Forcing a Scan of Previously Scanned Hosts
Eric
eric-list-nessus at catastrophe.net
Mon Sep 15 21:52:57 EDT 2003
Hello,
I'm running a scan against a /16 checking for the MS03-039
vulnerability. A couple days ago, I ran the entire scan and it
came back with about 3000 hosts vulnerable. The scan was conducted
in the following manner..
# nessus -q -T nbe -c ms03-039.rc localhost 1241 \
username password network.txt results.nbe
# cat network.txt
172.16.0.0/16
Unfortunately, all I see in the log is the following
# tail /usr/local/nessus/var/nessus/logs/nessus.log
[Mon Sep 15 20:42:32 2003][9829] user username : new KB will be saved
as /usr/local/nessus/var/nessus/users/username/kbs/172.16.0.106
[Mon Sep 15 20:42:32 2003][31532] user username : new KB will be
saved as /usr/local/nessus/var/nessus/users/username/kbs/172.16.0.7
Is there anyway to force the scan to run again on already-scanned
hosts while keeping a record of each host? Here is my .rc file for
the scan, as well as my server config -- thank you in advance for
any pointers. Maybe I'm just braindead from all of the activity in
the past month :-\
# cat ms03-039.rc
# This file was automagically created by nessus
trusted_ca = /path/to/nessus.pem
nessusd_host = localhost
nessusd_user = username
paranoia_level = 1
begin(SCANNER_SET)
10180 = yes
10277 = no
10278 = no
10331 = no
10335 = no
10841 = no
10336 = no
10796 = no
11219 = no
end(SCANNER_SET)
begin(SERVER_PREFS)
max_hosts = 192
max_checks = 128
log_whole_attack = yes
cgi_path = /cgi-bin:/scripts:/c:/msadc:/
port_range = 1-65535
optimize_test = yes
language = english
checks_read_timeout = 5
non_simult_ports = 139, 445
plugins_timeout = 220
safe_checks = yes
auto_enable_dependencies = no
use_mac_addr = no
save_knowledge_base = yes
kb_restore = no
only_test_hosts_whose_kb_we_dont_have = no
only_test_hosts_whose_kb_we_have = no
kb_dont_replay_scanners = no
kb_dont_replay_info_gathering = no
kb_dont_replay_attacks = no
kb_dont_replay_denials = no
kb_max_age = 10
plugin_upload = no
plugin_upload_suffixes = .nasl
admin_user = root
save_session = yes
save_empty_sessions = no
host_expansion = ip
ping_hosts = yes
reverse_lookup = no
detached_scan = no
continuous_scan = no
unscanned_closed = no
diff_scan = no
slice_network_addresses = no
end(SERVER_PREFS)
begin(SERVER_INFO)
server_info_nessusd_version = 2.0.7
server_info_libnasl_version = 2.0.7
server_info_libnessus_version = 2.0.7
server_info_thread_manager = fork
server_info_os = OpenBSD
server_info_os_version = 3.3
end(SERVER_INFO)
begin(RULES)
end(RULES)
begin(PLUGIN_SET)
10427 = no
11017 = no
10766 = no
10804 = no
11265 = no
10311 = no
11341 = no
10680 = no
11100 = no
11727 = no
11006 = no
11679 = no
10474 = no
10086 = no
10252 = no
10374 = no
10672 = no
10856 = no
10098 = no
10597 = no
11049 = no
10345 = no
10036 = no
11759 = no
10666 = no
11044 = no
11793 = no
11751 = no
11590 = no
11389 = no
10266 = no
11052 = no
11470 = no
10702 = no
11646 = no
10507 = no
10816 = no
10756 = no
10648 = no
11136 = no
11334 = no
11160 = no
11220 = no
11661 = no
11835 = yes
10984 = no
10323 = no
10483 = no
11767 = no
10357 = no
11373 = no
11292 = no
10401 = no
11347 = no
10863 = no
11402 = no
10870 = no
10289 = no
11427 = no
11353 = no
11739 = no
11225 = no
11562 = no
