I suddenly have a problem using NessusClient 1.0.0RC5 where all most scans stop without turning up results.
All tests I run are against our corporate public IP ranges and most tested hosts are firewalled but often have ICMP echo-request and a range of services enabled. When I run a scan with nessus tcp scanner, nasl wrapper and with a ping of the remote host I get the following in nessusd.messages:
[Wed Aug 9 08:44:34 2006][8267] user root : testing xxxxx (x.x.x.x) [2139]
[Wed Aug 9 08:45:00 2006][2139] user root : The remote host (xxxxx) is dead
[Wed Aug 9 08:45:00 2006][2139] Finished testing xxxxx. Time : 26.86 secs
[Wed Aug 9 08:45:00 2006][8267] user root : test complete
[Wed Aug 9 08:45:00 2006][8267] Total time to scan all hosts : 27 seconds
[Wed Aug 9 08:45:00 2006][8267] user root : Kept alive connection
Now the strange thing is that I could successfully scan most of these targets yesterday, but today I always get the messages above (I have no idea what changed between then and now). Enabling/disabling the remote host ping didn't work. Playing with "Do a TCP ping", "Do an ICMP ping" and "Do an applicative UDP ping" does not seem to change anything. Restarting nessusd and NessusClient didn't have any effect.
Echo request against the host works fine although it is 2000 miles and 16hops away (40ms avg).
To make things even more mysterious, a scan against a firewalled webserver does work (only listens to tcp port 443) with the same settings.
Any suggestions?
Tnx,
Tom
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
