On Wed, 20 Sep 2006, Michel Arboi wrote: > On Wed Sep 20 2006 at 14:21, A User wrote: > > >> A find_service_udp would be much more intrusive. > > But again - what about those devices where we can't get local accounts? > > Can you afford to crash them?
In certain assignments - yes. For example, new virgin deployments where there is no production activity and we have the go-ahead to bring down unstable services. > > There are devices that run on non-standard UDP ports > > You mean *standard* services or non standard ports?? > If this is known, that we can enhance the detection of a couple of > protocols. e.g. if some company implements a DNS server on port 5353, > we can add the necessary probe in dns_server.nasl I mean both. But I cannot afford to modify NASLs for each scan. > >> Can you afford to run nmap -sU -sV for days to get this true picture? > >> netstat -p would give it instantly. > > > For a complete review that needs to be performed where I technically > > cannot or am prohibited by the system admin to do this, then yes! > > I wonder how many people can afford that. Well, I get the impression there are some diligent professionals who do have the time so as I've said before which seems to keep being passed over, having the *choice* is the key thing under discussion. Cheers, A. ---- _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
