it's not a command line option :) you need to take your nessusrc and put in "no" for the plugin number that you don't want to use. then specify the nessusrc on the command line.
This is also an issue for those sites that block out accounts after failed login attempts and testing 50 passwords :) It's a six of one, half dozen of the other problem though. On 10/4/07, Burslan, Mel <[EMAIL PROTECTED]> wrote: > > > Still a nessus newbie here getting a lot of grief when I perform a > nessus scan and it attacks the unix servers with bogus usernames. I know > for a fact that, I do not have any unauthorized users and/or weak > passwords on my systems, as I have scripts running daily or more > frequently, checking against such incidences. I do not need nessus to > test this vulnerability. > > I am launching nessus from the linux command line as follows: > > /opt/nessus/bin/nessus -q nessus01 1241 adminuser adminpasswd > targetservers.lst scanresults.html > > I do not have a chance to get to a graphical interface to pick and > choose what will be scanned and what not, as these command line scan > directives will be launched from a cron job, periodically. > > So my exact question is, how can I add a switch to this command of mine > to tell nesses not to do the username attacking. > > Thanks for all the responses in advance. > > Mel > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > -- Doug Nordwall Unix, Network, and Security Administrator You mean the vision is subject to low subscription rates?!!? - Scott Stone, on MMORPGs
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