10652 = no
11131 = no
11623 = no
11476 = no
11359 = no
10891 = no
10416 = no
11678 = no
10109 = no
11625 = no
11425 = no
10546 = no
10200 = no
10145 = no
10830 = no
10935 = no
10755 = no
11376 = no
10708 = no
10808 = no
10384 = no
10547 = no
10865 = no
11257 = no
10455 = no
10921 = no
11127 = no
10567 = no
10736 = no
11221 = no
10171 = no
11700 = no
10365 = no
11323 = no
11390 = no
11637 = no
11800 = no
11452 = no
10372 = no
10650 = no
10470 = no
10308 = no
10936 = no
11540 = no
10510 = no
11504 = no
11563 = no
10029 = no
11258 = no
11534 = no
10551 = no
11473 = no
10929 = no
11211 = no
10701 = no
10703 = no
11377 = no
10739 = no
11015 = no
11723 = no
11050 = no
11135 = no
10705 = no
11058 = no
10831 = no
11138 = no
10123 = no
11628 = no
10225 = no
10746 = no
11424 = no
11022 = no
11481 = no
10538 = no
11069 = no
11410 = no
11230 = no
10641 = no
11331 = no
11728 = no
10411 = no
11618 = no
10148 = no
11012 = no
10678 = no
11771 = no
10247 = no
10787 = no
10146 = no
10498 = no
10876 = no
10717 = no
10961 = no
10114 = no
10679 = no
10725 = no
10586 = no
11126 = no
11073 = no
11605 = no
10242 = no
11754 = no
10206 = no
10744 = no
11289 = no
11332 = no
11075 = no
10016 = no
10975 = no
11492 = no
11614 = no
10073 = no
11107 = no
11794 = no
11108 = no
11396 = no
11493 = no
10028 = no
10962 = no
10434 = no
11642 = no
11125 = no
11363 = no
11550 = no
10826 = no
10698 = no
11827 = no
10958 = no
10071 = no
10008 = no
10528 = no
10791 = no
10275 = no
11503 = no
11785 = no
11638 = no
11584 = no
11129 = no
11309 = no
10523 = no
11430 = no
10436 = no
10913 = no
11229 = no
11322 = no
10488 = no
11036 = no
11698 = no
10438 = no
11174 = no
11474 = no
10022 = no
10956 = no
10715 = no
10977 = no
10193 = no
10042 = no
11585 = no
10750 = no
10385 = no
10906 = no
11622 = no
10950 = no
10312 = no
11117 = no
11570 = no
11455 = no
11557 = no
10710 = no
10797 = no
11832 = no
11343 = no
10482 = no
11249 = no
10133 = no
10205 = no
10210 = no
10049 = no
10604 = no
11412 = no
10653 = no
11137 = no
11158 = no
11736 = no
10391 = no
10639 = no
11753 = no
10140 = no
11788 = no
11495 = no
10854 = no
10274 = no
10654 = no
11613 = no
11033 = no
11205 = no
10326 = no
11209 = no
11719 = no
11770 = no
10360 = no
10138 = no
11521 = no
11351 = no
10776 = no
10090 = no
11415 = no
11460 = no
10526 = no
10593 = no
10170 = no
10835 = no
11532 = no
11167 = no
11505 = no
10505 = no
10504 = no
10043 = no
10945 = no
11165 = no
11496 = no
11477 = no
10369 = no
11256 = no
11365 = no
11552 = no
10772 = no
10161 = no
10235 = no
10622 = no
10418 = no
10942 = no
10282 = no
10306 = no
10509 = no
11706 = no
10520 = no
10174 = no
10472 = no
10607 = no
10875 = no
10557 = no
11735 = no
10473 = no
10837 = no
10677 = no
11596 = no
10064 = no
10938 = no
11297 = no
11183 = no
11490 = no
10544 = no
10349 = no
11406 = no
11760 = no
11217 = no
11451 = no
10801 = no
10763 = yes
11231 = no
10153 = no
11263 = no
10489 = no
11419 = no
10061 = no
10920 = no
11250 = no
10405 = no
11371 = no
10811 = no
11345 = no
11314 = no
10623 = no
10732 = no
10579 = no
11478 = no
10846 = no
11143 = no
10629 = no
10969 = no
10728 = no
10718 = no
10682 = no
10847 = no
11769 = no
10314 = no
11799 = no
10257 = no
10068 = no
10222 = no
11317 = no
10259 = no
11090 = no
11254 = no
10465 = no
