Typically, the NMAP switches are different within Nessus as opposed to plain old NMAP. Also, you may be conducting several additional scan types with Nessus (SYN, TCP connect, etc.).
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jesper S. Jensen Sent: Thursday, June 03, 2004 9:07 AM To: [EMAIL PROTECTED] Subject: Re: Nessus evading firewalls? Harkaran Bedi wrote: > While the nessus client provides options to evade NIDS, has anyone > used Nessus & been able to successfully evade stateful packet > filtering firewalls? Not that I know of. Could be there is something though? > On a recent scan I found that Nessus was able to discover more > ports/services accessible than with a couple of nmap scans (with > different options). Whether the additional ports & services are false > positives I have not confirmed. I just have a doubt if some Nessus > scans got through the firewall (PIX). Try to run the nmap with the same options as nessus does. You can se the exact line, by doing a 'ps' when the nmap part of the Nessus scan is running. > I found this interesting since nmap is built-in to Nessus & the > results were different. I guess it could be some plugins in Nessus that that run, even though the nmap scan didn't repport the ports to be open. -- Jesper S. Jensen Basisnet og Sikkerhed Uni-C - �rhus, Danmark +45 8937-6666 _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
