I will need to exclude one specific port from my Nessus scans, based on
a test scan that I ran today. Of course I haven't been told which port
yet J
I've been trying to figure out the best way to do this.
I'm running Nessus version 3.0.6.1 W321, on Windows 2003, SP2.
I've verified (I think) that if I edit the setting in my policy for
"Port range to scan" from 'default' to say '137-139', and check the box
for consider unscanned ports as closed, it will only scan 137-139.
But from what I understand, the 'default' setting isn't just 1-65535. It
is 1-1024, plus all of the ports in services.txt file located under
Program Files\Tenable\Nessus\Services\, correct?
So say I want to exclude port 5000. I could edit the Port range to scan
to 1-4999, 5001-65535. But since the services.txt file only includes
7472 ports above 1024 (I dumped it into Excel), I'd be scanning an extra
57000 ports unnecessarily to exclude one.
So I tried editing the services.txt file to just include 137-139, for my
test. That didn't work though, it scanned like normal. Is there another
file I should be editing?
Or more importantly, is there any simple way to have Nessus exclude one
or a few specific ports (and all associated plugins), without scanning
more than the default ports?
Thanks for any help, it's greatly appreciated.
--Joe
Joe Dimino
This message and the information contained herein is proprietary and
confidential and subject to the Amdocs policy statement,
you may review at http://www.amdocs.com/email_disclaimer.asp
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
