I was curious as to the results of using or not using the following: Safe Checks, Paranoid, and "default" vs "1-65535" port range for scanning. Against 2 servers, I had the following results, against Windows servers, with a Windows Nessus 3.06 installation, registered plugins, updated today
With the presumption that a Paranoid, Safe Checks OFF scan would produce more data, I ran this test against 2 servers, once with default ports, one with 1-65535 Test 1: Paranoid ON, Safe Checks OFF, Default VS 1-65535 Result: More ports were found open in the full port range scan vs default: to be expected. No additional vulnerabilities were reported, however, so the additional port range *in this case* only increased scan time, without providing useful information. Test 2: Ports 1-65535, Safe Checks OFF: Paranoid vs Normal (Not paranoid) Paranoid resulted in a false positive WinSyslog (Plugin ID 11884) identification, and a false positive related to a Cisco Switch vulnerability (10682). Interestingly, the Normal test showed a false positive that Paranoid did not have, related to CON/AUX in http servers (10930). All except the Syslog were related to HP Insight Manager ports. Results were the same on both machines. Test 3: Ports 1-65535, Not Paranoid, Safe vs. Not Safe: The reports were identical, except, similar to above, Safe Checks OFF showed a false positive that Safe Checks ON did not have, related to CON/AUX in http servers (10930). So, in my case: Safe Checks, Normal produced the most reliable results. Default vs 1-65535 simply increased the scan time, but did not provide additional useful information -- though it's highly conceivable it might on different systems. Event logs were checked and no reboots, system crashes, application hangs, or other problems were identified during any of the testing. Would be interested in hearing results of similar testing by others. Thanks, Mike
<<image/gif>>
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
