Hi Kevin,
On Apr 28, 2008, at 12:36 PM, Kevin Chak wrote:
Hi,
I have questions on some plugins' outputs.
I've tried the plugins for OS identification. However, I got a weird
case. If I do scanning with the plugin 'os identification'(#11936)
only, I get the reports on the remote hosts; if I enable all the
individual os identification plugins(HTTP, uname, RDP, etc.) except
#11936 one, I get 'No Vulnerability Found'. #11936 plugin have
identified my two remote hosts by using uname and LinuxDistribution.
I tried only turning on the plugins of these two methods and scan,
but I still got 'No Vulnerability Found'. What's wrong with that?
This is the expected behavior. Basically, plugin #11936 uses the
results of all the other plugins which are silent. If you want to only
enable a given method (say, HTTP only), you'd need to disable the
automatic dependencies option, and you'd need to enable plugin #11936
in addition to the detection method you wish to use.
Another question is about service identification. I've tried using
the plugin 'Identify unknown service with GET'(#17975) and 'Service
identification (2nd pass)'(#11153) to scan my hosts, but I got 'No
Vulnerability Found'. Do I suppose to get some results?
Did you enable a port scanner ? You need to select one if you want
service detection to take place. You also want to enable plugin#10330
(Find services).
-- Renaud
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
