On Nov 11, 2008, at 11:49 PM, Michael Condon wrote: > In scan.log there is a key phrase: "the remote host (ip address) is > dead. > I know that it indeed is not > Any suggestions on how to remediate the problem?
Given that you know it's not dead, this usually is a problem caused by ping_host.nasl so I would recommend looking at how you have that plugin configured in your scan. Look under the Advanced tab of your scan policy, under the "Ping the remote host" pull-down menu. First, check whether it's configured to do an ARP ping. The plugin will only try to do an ARP ping if a target is on the local network and is not the localhost. If so, by default the plugin will try do this first; if it fails, the host will be marked as dead. Next, check if it's configured to do a TCP ping and, if so, the TCP ping destination port(s). Make sure at least one of those is open or the host sends back an RST in response to a SYN packet. You can either specific a list of ports or use the keywords "built-in" or "extended", both of which are described in the source to the plugin itself. George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
