All, I'm in the middle of running a series of tests with my nessus profile. I've removed all plugins and only have the following:
begin(SCANNER_SET) 10180 = no 10277 = no 10278 = no 10331 = no 10335 = no 10841 = no 10336 = yes 10796 = no 11219 = no 11840 = no end(SCANNER_SET) begin(SERVER_PREFS) max_hosts = 252 max_checks = 2 log_whole_attack = no cgi_path = /cgi-bin:/scripts port_range = default optimize_test = no language = english checks_read_timeout = 5 non_simult_ports = 139, 445 plugins_timeout = 320 safe_checks = yes auto_enable_dependencies = yes use_mac_addr = no save_knowledge_base = yes kb_restore = yes only_test_hosts_whose_kb_we_dont_have = no only_test_hosts_whose_kb_we_have = no kb_dont_replay_scanners = no kb_dont_replay_info_gathering = no kb_dont_replay_attacks = no kb_dont_replay_denials = no kb_max_age = 864000 plugin_upload = no plugin_upload_suffixes = .nasl, .inc slice_network_addresses = yes end(SERVER_PREFS) begin(PLUGINS_PREFS) Misc information on News server[entry]:From address : = Nessus <[EMAIL PROTECTED]> Misc information on News server[entry]:Test group name regex : = f[a-z]\.tests? Misc information on News server[entry]:Max crosspost : = 7 Misc information on News server[checkbox]:Local distribution = no Misc information on News server[checkbox]:No archive = no SMB use host SID to enumerate local users[entry]:Start UID : = 1000 SMB use host SID to enumerate local users[entry]:End UID : = 1200 HTTP login page[entry]:Login page : = / HTTP login page[entry]:Login form fields : = user=%USER%&pass=%PASS% Unknown CGIs arguments torture[checkbox]:Send POST requests = no Brute force login (Hydra)[entry]:Number of simultaneous connections : = 4 Brute force login (Hydra)[checkbox]:Brute force telnet = no Brute force login (Hydra)[checkbox]:Brute force FTP = no Brute force login (Hydra)[checkbox]:Brute force POP3 = no Brute force login (Hydra)[checkbox]:Brute force IMAP = no Brute force login (Hydra)[checkbox]:Brute force cisco = no Brute force login (Hydra)[checkbox]:Brute force cisco-enable = no Brute force login (Hydra)[checkbox]:Brute force VNC = no Brute force login (Hydra)[checkbox]:Brute force SOCKS 5 = no Brute force login (Hydra)[checkbox]:Brute force rexec = no Brute force login (Hydra)[checkbox]:Brute force NNTP = no Brute force login (Hydra)[checkbox]:Brute force HTTP = no Brute force login (Hydra)[checkbox]:Brute force ICQ = no Brute force login (Hydra)[checkbox]:Brute force PCNFS = no Brute force login (Hydra)[checkbox]:Brute force SMB = no Brute force login (Hydra)[checkbox]:Brute force LDAP = no Ping the remote host[entry]:TCP ping destination port(s) : = built-in Ping the remote host[checkbox]:Do a TCP ping = no Ping the remote host[checkbox]:Do an ICMP ping = no Ping the remote host[entry]:Number of retries (ICMP) : = 10 Ping the remote host[checkbox]:Make the dead hosts appear in the report = no Ping the remote host[checkbox]:Log live hosts in the report = no Web mirroring[entry]:Number of pages to mirror : = 20 Web mirroring[entry]:Start page : = / Global variable settings[checkbox]:Enable experimental scripts = no Global variable settings[checkbox]:Thorough tests (slow) = no Global variable settings[radio]:Report verbosity = Normal Global variable settings[radio]:Report paranoia = Normal Global variable settings[radio]:Log verbosity = Normal Global variable settings[entry]:Debug level = 0 SMB Scope[checkbox]:Request information about the domain = no Nmap[radio]:TCP scanning technique : = connect() Nmap[checkbox]:UDP port scan = no Nmap[checkbox]:RPC port scan = no Nmap[checkbox]:Ping the remote host = yes Nmap[checkbox]:Identify the remote OS = no Nmap[checkbox]:Use hidden option to identify the remote OS = no Nmap[checkbox]:Fragment IP packets (bypasses firewalls) = no Nmap[checkbox]:Get Identd info = no Nmap[radio]:Port range = User specified range Nmap[checkbox]:Do not randomize the order in which ports are scanned = no Nmap[entry]:Source port : = any Nmap[radio]:Timing policy : = Insane Services[entry]:Number of connections done