10642 = no
11449 = no
11690 = no
10067 = no
10258 = no
11685 = no
11688 = no
10848 = no
11354 = no
11404 = no
10063 = no
11164 = no
10458 = no
10033 = no
11779 = no
11283 = no
10690 = no
10037 = no
10893 = no
11358 = no
10978 = no
10748 = no
10583 = no
10141 = no
11039 = no
10987 = no
11019 = no
11032 = no
11239 = no
11166 = no
10806 = no
10996 = no
11214 = no
11344 = no
11732 = no
10788 = no
11768 = no
10241 = no
10231 = no
11641 = no
11746 = no
11577 = no
10163 = no
10469 = no
10933 = no
11020 = no
11670 = no
10934 = no
10203 = no
10767 = no
10605 = no
11744 = no
11370 = no
11409 = no
10940 = no
11598 = no
10093 = no
11831 = no
11423 = no
11110 = no
10089 = no
10917 = no
10888 = no
11180 = no
11198 = no
11791 = no
10155 = no
11810 = no
10014 = no
11624 = no
11128 = no
10570 = no
10399 = no
10403 = no
11643 = no
10285 = no
11101 = no
11253 = no
11497 = no
11535 = no
10368 = no
11692 = no
11636 = no
10914 = no
10013 = no
10782 = no
10129 = no
10292 = no
10674 = no
10298 = no
10430 = no
10081 = no
11291 = no
11602 = no
10457 = no
10976 = no
11616 = no
10375 = no
10226 = no
11045 = no
11176 = no
10127 = no
11523 = no
10215 = no
11035 = no
10297 = no
10644 = no
10722 = no
10288 = no
10126 = no
10092 = no
11506 = no
10662 = no
11328 = no
10582 = no
11660 = no
11023 = no
10371 = no
10872 = no
10877 = no
11193 = no
10453 = no
10759 = no
11543 = no
10069 = no
10481 = no
11041 = no
10730 = no
10187 = no
10688 = no
10606 = no
10646 = no
10747 = no
11594 = no
11750 = no
10901 = no
10925 = no
10745 = no
10768 = no
10694 = no
11203 = no
11680 = no
10339 = no
10832 = no
10443 = no
10027 = no
11609 = no
10254 = no
10217 = no
10382 = no
10572 = no
11185 = no
10188 = no
11173 = no
10433 = no
11333 = no
10347 = no
11682 = no
11087 = no
10754 = no
11468 = no
10343 = no
11102 = no
11277 = no
11418 = no
11178 = no
10172 = no
10320 = no
11150 = no
11064 = no
10044 = no
11383 = no
10615 = no
11120 = no
10513 = no
10046 = no
11445 = no
11589 = no
11671 = no
10196 = no
11320 = no
11298 = no
10277 = no
10276 = no
10359 = no
11687 = no
11315 = no
11086 = no
11805 = no
11224 = no
10032 = no
10054 = no
11436 = no
11586 = no
11168 = no
10216 = no
11324 = no
10676 = no
10212 = no
11001 = no
10575 = no
10087 = no
11701 = no
10156 = no
10563 = no
10922 = no
11435 = no
11392 = no
11195 = no
11118 = no
11726 = no
10764 = no
10840 = no
11200 = no
11177 = no
10683 = no
11457 = no
11181 = no
11761 = no
10055 = no
10697 = no
10655 = no
11161 = no
11707 = no
11762 = no
11515 = no
11124 = no
10923 = no
10251 = no
11422 = no
11116 = no
11555 = no
11267 = no
10262 = no
10617 = no
11062 = no
10553 = no
10765 = no
11640 = no
10495 = no
11653 = no
11836 = no
10667 = no
11302 = no
11595 = no
10892 = no
10236 = no
10413 = no
11274 = no
11663 = no
11600 = no
11568 = no
10386 = no
10404 = no
10636 = no
11703 = no
11480 = no
10218 = no
11699 = no
11216 = no
10918 = no
11487 = no
11076 = no
10651 = no
11245 = no
11510 = no
11316 = no
10417 = no
11270 = no
10240 = no
11502 = no
11340 = no
10995 = no
10537 = no
11738 = no
10720 = no
11820 = no
10897 = no
11489 = no
10930 = no
11787 = no
11612 = no
11745 = no
11539 = no
10230 = no
11469 = no
11260 = no
11235 = no
10077 = no
10771 = no
11223 = no
11140 = no
10162 = no
10122 = no
10727 = no
11175 = no
