I have brought down many more servers this month than I ever did in the past even though I had disabled DoS. What went wrong? Thank you.
YanYan
# This file was automagically created by OpenVAS-Client begin(SERVER_PREFS) max_hosts = 200 max_checks = 10 cgi_path = /cgi-bin:/scripts port_range = default auto_enable_dependencies = yes silent_dependencies = yes host_expansion = ip ping_hosts = no reverse_lookup = no optimize_test = yes safe_checks = yes use_mac_addr = no unscanned_closed = no save_knowledge_base = no only_test_hosts_whose_kb_we_dont_have = no only_test_hosts_whose_kb_we_have = no kb_restore = no kb_dont_replay_scanners = no kb_dont_replay_info_gathering = no kb_dont_replay_attacks = no kb_dont_replay_denials = no kb_max_age = 864000 slice_network_addresses = no plugin_upload_suffixes = .nasl, .nasl3, .inc, .inc3, .nbin plugin_upload = yes plugins_timeout = 320 non_simult_ports = 139, 445 checks_read_timeout = 5 language = english log_whole_attack = yes throttle_scan = yes auto_update_delay = 24 auto_update = yes purge_plugin_db = no end(SERVER_PREFS) begin(CLIENTSIDE_USERRULES) end(CLIENTSIDE_USERRULES) begin(PLUGINS_PREFS) Login configurations[entry]:FTP account : = anonymous Login configurations[password]:FTP password (sent in clear) : = [EMAIL PROTECTED] Login configurations[entry]:FTP writeable directory : = /incoming Login configurations[radio]:SMB password type : = Password;NTLM Hash;LM Hash Login configurations[checkbox]:Never send SMB credentials in clear text = yes Login configurations[checkbox]:Only use NTLMv2 = no Cleartext protocols settings[checkbox]:Try to perform patch level checks over telnet = no Cleartext protocols settings[checkbox]:Try to perform patch level checks over rsh = no Cleartext protocols settings[checkbox]:Try to perform patch level checks over rexec = no SMB use host SID to enumerate local users[entry]:Start UID : = 1000 SMB use host SID to enumerate local users[entry]:End UID : = 1200 Global variable settings[checkbox]:Enable CGI scanning = yes Global variable settings[radio]:Network type = Mixed (use RFC 1918);Private LAN; Public WAN (Internet) Global variable settings[checkbox]:Enable experimental scripts = no Global variable settings[checkbox]:Thorough tests (slow) = yes Global variable settings[radio]:Report verbosity = Verbose;Normal;Quiet Global variable settings[radio]:Report paranoia = Avoid false alarms;Normal;Paranoid (more false alarms) Global variable settings[radio]:Log verbosity = Verbose;Quiet;Debug;Normal Global variable settings[entry]:Debug level = 0 Global variable settings[entry]:HTTP User-Agent = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Do not scan fragile devices[checkbox]:Scan Network Printers = no Do not scan fragile devices[checkbox]:Scan Novell Netware hosts = no Services[entry]:Number of connections done in parallel : = 6 Services[entry]:Network connection timeout : = 5 Services[entry]:Network read/write timeout : = 5 Services[entry]:Wrapped service read timeout : = 2 Services[radio]:Test SSL based services = Known SSL ports;All;None SNMP settings[entry]:Community name : = public SNMP settings[entry]:UDP port : = 161 SMB use domain SID to enumerate users[entry]:Start UID : = 1000 SMB use domain SID to enumerate users[entry]:End UID : = 1200 HTTP login page[entry]:Login page : = / HTTP login page[entry]:Login form fields : = user=%USER%&pass=%PASS% Kerberos configuration[entry]:Kerberos KDC Port : = 88 Kerberos configuration[radio]:Kerberos KDC Transport : = udp;tcp Oracle settings[checkbox]:Test default accounts (slow) = yes Unknown CGIs arguments torture[checkbox]:Send POST requests = yes SMB Scope[checkbox]:Request information about the domain = yes SSH settings[entry]:SSH user name : = root Misc information on News server[entry]:From address : = Nessus <[EMAIL PROTECTED]> Misc information on News server[entry]:Test group name regex : = f[a-z]\.tests? Misc information on News server[entry]:Max crosspost : = 7 Misc information on News