On Tue, 19 Sep 2006, Michel Arboi wrote: > On Mon Sep 18 2006 at 14:46, Kostadin Kostadinov wrote: > > > I am planning to scan with Nessus 3.0.3 from command line using Nmap > > port scan results but not portscanner of Nessus itself. > > I'd like to know why so many people still prefer Nmap to the embedded > scanners. > > Some people want to scan UDP ports. However, UDP scanning is > unreliable, dangerous against broken IP stacks [1] and can be terribly > slow [2]. If you really need that, you should consider giving Nessus > proper credentials to access the remote machine and use the SNMP or > netstat "scanners". They are quick, reliable and not intrusive. > Plus, keep in mind that Nessus will not use the result from the UDP > scanner to perform some kind of "find_service". Such a feature is slow > and dangerous -- most software which implement a UDP-based protocol > either drop packets that they cannot decode or do sepuku. [3]
Is there a way to enable "find_service" to use UDP results? Believe it or not, there are people out there who understand UDP services need to be evaluated otherwise you cannot get a full picture of what device is running what service. There are devices that people may not be allowed local accounts as this can be intrusive or where it's not possible to get console. Based on those comments, Nessus is not giving a true picture and personally I find it frustrating not being able to use one piece of software to perform a complete and thorough review. And I am sure I am not the only one. It should be possible for those users who properly understand the limitations of certain OSes / TCP/IP stacks to be able to get a full picture. Otherwise you end up making an unreasonable compromise between speed and accuracy. Cheers, A. ---- _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