11790 = yes
11179 = no
10004 = no
10508 = no
10402 = no
11244 = no
11516 = no
10545 = no
10883 = no
10684 = no
10738 = no
11387 = no
11461 = no
11421 = no
10106 = no
10272 = no
11148 = no
11581 = no
10515 = no
10867 = no
10390 = no
11696 = no
10954 = no
10419 = no
11349 = no
10588 = no
10506 = no
11246 = no
10637 = no
11772 = no
11797 = no
10295 = no
10229 = no
10611 = no
10487 = no
10454 = no
10533 = no
10177 = no
10911 = no
10219 = no
11364 = no
11686 = no
10527 = no
11651 = no
11669 = no
11348 = no
11416 = no
10742 = no
10986 = no
10500 = no
10569 = no
11342 = no
11465 = no
10786 = no
10631 = no
11629 = no
10178 = no
10532 = no
11306 = no
10919 = no
11051 = no
11765 = no
10380 = no
11482 = no
10985 = no
10973 = no
10101 = no
10839 = no
10154 = no
10406 = no
10468 = no
10972 = no
10485 = no
11264 = no
10861 = no
11145 = no
10011 = no
10023 = no
11327 = no
11533 = no
10592 = no
10790 = no
10355 = no
10932 = no
10322 = no
10333 = no
10620 = no
11042 = no
10018 = no
11431 = no
10559 = no
11599 = no
10449 = no
10352 = no
10552 = no
10536 = no
10595 = no
10511 = no
10394 = no
10959 = no
10558 = no
11714 = no
11567 = no
10960 = no
10741 = no
10459 = no
11463 = no
10232 = no
11828 = no
10843 = no
11241 = no
11632 = no
10903 = no
11627 = no
10565 = no
11544 = no
11312 = no
11713 = no
10800 = no
10633 = no
10420 = no
11182 = no
10713 = no
10144 = no
10329 = no
11228 = no
10982 = no
10712 = no
11453 = no
11467 = no
11559 = no
10431 = no
10484 = no
11621 = no
11748 = no
11335 = no
11060 = no
10327 = no
11588 = no
10350 = no
10707 = no
11603 = no
11522 = no
10827 = no
11494 = no
10681 = no
11654 = no
11028 = no
10075 = no
11657 = no
10428 = no
10330 = no
10499 = no
10735 = no
11047 = no
11441 = no
11063 = no
10496 = no
10729 = no
11644 = no
11299 = no
11078 = no
10078 = no
10740 = no
10670 = no
11210 = no
11626 = no
10926 = no
11338 = no
11818 = no
10924 = no
11381 = no
10657 = no
11668 = no
11096 = no
11413 = no
10548 = no
10466 = no
11199 = no
10039 = no
10025 = no
11311 = no
10435 = no
10564 = no
11702 = no
10894 = no
10462 = no
11393 = no
11386 = no
11538 = no
10290 = no
10908 = no
11397 = no
11237 = no
11310 = no
11587 = no
10589 = no
11775 = no
10501 = no
10279 = no
10113 = no
11407 = no
11809 = no
11242 = no
10407 = no
10220 = no
10052 = no
10798 = no
11755 = no
10619 = no
11667 = no
10316 = no
11647 = no
10686 = no
11414 = no
10818 = no
10751 = no
11155 = no
10429 = no
10916 = no
10663 = no
10001 = no
10494 = no
11556 = no
11141 = no
11426 = no
10116 = no
10778 = no
10878 = no
11674 = no
10991 = no
11184 = no
10293 = no
11440 = no
10072 = no
10497 = no
10017 = no
11000 = no
10529 = no
10341 = no
11380 = no
11518 = no
10685 = no
10194 = no
10999 = no
11695 = no
11520 = no
10895 = no
11408 = no
11021 = no
10596 = no
11259 = no
10731 = no
10121 = no
11399 = no
10981 = no
10392 = no
11232 = no
10056 = no
10836 = no
10821 = no
11694 = no
10590 = no
11085 = no
11123 = no
10286 = no
10281 = no
10396 = no
10540 = no
11038 = no
11369 = no
10675 = no
11725 = no
11236 = no
11280 = no
11130 = no
10577 = no
11446 = no
11010 = no
10656 = no
10762 = no
10342 = no
10065 = no
10627 = no
10191 = no
10354 = no
11382 = no
11374 = no
10714 = no
10941 = no
10147 = no
11814 = no
11803 = no
11352 = no
10562 = no
11112 = no
