-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hello,
I tried to check our hosts for the latest remote exploitable Windows vulnerabilities using the plugins 18027 and 18028 (that's the main reason why I subscribed to direct feed). But somehow this simply does not work:
I previousely scanned for the LSASS vulnerability using plugin 12209 (smb_kb835732.nasl). This has worked fine for quite some time now. But the two new ones do not seem to work - no single vulnerability when scanning many, many hosts (but 12209 is still reported) ... Do these plugins work for others? Did I obviousely miss something? Eg. do I need a valid account on the host that should be checked? ... I also enabled auto_enable_dependencies, just to make sure all necessary plugins are enabled.
nessusd -d: Current setup : ~ nasl : 2.2.2 ~ libnessus : 2.2.2 ~ SSL support : enabled ~ SSL is used for client / server communication ~ Running as euid : 0 ~ Compiled with tcpwrappers support
nessus client command line: nessus -c nessusrc.test -T nbe -q nhost 1241 xxx xxx hostfile outfile
nessusrc (part):
trusted_ca = /usr/com/nessus/CA/cacert.pem nessusd_host = nhost nessusd_user = xxx paranoia_level = 3 begin(SCANNER_SET) ~ Nmap tcp connect() scan = no ~ nmap = no ~ 10180 = yes ~ 10277 = no ~ 10278 = no ~ 10331 = no ~ 10335 = no ~ 10841 = no ~ 10336 = no ~ 10796 = no ~ 11219 = no ~ 11840 = yes ~ 14259 = no ~ 14274 = no ~ 14272 = no end(SCANNER_SET)
begin(SERVER_PREFS) ~ max_threads = 50 ~ language = english ~ checks_read_timeout = 5 ~ auto_enable_dependencies = yes ~ save_session = no ~ save_empty_sessions = no ~ host_expansion = ip ~ ping_hosts = yes ~ reverse_lookup = no ~ optimize_test = yes ~ safe_checks = yes ~ use_mac_addr = no ~ detached_scan = no ~ continuous_scan = no ~ unscanned_closed = no ~ save_knowledge_base = no ~ only_test_hosts_whose_kb_we_dont_have = no ~ only_test_hosts_whose_kb_we_have = no ~ kb_restore = no ~ kb_dont_replay_scanners = no ~ kb_dont_replay_info_gathering = no ~ kb_dont_replay_attacks = no ~ kb_dont_replay_denials = no ~ diff_scan = no ~ kb_max_age = 864000 ~ log_whole_attack = yes end(SERVER_PREFS)
begin(PLUGIN_SET) # ... ~ 12209 = yes ~ 18027 = yes ~ 18028 = yes # ... end(PLUGIN_SET)
Thanks, Michael
- -- Michael Redinger Zentraler Informatikdienst (Central IT Services) Universitaet Innsbruck Technikerstrasse 13 Tel.: ++43 512 507 2335 6020 Innsbruck Fax.: ++43 512 507 2944 Austria Mail: [EMAIL PROTECTED] BB98 D2FE 0F2C 2658 3780 3CB1 0FD7 A9D9 65C2 C11D http://www.uibk.ac.at/~c102mr/mred-pubkey.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCX41fD9ep2WXCwR0RAvBqAKDamYfBkFzR8lhjxmy4qkQvdbxnUwCgjjvt o19XDIuhcGgXcz1BtGxPgW4= =hijv -----END PGP SIGNATURE----- _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
