On Tue, Sep 19, 2006 at 07:28:05PM -0400, Jason Leuenberger wrote:
I'm working on an assessment, with Nessus 3.0.2. I have 'Safe Checks' chosen, and have unchecked the Denial of Service category....
It's *should be* sufficient to enable safe checks. There are plenty of plugins in the "Denial of Service" category that work by doing a banner check or using credentials to determine what's installed.
I can gather more information tomorrow morning regarding the application that's being used. Is there a way I can find out, perhaps for next time, through a Nessus log that shows what time a specific IP was scanned for a plugin, with the associated result, whether or not it produced an alert?
Nessusd.messages normally logs when plugins are launched against a particular target and when they finish. You could try to cross-reference those logs against what the application on the target offers once you determine to what extect the system clocks are in agreement. For the next scan, if there is one, you could take a packet capture while the scan runs to see what's directed at the application and what responses it gives. Is it possible to run a test scan against a lab / backup system?
George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