10214 = no
10409 = no
10852 = no
11275 = no
10777 = no
10773 = no
10574 = no
10152 = no
10383 = no
11752 = no
10810 = no
10946 = no
10057 = no
10167 = no
11262 = no
10117 = no
11134 = no
11119 = no
10943 = no
11207 = no
11079 = no
10814 = no
11684 = no
10050 = no
11293 = no
11133 = no
10168 = no
10554 = no
10283 = no
11279 = no
10302 = no
10291 = no
11159 = no
11068 = no
11305 = no
11398 = no
10183 = no
11655 = no
11710 = no
10444 = no
10450 = no
10649 = no
11227 = no
11003 = no
10471 = no
11059 = no
10965 = no
11301 = no
11801 = no
11704 = no
10321 = no
10531 = no
11583 = no
10125 = no
11672 = no
10160 = no
11139 = no
10238 = no
10900 = no
10041 = no
10201 = no
10517 = no
10871 = no
11014 = no
11608 = no
10304 = no
11218 = no
10944 = no
11405 = no
10278 = no
10195 = no
11355 = no
11630 = no
10221 = no
11798 = no
11196 = no
10351 = no
10244 = no
11824 = no
11778 = no
10784 = no
11780 = no
10305 = no
10213 = no
10460 = no
10695 = no
11428 = no
10317 = no
11233 = no
10166 = no
11215 = no
11247 = no
10410 = no
10476 = no
11388 = no
11519 = no
11766 = no
10363 = no
10120 = no
11286 = no
10602 = no
11088 = no
10132 = no
11817 = no
10964 = no
11004 = no
10630 = no
10809 = no
10530 = no
11278 = no
10889 = no
11464 = no
11114 = no
10207 = no
10006 = no
10189 = no
10030 = no
10186 = no
11092 = no
10585 = no
10716 = no
11288 = no
11564 = no
11576 = no
11066 = no
10408 = no
10928 = no
10395 = no
10245 = no
10223 = no
11266 = no
10021 = no
10002 = no
11439 = no
10691 = no
11757 = no
11711 = no
11080 = no
11095 = no
10452 = no
11084 = no
10224 = no
10344 = no
11724 = no
10696 = no
11362 = no
11104 = no
10795 = no
11057 = no
11716 = no
10881 = no
10860 = no
11747 = no
10609 = no
10581 = no
10757 = no
11401 = no
10199 = no
10535 = no
10781 = no
11709 = no
11379 = no
10340 = no
11053 = no
11776 = no
11447 = no
10819 = no
11693 = no
10309 = no
10440 = no
10882 = no
10774 = no
10115 = no
10300 = no
10502 = no
10734 = no
11197 = no
11526 = no
10084 = no
11056 = no
10971 = no
10412 = no
11617 = no
11607 = no
10711 = no
11272 = no
11169 = no
11743 = no
10866 = no
11411 = no
11816 = no
11517 = no
10665 = no
11665 = no
10467 = no
11013 = no
11190 = no
10026 = no
10994 = no
10197 = no
10561 = no
10880 = no
11438 = no
10118 = no
10539 = no
10775 = no
11676 = no
10580 = no
10271 = no
10370 = no
11781 = no
10364 = no
10268 = no
10157 = no
10110 = no
11420 = no
10456 = no
10378 = no
10031 = no
10668 = no
11458 = no
10543 = no
10451 = no
10974 = no
10192 = no
10812 = no
10802 = no
11834 = no
10366 = no
11202 = no
11009 = no
10542 = no
10088 = no
11162 = no
10414 = no
10211 = no
11825 = no
11652 = no
10348 = no
11356 = no
10124 = no
10828 = no
10534 = no
11606 = no
11099 = no
11488 = no
11360 = no
10613 = no
11829 = no
10645 = no
10823 = no
11082 = no
10912 = no
11764 = no
10770 = no
11712 = no
11261 = no
10522 = no
11485 = no
10638 = no
10997 = no
11098 = no
10270 = no
10915 = no
10783 = no
11635 = no
10038 = no
11683 = no
10898 = no
10851 = no
11304 = no
11691 = no
11303 = no
11367 = no
10902 = no
11830 = no
11697 = no
10855 = no
10576 = no
11149 = no
10104 = no
10080 = no
11749 = no
11498 = no
11553 = no
11633 = no
11018 = no
10051 = no
10475 = no
11170 = no
10301 = no
11645 = no
11400 = no
11048 = no
10873 = no
10182 = no
