>> I believe I have found a DoS with a proprietary application, caused
>> by the NASL Plugin ID 10330 "Services".
>Oh my, not again! :-)
Your response would indicate that plugin has a history.... ;-)
Or, are you recalling the btcpcom.nlm issue?
>> I am unable to identify this script in the plugins directory. Hence,
> >can anyone provide the script?
>10330 is one of the C-language plugins; it handles the basic service
>detection. If you're using 2.2.x and build from source, look for it
>under your source directory as
>nessus-plugins/plugins/find_service/find_service.c.
Thanks George,
Running Nessus version 3.0.3 on Linux release 2.6.13-15.16-smp (SUSE)
found the find_service.nes and find_service.nasl in
/opt/nessus/lib/nessus/plugins/
I'll check it out.
>George
>--
>[EMAIL PROTECTED]
>Le Tue, 18 Sep 2007 11:14:56 -0400,
>"Joel Elwell" <[EMAIL PROTECTED]> a ?crit :
>> I believe I have found a DoS with a proprietary application, caused
>> by the NASL Plugin ID 10330 "Services".
>As George said, this is find_service.nes, a C plugin.
>> My hope is to review the plugin script to understand how it may be
> >effecting the application.
>What are your settings ("Prefs") for find_service? Especially, did you
>enable SSL/TLS detection?
SSL detection is set for "Known Ports" only.
NESSUSRC
----snip------
Services[entry]:Number of connections done in parallel : = 6
Services[entry]:Network connection timeout : = 5
Services[entry]:Network read/write timeout : = 5
Services[entry]:Wrapped service read timeout : = 2
Services[radio]:Test SSL based services = Known SSL ports;None;All
----snip------
Joel
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
