hi, i'm trying to understand the relationship between port-scanners and the various attack NASLs ...
when i disable all port scanners ... i haven't detected any change in the number of attack NASLs which run ... [right now, i'm selecting all plugins ... except for scanners). so .... do all/most/some NASLs ignore the port scanner output ... and just run anyway? or do they run against default ports only, if port scanner output is unavailable? [and if port scanner output is available ... then do NASLs run against *all* open ports ... this approach would allow an Apache-vulnerability NASL, for example, to run against a copy of Apache listening on some port other than 80 ... at the price of running against things like sendmail listening on port 25 ...] what does port scanning buy me, in terms of which NASLs get launched? --sk stuart kendrick fhcrc _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
