use SuSE 8.2, my friend updated to 9.0 - from that time he had to recompile libnet libraries etc. Today we played a little with nmap - and again, he could connect for example to my ssh port, but nmap was blind (even with -P0 switch). He wasn't able to scan even host with no FW. But it wasn't a version problem. Then he ran tcpdump together with nmap and nmap started to work immediately.
So now I don't know yet what is broken, but it's not the problem of Nessus or Nmap - it's how SuSE 9.0 works on network layer, because basic networking is fine and testing tools are still unreliable. kamil -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Klun, Jim Sent: Sunday, December 07, 2003 7:56 PM To: 'histar2' Cc: '[EMAIL PROTECTED]' Subject: RE: SUSE 9.0 problem I installed 9.0 on a fresh Intel box from CD - did Yast2 online patch update. Installed nessus 2.0.9 via installer.sh Same results - a scan of my local home network produces results in only entries for localhost. Same procedure with 8.0 produces expected results for local home network, revealing all machines. -----Original Message----- From: histar2 [mailto:[EMAIL PROTECTED] Sent: Saturday, December 06, 2003 10:26 AM To: Klun, Jim Cc: '[EMAIL PROTECTED]' Subject: RE: SUSE 9.0 problem AHA -- I should have been a bit more specific - sorry. I did some tests side by side to make sure -- even got it to identify a crashing problem with Oracle Discoverer (funny how a vulnerability program helps find crashing problems...) Anyway, I had some "newbie" security types running 2.0.7 on RedHat 7.2 (actually AS 2.1, but same versions) and I was running mine on 9.0 and results were roughly the same (new plugins that I had and they had not updated showed some vulnerabilities they did not.) I really did not do anything in the way of tweaking. Now one thing that could be of importance -- I was running 8.2 with Ximian enhancements XD2 to be exact. I upgraded that with a vanilla SuSE 9.0 and of course lost my XD2 :( -- but the rest of the upgrade went along just fine. I run Mandrake 9.2, SuSE 9.0, RedHat Enterprise 3.0 and Gentoo 1.2 on my laptop (with a partition for Windoze even) and do this for testing purposes. I have run the same scans from all and more or less, the results are identical (sometimes I forgot to update plugins). Now, could it have something to do with Ximian updates? Hmm.. Not sure. I guess it is time to do some more testing since I have a strict vanilla SuSE 9.0 desktop handy -- have not tried that one. I will let you know. Kat On Sat, 2003-12-06 at 10:12, Klun, Jim wrote: > BTW - its NOT that nessus doesn't work for us with 9.0 - its just not > returning the same results that an 8.0 instance does. Both fresh > installs with installer.sh used > to build nessus 2.0.9. > > I assume you are satisfied that your SUSE 9.0 install is returning > nessus results consistent with your earlier OS's? > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Klun, Jim > Sent: Saturday, December 06, 2003 9:23 AM > To: 'histar2'; '[EMAIL PROTECTED]' > Subject: RE: SUSE 9.0 problem > > > Thanks - I did fall back to a 3.0 version of nmap with same results. > > Since I have a known working example ( yours ) I'll continue to > assume it's just a local problem on our end. > > I'd also just assume I was making an error if it were not for the fact 2 > other folks > who did separate installs in our group report same problems. > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of histar2 > Sent: Saturday, December 06, 2003 9:04 AM > To: '[EMAIL PROTECTED]' > Subject: RE: SUSE 9.0 problem > > > Hmm, this is strange. Installed 9.0 two weeks ago, and built 2.0.9 on it > with no problems... running nmap 3.30 with it as well... > > Kat > > On Sat, 2003-12-06 at 02:31, Hugo van der Kooij wrote: > > On Fri, 5 Dec 2003, Klun, Jim wrote: > > > > > 3.30 is what is coming with SUSE 9.0 > > > I tried 3.48 with same results. > > > > > > Is anyone out there using SUSE 9.0 with nessus? > > > > Use the nmap version you use with the other SuSE version. 3.48 is TOO > > modern for sure. > > > > Hugo. > > _______________________________________________ > Nessus mailing list > [EMAIL PROTECTED] > http://mail.nessus.org/mailman/listinfo/nessus > _______________________________________________ > Nessus mailing list > [EMAIL PROTECTED] > http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
