Dear All,
Waiting for your comment on below issue???
Regards
Santosh
From: SantoshKumar_Mishra
Sent: Thu 12/27/2007 1:33 PM
To: Renaud Deraison (lists); Nessus List
Subject: RE: * not found in current plugin list *
Dear All,
I follow the solution advised with the trailing mail,
"When the scan is finished, go into the 'Report' tab, select the report you
want in the drop down menu at the top of the window, and click on the 'Export'
button which is next to it."
but the report coming by using the Nessus Client 3.0.0 is as shown below:
==================================================================================
List of hosts
00.02.55.df.c4.c5
<file:///C:/Documents%20and%20Settings/Administrator/Local%20Settings/Temp/Temporary%20Directory%201%20for%20Test.zip/Test.html#toc_00.02.55.df.c4.c5>
Medium Severity problem(s) found
________________________________
00.09.6b.b0.0c.91
<file:///C:/Documents%20and%20Settings/Administrator/Local%20Settings/Temp/Temporary%20Directory%201%20for%20Test.zip/Test.html#toc_00.09.6b.b0.0c.91>
Medium Severity problem(s) found
[^] Back
<file:///C:/Documents%20and%20Settings/Administrator/Local%20Settings/Temp/Temporary%20Directory%201%20for%20Test.zip/Test.html#toc>
00.02.55.df.c4.c5
Scan time :
Start time : Tue Dec 11 14:45:54 2007
End time : Tue Dec 11 14:49:27 2007
Number of vulnerabilities :
Open ports : 17
Low : 27
Medium : 1
High : 0
________________________________
Information about the remote host :
Operating system : Microsoft Windows 2003 Server Service Pack 1
NetBIOS name : BHARTI_FPS
DNS name : bharti_fps.bcldelhi.com.
[^] Back to 00.02.55.df.c4.c5
<file:///C:/Documents%20and%20Settings/Administrator/Local%20Settings/Temp/Temporary%20Directory%201%20for%20Test.zip/Test.html#toc_00.02.55.df.c4.c5>
Port vopied (13783/tcp)
[^] Back to 00.02.55.df.c4.c5
<file:///C:/Documents%20and%20Settings/Administrator/Local%20Settings/Temp/Temporary%20Directory%201%20for%20Test.zip/Test.html#toc_00.02.55.df.c4.c5>
Port general/udp
Traceroute
For your information, here is the traceroute from 10.24.41.15 to 10.24.41.12 :
10.24.41.15
10.24.41.12
Nessus ID : 10287
<http://www.nessus.org/plugins/index.php?view=single&id=10287>
[^] Back to 00.02.55.df.c4.c5
<file:///C:/Documents%20and%20Settings/Administrator/Local%20Settings/Temp/Temporary%20Directory%201%20for%20Test.zip/Test.html#toc_00.02.55.df.c4.c5>
Port general/icmp
icmp timestamp request
Synopsis :
It is possible to determine the exact time set on the remote host.
Description :
The remote host answers to an ICMP timestamp request. This allows an
attacker to know the date which is set on your machine.
This may help him to defeat all your time based authentication
protocols.
Solution :
Filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).
Risk factor :
None
Plugin output :
The ICMP timestamps seem to be in little endian format (not in network format)
The difference between the local and remote clocks is -955 seconds
CVE : CVE-1999-0524
Nessus ID : 10114
<http://www.nessus.org/plugins/index.php?view=single&id=10114>
=================================================================================
Whereas the report I was getting by using NessusClientWX, it was entirally
different. That html report was including the information about Scan
configuration, Preferences settings for this scan, Summary of scanned hosts
etc. The format of report using NessusClientWX was as below:
===========================================================
Network Vulnerability Assessment Report 11.12.2007
Sorted by host names
Session name: new Start Time: 11.12.2007 18:01:10
Finish Time: 11.12.2007 18:03:06
Elapsed: 0 day(s) 00:01:55
Total records generated: 19
high severity: 0
Medium severity: 1
informational: 18
Scan configuration
Plugins used in this scan
Id Name
28399 AIX 530003 : U802443
28655 AIX 520009 : U808206
28911 AIX 530007 : U811497
29167 AIX 520010 : U814071
28398 AIX 530003 : U802441
28654 AIX 520009 : U808205
28910 AIX 530007 : U811496
29166 AIX 520010 : U814070
28397 AIX 530003 : U802440
28653 AIX 520009 : U808201
28909 AIX 530007 : U811495
29165 AIX 520010 : U814069
Preferences settings for this scan
max_hosts 16
max_checks 10
checks_read_timeout 5
plugins_timeout 120
port_range 0-65535
non_simult_ports 139,445
auto_enable_dependencies no
silent_dependencies yes
optimize_test yes
unscanned_closed no
safe_checks yes
nasl_no_signature_check no
Report verbosity Normal
server_info_nessusd_version 3.0.6
server_info_libnasl_version 3.0.6
server_info_libnessus_version 3.0.6
server_info_os Windows
reverse_lookup no
cgi_path /cgi-bin
ntp_keep_communication_alive yes
ntp_opt_show_end yes
save_session yes
save_knowledge_base yes
detached_scan no
continuous_scan no
Summary of scanned hosts
Host Holes Warnings Open ports State
10.14.42.245 0 1 8 Finished
========================================================================
Request you all to please go through with the details given with this mail and
give / arrange to give some appropriate solution for the same.
Regards
Santosh
________________________________
From: [EMAIL PROTECTED] on behalf of Renaud Deraison (lists)
Sent: Wed 12/19/2007 2:23 PM
To: Nessus List
Subject: Re: * not found in current plugin list *
On Dec 19, 2007, at 8:31 AM, SantoshKumar_Mishra wrote:
Hi,
Using NessusClient 3.0.0, we are not able to get the scan files in html
format. Please tell us from where we can get / save the report in html format
as we were getting using NessusWX.
When the scan is finished, go into the 'Report' tab, select the report you want
in the drop down menu at the top of the window, and click on the 'Export'
button which is next to it.
-- Renaud
DISCLAIMER:
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND PRIVATE
COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact the
sender by email and delete all copies; your cooperation in this regard is
appreciated.
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