server[checkbox]:Local distribution = yes Misc information on News server[checkbox]:No archive = no SMTP settings[entry]:Third party domain : = example.com SMTP settings[entry]:From address : = [EMAIL PROTECTED] SMTP settings[entry]:To address : = [EMAIL PROTECTED] Web mirroring[entry]:Number of pages to mirror : = 200 Web mirroring[entry]:Start page : = / Ping the remote host[entry]:TCP ping destination port(s) : = built-in Ping the remote host[checkbox]:Do an ARP ping = yes Ping the remote host[checkbox]:Do a TCP ping = yes Ping the remote host[checkbox]:Do an ICMP ping = no Ping the remote host[entry]:Number of retries (ICMP) : = 6 Ping the remote host[checkbox]:Do an applicative UDP ping (DNS,RPC...) = yes Ping the remote host[checkbox]:Make the dead hosts appear in the report = yes Ping the remote host[checkbox]:Log live hosts in the report = yes Ping the remote host[checkbox]:Test the local Nessus host = yes Nessus TCP scanner[checkbox]:Scan ports in random order = yes Nessus TCP scanner[checkbox]:Detect RST rate limitation = yes Nessus TCP scanner[checkbox]:Detect firewall = yes Nessus TCP scanner[checkbox]:Network congestion detection = yes Global variable settings[checkbox]:Do not log in with user accounts not specified in the policy = no Web mirroring[checkbox]:Follow dynamic pages : = yes Global variable settings[checkbox]:Probe services on every port = yes Service detection[entry]:Number of connections done in parallel : = 10 Service detection[entry]:Network connection timeout : = 5 Service detection[entry]:Network read/write timeout : = 5 Service detection[radio]:Test SSL based services = All;Known SSL ports;None Nikto (NASL wrapper)[checkbox]:Enable Nikto = yes Nikto (NASL wrapper)[radio]:Scan CGI directories = All;User supplied;None Nikto (NASL wrapper)[checkbox]:Single request monde = no Nikto (NASL wrapper)[checkbox]:Display: 1 Show redirects = no Nikto (NASL wrapper)[checkbox]:Display: 2 Show cookies received = no Nikto (NASL wrapper)[checkbox]:Display: 3 Show all 200/OK responses = no Nikto (NASL wrapper)[checkbox]:Display: 4 Show URLs which require authentication = no Nikto (NASL wrapper)[checkbox]:Display: D Debug Output = no Nikto (NASL wrapper)[checkbox]:Display: V Verbose Output = no Nikto (NASL wrapper)[checkbox]:Tuning: 1 Interesting File / Seen in logs = no Nikto (NASL wrapper)[checkbox]:Tuning: 2 Misconfiguration / Default File = no Nikto (NASL wrapper)[checkbox]:Tuning: 3 Information Disclosure = no Nikto (NASL wrapper)[checkbox]:Tuning: 4 Injection (XSS/Script/HTML) = no Nikto (NASL wrapper)[checkbox]:Tuning: 5 Remote File Retrieval - Inside Web Root = no Nikto (NASL wrapper)[checkbox]:Tuning: 6 Denial of Service = no Nikto (NASL wrapper)[checkbox]:Tuning: 7 Remote File Retrieval - Server Wide = no Nikto (NASL wrapper)[checkbox]:Tuning: 8 Command Execution / Remote Shell = no Nikto (NASL wrapper)[checkbox]:Tuning: 9 SQL Injection = no Nikto (NASL wrapper)[checkbox]:Tuning: 0 File Upload = no Nikto (NASL wrapper)[checkbox]:Tuning: a Authentication Bypass = no Nikto (NASL wrapper)[checkbox]:Tuning: b Software Identification = no Nikto (NASL wrapper)[checkbox]:Tuning: c Remote Source Inclusion = no Nikto (NASL wrapper)[checkbox]:Tuning: x Reverse Tuning Options (i.e., include all except specified) = no Nikto (NASL wrapper)[checkbox]:Mutate: 1 Test all files with all root directories = no Nikto (NASL wrapper)[checkbox]:Mutate: 2 Guess for password file names = no Nikto (NASL wrapper)[checkbox]:Mutate: 3 Enumerate user names via Apache (/~user type requests) = no Nikto (NASL wrapper)[checkbox]:Mutate: 4 Enumerate user names via cgiwrap (/cgi-bin/cgiwrap/~user type requests) = no Nessus TCP scanner[radio]:Firewall detection : = Automatic (normal);Disabled (softer);Do not detect RST rate limitation (soft);Ignore closed ports (aggressive) SSH settings[radio]:Elevate privileges with : = Nothing;sudo;su SSH settings[entry]:Preferred SSH port : = 22 end(PLUGINS_PREFS)
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