10803 = no
11796 = no
10723 = no
10307 = no
10108 = no
11295 = no
11722 = no
10353 = no
11152 = no
10332 = no
11206 = no
10256 = no
10019 = no
10142 = no
11271 = no
11615 = no
11089 = no
10102 = no
10062 = no
10521 = no
11619 = no
10249 = no
10003 = no
10400 = no
11756 = no
11285 = no
10700 = no
11582 = no
10376 = no
10103 = no
10568 = no
10603 = no
10671 = no
11106 = no
11011 = no
10699 = no
10758 = no
10099 = no
10228 = no
10519 = no
11222 = no
10441 = no
10425 = no
10857 = no
10541 = no
11731 = no
11575 = no
11631 = no
11290 = no
10514 = no
11450 = no
10612 = no
11486 = no
10269 = no
10185 = no
10303 = no
11339 = no
10356 = no
11071 = no
11016 = no
10948 = no
11091 = no
10661 = no
11773 = no
10439 = no
10393 = no
11720 = no
11074 = no
11043 = no
10753 = no
11737 = no
10179 = no
10886 = no
10525 = no
10058 = no
11730 = no
10009 = no
11330 = no
11578 = no
10035 = no
11212 = no
11648 = no
11662 = no
11804 = no
10591 = no
10493 = no
10927 = no
10012 = no
11300 = no
11507 = no
11554 = no
11546 = no
11097 = no
10024 = no
10573 = no
11366 = no
11611 = no
10130 = no
11268 = no
10070 = no
11142 = no
10947 = no
10931 = no
11675 = no
10780 = no
11307 = no
11471 = no
11508 = no
11649 = no
10884 = no
10313 = no
11548 = no
11806 = no
10381 = no
10287 = no
10315 = no
10150 = no
11238 = no
10389 = no
11558 = no
11077 = no
11113 = no
11545 = no
10556 = no
10793 = no
10477 = no
10687 = no
10618 = no
10555 = no
11547 = no
10237 = no
11717 = no
10647 = no
11308 = no
11034 = no
10074 = no
10053 = no
11561 = no
10045 = no
11634 = no
10159 = no
10137 = no
11741 = no
11601 = no
10358 = no
11591 = no
11456 = no
10128 = no
10151 = no
11566 = no
11204 = no
10105 = no
11448 = no
11466 = no
11786 = no
10549 = no
10660 = no
11444 = no
10789 = no
11681 = no
11403 = no
10578 = no
11187 = no
11417 = no
11782 = no
10094 = no
10859 = no
10761 = no
10248 = no
11378 = no
11007 = no
11499 = no
11597 = no
10785 = no
11255 = no
11527 = no
11194 = no
10980 = no
10737 = no
10516 = no
11375 = no
11282 = no
11192 = no
11147 = no
11574 = no
11284 = no
10970 = no
10993 = no
11513 = no
10426 = no
10095 = no
10007 = no
11549 = no
10246 = no
10096 = no
10020 = no
11443 = no
11395 = no
11475 = no
10905 = no
11580 = no
10325 = no
11459 = no
11715 = no
10849 = no
10079 = no
11639 = no
11248 = no
10284 = no
10635 = no
10388 = no
10486 = no
10202 = no
10937 = no
11046 = no
10047 = no
10669 = no
11821 = no
10034 = no
11122 = no
11030 = no
11121 = no
10951 = no
11105 = no
10346 = no
10899 = no
10968 = no
11394 = no
10614 = no
10910 = no
10704 = no
11372 = no
10135 = no
11188 = no
10601 = no
11434 = no
11276 = no
10844 = no
11070 = no
10324 = no
10584 = no
11718 = no
11454 = no
10442 = no
11811 = no
10422 = no
10833 = no
10820 = no
11294 = no
11002 = no
10239 = no
11252 = no
11815 = no
10983 = no
11146 = no
11432 = no
10373 = no
10743 = no
10464 = no
11664 = no
10550 = no
10250 = no
11677 = no
11484 = no
11511 = no
10693 = no
10421 = no
11005 = no
11361 = no
10361 = no
10794 = no
10909 = no
10048 = no
10904 = no
11592 = no
10233 = no
10204 = no
11357 = no
11111 = no
10673 = no
11243 = no
11593 = no
11163 = no
11500 = no
11813 = no
11154 = no
10721 = no
11157 = no
10398 = no
10085 = no
10769 = no
11072 = no
11531 = no
11287 = no
11541 = no
11391 = no
