Dear access-list, Nessus 3.2.1.1 for Windows fixes an issue where Nessus incorrectly fails to determine if a remote his is indeed up.
You may also be in a situation where ports are filtered by the VPN (even though you say that aren't). You should try the scan with pinging of the remote host disabled. Ron Gula Tenable Network Security [EMAIL PROTECTED] wrote: > I have a remote server that i would like to scan. The remote subnet is > 192.168.100.0/24. However when I connect to the remote subnet via the cisco > VPN I am provided a dhcp address of 192.168.3.3/24. These are obviously > different subnets but the cisco VPN handles the two subnets seamlessly such > that a tracert from 192.168.3.3 to 192.168.100.226 yields only one hop.Note > that there is no gateway provided by the VPN DHCP. > > Ethernet adapter Local Area Connection 2: > > Connection-specific DNS Suffix . : xxx.com > IP Address. . . . . . . . . . . . : 192.168.3.3 > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > Default Gateway . . . . . . . . . : > > C:\Documents and Settings\a>tracert 192.168.100.226 > > Tracing route to 192.168.100.226 over a maximum of 30 hops > > 1 63 ms 68 ms 72 ms 192.168.100.226 > > Trace complete. > > C:\Documents and Settings\a> > > The connectivity is there and I have full access to the subnet (no acls). > However it appears that nessus does not like the fact it cannot find the > logical default gateway of my subnet. see the log file below. How can I > scan this subnet through the VPN? See the first line. > > [Tue Jul 29 22:28:09 2008][3064] Can not get mac address of gateway 0.0.0.0 > [Tue Jul 29 22:28:09 2008][3064] user marcus : testing 192.168.100.226 > (192.168.100.226) [3064] > [Tue Jul 29 22:28:09 2008][3064] Scan 192.168.100.226 using 22302 plugins > [Tue Jul 29 22:28:09 2008][3064] user marcus : launching > clrtxt_proto_settings.nasl against 192.168.100.226 [1] > [Tue Jul 29 22:28:09 2008][3064] user marcus : launching > dont_scan_settings.nasl against 192.168.100.226 [2] > [Tue Jul 29 22:28:09 2008][3064] user marcus : launching ssh_settings.nasl > against 192.168.100.226 [3] > [Tue Jul 29 22:28:09 2008][3064] clrtxt_proto_settings.nasl (process 1) > finished its job against 192.168.100.226 in 0.020 seconds > [Tue Jul 29 22:28:09 2008][3064] dont_scan_settings.nasl (process 2) finished > its job against 192.168.100.226 in 0.020 seconds > [Tue Jul 29 22:28:09 2008][3064] ssh_settings.nasl (process 3) finished its > job against 192.168.100.226 in 0.000 seconds > [Tue Jul 29 22:28:09 2008][3064] user marcus : launching snmp_settings.nasl > against 192.168.100.226 [4] > [Tue Jul 29 22:28:13 2008][3064] snmp_settings.nasl (process 4) finished its > job against 192.168.100.226 in 3.154 seconds > [Tue Jul 29 22:28:13 2008][3064] user marcus : launching ping_host.nasl > against 192.168.100.226 [5] > [Tue Jul 29 22:28:16 2008][3064] ping_host.nasl (process 5) finished its job > against 192.168.3.3 in 3.044 seconds > [Tue Jul 29 22:28:16 2008][3064] user marcus : launching > dont_scan_printers.nasl against 192.168.100.226 [6] > [Tue Jul 29 22:28:16 2008][3064] The remote host (192.168.100.226) is dead > [Tue Jul 29 22:28:16 2008][3064] Finished testing 192.168.100.226. Time : > 6.629 secs, 6 plugins launched > [Tue Jul 29 22:28:16 2008][3064] 1 hosts scanned > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
