Le Tue, 13 May 2008 14:06:38 -0700 (PDT), Larry Petty <[EMAIL PROTECTED]> a écrit :
> I should have mentioned that these are external scans. So ARP ping is useless. > If I do not enable pings, Nessus finds them just fine. Because it just consider that every IP is up, without checking. > Some of the hosts missed with TCP ping enabled have both port 80 and > 443 open. Are they protected by a firewall? The SYN packets sent by ping_host are slightly different from the SYN packets sent by common modern TCP/IP stacks. I know at least one brand of firewalls that trash such "non standard" packets, thus disrupting Nessos (and Nmap) ping. I suspect however that they may also break some old TCP/IP clients, or specially tuned clients. I wrote once a quick & (very) dirty hack to circumvent such firewalls -- as it was really ugly, it was never sent to the CVS. > I've enabled "extended" and running a test. Can you explain what the > extended option does? It sends SYN packets to more ports. And more slowly too. Have a look at the source code, the list of ports is written there. _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
