Re: Question concering how nessus works when servicing are not running on their standard ports

[John Cooper <john_at_rootsystems.nl>]

Pavel,

I run SSH on port 80 and 22 to transverse a port based corporate firewall 
I find myself frequently behind.... Nessus reports the same for both ports 
( states that an ssh server is running on port 80, test 10330 services) so 
with runtime dependencies enabled Nessus will perform all other tests 
concerning SSH.

I hope this helps

John Cooper


On Wed, 25 Feb 2004, Pavel Kankovsky wrote:

> Date: Wed, 25 Feb 2004 13:52:09 +0100 (MET)
> From: Pavel Kankovsky <peak_at_argo.troja.mff.cuni.cz>
> To: nessus_at_list.nessus.org
> Subject: Re: Question concering how nessus works when servicing are not
>     running on their standard ports
> 
> On Wed, 25 Feb 2004, Ashutosh Naik wrote:
> 
> > Say, I run both http and smtp on port 80,
> 
> You cannot do it because HTTP is "clients speaks first" while SMTP is
> "server speaks first". (Well, you could do it if your server waited for a
> HTTP request for some resonably short time and switched to SMTP mode and
> sent SMTP hello afterwards. But such an approach would be rather unreliable
> and SMTP would be slow.)
> 
> > then does the find_service populate the kb with items corresponding to
> > both the services?
> 
> AFAICT, it would detect only one of those services (the "more
> obvious" one).
> 
> It might be possible to probe every known service on every open port but
> such an approach would be 1. very slow, 2. very noisy, 3. very likely to
> upset the "Nessus is evil because it killed my mission critical service"
> crowd <g>.
> 
> --Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
> "Resistance is futile. Open your source code and prepare for assimilation."
> 
> _______________________________________________
> Nessus mailing list
> Nessus_at_list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>