On Sat Apr 08 2006 at 20:42, Michael Scheidell wrote: > Doesn't pick a banner up at all
No. And it appears that nmap -sV cannot identify Nessus. # nessusd -a 127.0.0.1 -p 1242 All plugins loaded $ nmap -sV -p 1241-1242 -v 127.0.0.1 Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2006-04-12 16:29 CEST DNS resolution of 0 IPs took 0.00s. Mode: Async [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 0, CN: 0] Initiating Connect() Scan against localhost (127.0.0.1) [2 ports] at 16:29 Discovered open port 1242/tcp on 127.0.0.1 The Connect() Scan took 0.00s to scan 2 total ports. Initiating service scan against 1 service on localhost (127.0.0.1) at 16:29 The service scan took 23.06s to scan 1 service on 1 host. Host localhost (127.0.0.1) appears to be up ... good. Interesting ports on localhost (127.0.0.1): PORT STATE SERVICE VERSION 1241/tcp closed nessus 1242/tcp open unknown Nmap finished: 1 IP address (1 host up) scanned in 23.218 seconds $ And after editing nessus_detect.nasl so that it check 1242 instead of 1241 by default (in the Nessus framework, it will check every open port if thorough_tests is on): $ nasl nessus_detect.nasl ** WARNING : packet forgery will not work ** as NASL is not running as root set key Known/tcp/1242 -> 134899496 [12314] plug_set_key:internal_send(0)['1 Known/tcp/1242=nessus; ']: Socket operation on non-socket set key Services/nessus -> 1242 [12314] plug_set_key:internal_send(0)['3 Services/nessus=1242; ']: Socket operation on non-socket 127.0.0.1: register_service: port=1242, proto=nessus Success $ _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
