> I'm not clear ... did you enable any plugins other than the scanners? > Does the same occur if you do a port scan with something like nmap?
Sorry I didn't make that clearer. I was running all plugins allowed by safe checks. In addition, I had disabled all local checks for all OS. I attempted to reproduce the fault with nmap using every scan type. None of the nmap scans resulted in the phones rebooting. > What I've observed in the past is that enabling the global variable > setting "Thorough tests" can also cause problems because some service > detection plugins will send packets to any port that's flagged as an > unknown service, not just those commonly associated with it. Thorough checks were not enabled. > You could look in the Nessus server log, > /opt/nessus/var/nessus/logs/nessusd.messages, provided you have > 'log_whole_attack' set to 'yes' in Nessus' config file so that you're > logging details of the attack. > > Alternatively, you might be able to look at the packet capture you have, > find when a target stops responding, and see what was being sent before > that. Somehow I knew you were going to say that ;) However, it doesn't hurt to ask for an easy solution before beginning the brain-numbing task of parsing .messages or analyzing packet traces! > > > George > -- > [EMAIL PROTECTED] > > > ------------------------------ > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > > End of Nessus Digest, Vol 49, Issue 11 > ************************************** _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
