On Wed Sep 20 2006 at 01:25, A User wrote: > Is there a way to enable "find_service" to use UDP results?
No, but external_svc_ident.nasl can do that. > Believe it or not, there are people out there who understand UDP > services need to be evaluated Remember that you would need a find_service_udp only if a service runs on a non standard port. This is very uncommon for UDP. Standard ports are tested by Nessus. > There are devices that people may not be allowed local accounts as > this can be intrusive A find_service_udp would be much more intrusive. > Based on those comments Which are untrue, because you forgot that UDP standard ports are tested. > Nessus is not giving a true picture What is a "true" picture? > and personally I find it frustrating not being able to use one piece of > software to perform a complete and thorough review. Can you afford to run nmap -sU -sV for days to get this true picture? netstat -p would give it instantly. > It should be possible for those users who properly understand the > limitations of certain OSes / TCP/IP stacks to be able to get a full > picture. If such a find_service_udp were written, it would be disabled if (safe_checks || ! thorough_checks) As most people are running in safe checks and do not set "thorough tests", this would be useless for 99% of users. > Otherwise you end up making an unreasonable compromise between speed > and accuracy. You have to. -- http://arboi.da.ru/ http://ma75.blogspot.com/ PGP key ID : 0x0BBABA91 - 0x1320924F0BBABA91 Fingerprint: 1048 B09B EEAF 20AA F645 2E1A 1320 924F 0BBA BA91 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
