Sorry, I meant to say more before I sent the email. I have it working. Thanks for pointing out the SCANNER_PREFS
I've enabled SYN scanning. We are using tarpits on specific addresses which are in the exclude list for the scans so I'm not using that one. Thanks for the advice about which ones to set. Tim Doty -----Original Message----- From: Michel Arboi [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 10, 2006 3:01 AM To: Doty, Timothy T. Cc: Nessus List Subject: Re: Port scan results On Tue Oct 10 2006 at 00:33, Doty, Timothy T. wrote: > There are 11219 (TCP SYN scan), 10180 (TCP scan) You should enable at least one of them. > 10796 (labrea tarpit) This one can be useful if you have a Labrea on your network. Anyway, it cannot be bad. > 14272 (netstat 'scanner'), 14274 (nessus snmp scanner) These one are quick and can be enabled, unless you do not want to scan the whole port range. > and 11840 (exclude some IPs from scan). If you scan a LAN that uses public IP addresses (instead of RFC 1918), disable it.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
