Hello everybody, So I do have the latest and greatest nessus scanner for Windows (3.0.5) and I am using it with nessj front end.
However, I have noticed that when I apply a "reject xx.xx.xx.xx" rule, the xx.xx.xx.xx host still gets scanned. In other words- the scanner ignores the rules. Looking in the Nessus log I see this: 2007-04-05 14:02:48 -0400, Client, <|> CLIENT 2007-04-05 14:02:48 -0400, Client, CLIENT <|> RULES <|> 2007-04-05 14:02:48 -0400, Client, reject 10.1.1.10 2007-04-05 14:02:48 -0400, Client, <|> CLIENT 2007-04-05 14:02:48 -0400, Client, CLIENT <|> LONG_ATTACK <|> 2007-04-05 14:02:48 -0400, Client, 14 2007-04-05 14:02:48 -0400, Client, 10.1.1.10, 2007-04-05 14:02:48 -0400, Server, SERVER <|> PREFERENCES_ERRORS <|> 2007-04-05 14:02:48 -0400, Server, <|> SERVER 2007-04-05 14:02:48 -0400, Server, SERVER <|> TIME <|> SCAN_START <|> Thu Apr 05 14:02:48 2007 <|> SERVER 2007-04-05 14:02:53 -0400, Server, SERVER <|> TIME <|> HOST_START <|> 10.1.1.10 <|> Thu Apr 05 14:02:53 2007 <|> SERVER 2007-04-05 14:02:53 -0400, Server, SERVER <|> TIME <|> HOST_START <|> 10.1.1.10 <|> Thu Apr 05 14:02:53 2007 <|> SERVER 2007-04-05 14:02:54 -0400, Server, s:a:10.1.1.10:1:3149 2007-04-05 14:02:57 -0400, Server, s:a:10.1.1.10:32:3149 2007-04-05 14:03:00 -0400, Server, s:a:10.1.1.10:65:3149 2007-04-05 14:03:03 -0400, Client, CLIENT <|> STOP_WHOLE_TEST <|> CLIENT 2007-04-05 14:03:04 -0400, Server, SERVER <|> TIME <|> SCAN_END <|> Thu Apr 05 14:03:04 2007 <|> SERVER 2007-04-05 14:03:04 -0400, Server, SERVER <|> BYE <|> BYE <|> SERVER I can see that the rule "reject 10.1.1.10 is passed to the server, but the scan still occurs. Any ideas? Thank you AJ
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