10939 = no
10853 = no
11708 = no
10966 = no
11319 = no
10616 = no
11037 = no
11610 = no
10640 = no
10492 = no
11094 = no
10988 = no
11650 = no
10634 = no
10379 = no
10319 = no
11512 = no
10524 = no
11226 = no
10706 = no
11326 = no
11208 = no
11329 = no
10491 = no
10119 = no
11822 = no
11442 = no
10294 = no
10318 = no
10632 = no
11491 = no
11201 = no
11240 = no
11537 = no
11171 = no
10566 = no
10807 = no
11350 = no
10432 = no
10208 = no
10461 = no
11067 = no
10709 = no
10243 = no
10463 = no
10265 = no
10190 = no
10149 = no
11321 = no
10377 = no
11054 = no
11789 = no
11783 = no
11296 = no
10838 = no
11740 = no
10817 = no
10799 = no
11065 = no
10896 = no
10175 = no
10724 = no
11525 = no
11792 = no
11061 = no
10165 = no
10173 = no
10990 = no
10957 = no
10143 = no
10076 = no
10963 = no
11524 = no
11733 = no
11031 = no
10059 = no
10479 = no
11742 = no
10503 = no
10518 = no
11325 = no
11689 = no
10164 = no
11808 = no
10437 = no
11144 = no
11153 = no
10594 = no
11569 = no
10091 = no
11774 = no
10447 = no
11573 = no
10263 = no
11213 = no
10752 = no
10181 = no
10480 = no
10060 = no
10664 = no
11763 = no
11368 = no
10874 = no
10979 = no
11729 = no
10082 = no
11542 = no
11337 = no
10100 = no
10253 = no
10107 = no
11812 = no
10858 = no
11281 = no
11509 = no
10610 = no
10264 = no
10260 = no
11156 = no
11784 = no
11027 = no
11318 = no
11251 = no
11029 = no
10040 = no
11429 = no
10659 = no
10658 = no
10415 = no
10176 = no
11530 = no
10779 = no
10625 = no
11109 = no
11115 = no
10136 = no
11313 = no
11384 = no
11802 = no
10628 = no
10689 = no
10111 = no
10299 = no
11234 = no
11026 = no
11472 = no
10158 = no
10822 = no
10367 = no
11479 = no
10719 = no
10184 = no
10733 = no
10387 = no
10310 = no
10600 = no
10949 = no
10131 = no
10998 = no
10097 = no
10198 = no
10512 = no
10760 = no
11673 = no
10169 = no
10273 = no
11083 = no
11483 = no
11572 = no
11666 = no
11433 = no
10967 = no
10234 = no
11273 = no
11658 = no
10227 = no
10362 = no
11565 = no
10879 = no
11734 = no
10267 = no
11081 = no
10907 = no
11536 = no
10989 = no
11040 = no
11191 = no
10112 = no
10692 = no
11385 = no
11758 = no
11620 = no
10296 = no
11514 = no
10209 = no
10626 = no
11579 = no
10338 = no
10608 = no
10890 = no
10424 = no
11560 = no
11336 = no
11819 = no
10423 = no
10560 = no
10862 = no
10478 = no
10255 = no
11833 = no
10280 = no
11777 = no
10805 = no
10885 = no
11151 = no
11462 = no
10397 = no
10083 = no
10010 = no
10829 = no
10134 = no
11008 = no
11346 = no
11656 = no
11807 = no
11604 = no
10015 = no
10490 = no
10953 = no
11528 = no
10445 = no
11705 = no
10139 = no
11721 = no
11795 = no
10850 = no
11659 = no
11501 = no
11093 = no
11437 = no
11024 = no
10261 = no
10066 = no
10815 = no
10005 = no
end(PLUGIN_SET)
begin(PLUGINS_PREFS)
RedHat 6.2 inetd[radio]:Testing method = quick and dirty
Login configurations[entry]:FTP account : = anonymous
Login configurations[password]:FTP password (sent in clear) : = nessus at nessus.org
Login configurations[entry]:FTP writeable directory : = /incoming
Login configurations[checkbox]:Never send SMB credentials in clear text = yes
Test HTTP dangerous methods[checkbox]:Integrist test = no
Misc information on News server[entry]:From address : = Nessus <listme at listme.dsbl.org>
Misc information on News server[entry]:