Hello list,
I would like to ask about a behavior I found in Nessus and that I am not
sure if it is the expected.
I am running Nessus 3.0.4 over Linux Debian 3.1 (Sarge) and setup two
different scans, (1) with a target in the same network that the Nessus
engine and the other (2) with the target in a different network. Both
target IPs are not in use, so Nessus will get no answer at all from any
of them.
After running the scans and getting the results in XML format I found
that the <results></results> section is completely empty for scan (2)
but for the scan (1) I get:
<results>
<result>
<host name="10.1.0.201" ip="10.1.0.201"/>
<date>
<start>Wed Jan 17 09:56:04 2007</start>
<end>Wed Jan 17 09:56:11 2007</end>
</date>
<ports>
<port protocol="tcp">
<service name="general/tcp" method="nessus"
conf="3" />
<information>
<severity>Security Note</severity>
<id>10180</id>
<data>The remote host is considered as
dead - not scanning</data>
</information>
</port>
</ports>
</result>
</results>
Do you know why the difference? I guess it has to be with the fact that
the result for pinging both host is not the same: not event the ARP
request is answered for the local host, but packets to remote host are
directly sent to the default gateway.
I would like to get the same results for both cases, is that possible
with some configuration change?
Thank you!
--
Federico Petronio
[EMAIL PROTECTED]
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
