If you're running the scan from a command line, can't you specify the -V flag to see the attacks as they happen. This way, where it stops should be the plugin that caused the issue.
Brock Tucker ITS-OSB 314-335-8626 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Mc Grath Sent: Friday, October 05, 2007 6:35 AM To: George A. Theall Cc: [email protected] Subject: Re: debugging problems with Nessus On 10/5/07, George A. Theall <[EMAIL PROTECTED]> wrote: > On 10/05/07 06:51, Kevin Mc Grath wrote: > > > Performing a scan on a device. During the scan the device enters an > > error state, and the device is unreachable (ICMP Ping Monitor used to > > check device availability). But Nessus fails to see this and "appears" > > to continue scanning forever (must manually terminate the scan). > > Nessus has subjected the device to something serious, but the > > incomplete report indicates no security holes at this point. Is there > > an alternative way to pinpoint the exact plugin that caused this > > fault. > > Are you able to attach a console to the device and monitor a log while > the scan occurs? Are can you configure it to log events remotely to > another system and ensure its clock is accurate? > > How have you configured the Nessus scan; eg, what are you scanning and > have you enabled thorough tests? > > George > -- > [EMAIL PROTECTED] > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > Nothing has been logged in the nessusd.dump file since last month. The Nessus policy that the device is subjected to is simple. The policy is the default Nessus scan policy with "safe checks" disabled. So this infers that the device is susceptible to some DoS type of attack and most probably that some memory pool has been saturated which explains the error state. FYI, I had to manually sync the times. _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
