Anyway, thanks for a great bit of software.
Andrew
On 7/24/06, Andrew Wang <[EMAIL PROTECTED]> wrote:
Hello again, I have another question for the mailing list.
I have installed Nessus 3.0.3 on FC5, and it's working pretty well. I have it set up to do an ARP and TCP ping to detect if hosts are dead or alive, TCP syn port scan, and reading the target ip addresses from a file. checks_read_timeout is set to 4, plugins_timeout is set to 320.
The problem lies in Nessus not scanning properly when I increase the number of IP addresses in the target list. An example, using the same configuration for all:
Scanning 192.168.0.1 to 192.168.0.254 produces
Hosts which were alive and responding during test 19 Number of security holes found 12 Number of security warnings found 29
Scanning 192.168.1.1 to 192.168.1.254 produces
Hosts which were alive and responding during test 34 Number of security holes found 27 Number of security warnings found 73
Finally, the mystery. Putting the two lists of IP addresses together, and scanning 192.168.0.1 to 192.168.1.254 produces
Hosts which were alive and responding during test 21 Number of security holes found 13 Number of security warnings found 32
I've run these multiple times, and they always produce the same results: the larger list of IPs produces inferior results compared to the subsets. Can anyone shine some light on this matter? I can provide configuration options as needed.
Thanks,
Andrew
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