in parallel : = 5 Services[entry]:Network connection timeout : = 5 Services[entry]:Network read/write timeout : = 5 Services[entry]:Wrapped service read timeout : = 2 Services[radio]:Test SSL based services = All ftp writeable directories[radio]:How to check if directories are writeable : = Trust the permissions (drwxrwx---) SMB use domain SID to enumerate users[entry]:Start UID : = 1000 SMB use domain SID to enumerate users[entry]:End UID : = 1200 SMTP settings[entry]:Third party domain : = example.com SMTP settings[entry]:From address : = [EMAIL PROTECTED] SMTP settings[entry]:To address : = [EMAIL PROTECTED] NIDS evasion[radio]:TCP evasion technique = none NIDS evasion[checkbox]:Send fake RST when establishing a TCP connection = no HTTP NIDS evasion[checkbox]:Use HTTP HEAD instead of GET = no HTTP NIDS evasion[radio]:URL encoding = none HTTP NIDS evasion[radio]:Absolute URI type = none HTTP NIDS evasion[radio]:Absolute URI host = none HTTP NIDS evasion[checkbox]:Double slashes = no HTTP NIDS evasion[radio]:Reverse traversal = none HTTP NIDS evasion[checkbox]:Self-reference directories = no HTTP NIDS evasion[checkbox]:Premature request ending = no HTTP NIDS evasion[checkbox]:CGI.pm semicolon separator = no HTTP NIDS evasion[checkbox]:Parameter hiding = no HTTP NIDS evasion[checkbox]:Dos/Windows syntax = no HTTP NIDS evasion[checkbox]:Null method = no HTTP NIDS evasion[checkbox]:TAB separator = no HTTP NIDS evasion[checkbox]:HTTP/0.9 requests = no HTTP NIDS evasion[checkbox]:Random case sensitivity (Nikto only) = no Login configurations[entry]:FTP account : = anonymous Login configurations[password]:FTP password (sent in clear) : = [EMAIL PROTECTED] Login configurations[entry]:FTP writeable directory : = /incoming Login configurations[checkbox]:Never send SMB credentials in clear text = no Login configurations[checkbox]:Only use NTLMv2 = no HTTP login page[entry]:Login form : = Brute force login (Hydra)[file]:Logins file : = Brute force login (Hydra)[file]:Passwords file : = Brute force login (Hydra)[entry]:Web page to brute force : = Nmap[entry]:Data length : = Nmap[entry]:Ports scanned in parallel (max) = Nmap[entry]:Host Timeout (ms) : = Nmap[entry]:Min RTT Timeout (ms) : = Nmap[entry]:Max RTT Timeout (ms) : = Nmap[entry]:Initial RTT timeout (ms) = Nmap[entry]:Minimum wait between probes (ms) = Nmap[file]:File containing nmap's results : = Services[file]:SSL certificate : = Services[file]:SSL private key : = Services[password]:PEM password : = Services[file]:CA file : = HTTP NIDS evasion[entry]:HTTP User-Agent = HTTP NIDS evasion[entry]:Force protocol string : = Login configurations[entry]:HTTP account : = Login configurations[password]:HTTP password (sent in clear) : = Login configurations[entry]:NNTP account : = Login configurations[password]:NNTP password (sent in clear) : = Login configurations[entry]:POP2 account : = Login configurations[password]:POP2 password (sent in clear) : = Login configurations[entry]:POP3 account : = Login configurations[password]:POP3 password (sent in clear) : = Login configurations[entry]:IMAP account : = Login configurations[password]:IMAP password (sent in clear) : = Login configurations[entry]:SMB account : = Login configurations[password]:SMB password : = Login configurations[entry]:SMB domain (optional) : = Login configurations[entry]:SNMP community (sent in clear) : = end(PLUGINS_PREFS) begin(SERVER_INFO) server_info_nessusd_version = 2.0.12 server_info_libnasl_version = 2.0.12 server_info_libnessus_version = 2.0.12 server_info_thread_manager = fork server_info_os = Linux server_info_os_version = 2.4.21-15.0.3.ELsmp end(SERVER_INFO) begin(RULES) end(RULES) This is it. Why, now do I still see dont_scan_printers.nasl snmp_default_communities.nasl nmap_wrapper.nes ike_detect.nasl mdns.nasl sheerdns_traversal.nasl etherleak.nasl etc. With the info that I have in my profile, I don't see where I'm asking for these plugins to run. Anyone know what exactly I'm missing? Thanks, Chris _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
