On Mar 13, 2008, at 4:34 PM, Yanyan Wang wrote: > 1. Disable Nikto from plugins, result shows there are 2 high vul. 0 > medium vul... > 2. Enable Nikto from plugins, the report is identical in 1. > 3. Enable Nikto from plugins and plugins preference, result shows 2 > high vul. and 3 medium risks.
By "plugins preference", you mean the "Enable Nikto" preference, right? > 4. Disable Nikto from plugins, the result is identical as in 3. > 5. Disable Nikto from plugins and preferences, the result is still > the same as in 3. > > kb_restore is disabled. I did not find 14260 or Nikto in any of the > report. Can someone please explain a few questions I have? > > 1. Why step 1 to step 2 didn't differ, but step 2 to 3 did? Step 1 and 2 would be the same because you need to not only enable the Nikto plugin but also check the "Enable Nikto" plugin preference. Step 2 and 3... I'm not sure. Which plugins reported problems in #3 versus #2 or #1? > 2. Why step 3, 4, 5 are identical? The Nikto plugin issues a security note, indicating a low-risk vulnerability. If you're truly ignoring low-risk ones as you appear to be, that could explain why 3, 4, and 5 give you the same results. > 3. Is Nikto indeed working? If it does, shouldn't I see the ID no. > from the report? Yes, you should see the plugin id in the report as long as the plugin produced some output. Note that this will not happen if Nikto exits with an error of some type. Have you looked in the Nessus server's logs to see what if anything it says about Nikto? You may need to edit your policy to enable "Log details of the scan on the server" (under "Options"). George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
