On Apr 19, 2005, at 3:29 PM, Jason Haar wrote:
I'm running 2.2.4 and I'm trying to scan a DMZ that contains a HTTPS Web
server that isn't ICMP-pingable. Nessus is reporting the server as being
DEAD.
I don't know what "built-in" port(s) are used for the TCP ping. I'll update the nessuskb if someone gives me the definitve answer to that. My guess is port 80 only. I know it won't use all the ports in the services file for the TCP ping phase. Technically, only a single non-filtered port should be needed just to see if there is a host - the host doesn't have to actually be listening on that port. What ports are unfiltered on that host? That might explain why nessus thinks the host is not alive. Try setting the "TCP ping destination port" to 443 and see if nessus thinks the host is alive.
Best regards,
Erik Stephens
www.edgeos.com
The private-labelled vulnerability assessment services company
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
