Okay, i have written a script to look if there is a "safe_checks()“ in a NVT an 
which category it is.
the first numbers are the scripts with safe_checks, the second the total number 
of NVTs.
ACT_SETTINGS=1/17
ACT_GATHER_INFO=21/33070
ACT_FLOOD=0/4
ACT_KILL_HOST=1/17
ACT_DENIAL=44/290
ACT_ATTACK=59/1861
ACT_INIT=83/176
ACT_SCANNER=4/15
ACT_DESTRUCTIVE_ATTACK=3/46
ACT_MIXED_ATTACK=101/114
ACT_END=2/18

so, if ACT_DESTRUCTIVE_ATTACK, ACT_KILL_HOST and ACT_DENIAL are not executed, 
why are there safe_checks?
if they are executed and test with if(safe_checks()) if they should run or not, 
why is not in every dangerous NVT a safe_checks?

i was also looking into the nessus network auditing pdf, but i haven’t found a 
satisfying answer…

Thanks,
Rene


Am 03.08.2014 um 18:57 schrieb Jan-Oliver Wagner 
<[email protected]>:

> Am Samstag, 2. August 2014, 20:30:14 schrieb Rene Behring:
>> Hey,
>> i thought, when safe_checks are enabled, all nvts are executed expect
>> ACT_DENIAL, ACT_KILL_HOST, ACT_DESTRUCTIVE_ATTACK and ACT_FLOOD. And in
>> the category ACT_MIXED_ATTACK its only looking for banners when
>> safe_checks are enabled and its attacking when not.
>> 
>> but in some nvts is a „if(safe_checks())“, even in some ACT_GATHER_INFO.
>> so which exactly are executed and which not?
> 
> well, if safe checks are enabled, those are not executed:
> 
> ACT_DESTRUCTIVE_ATTACK, ACT_KILL_HOST, ACT_FLOOD and ACT_DENIAL
> and all NVTs that use the conditional. In some NVTs that might be only parts 
> of
> the NVT not the full NVT.
> 
> 
> -- 
> Dr. Jan-Oliver Wagner |  ++49-541-335084-0  |  http://www.greenbone.net/
> Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR 
> B 
> 202460
> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> _______________________________________________
> Openvas-discuss mailing list
> [email protected]
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Reply via email to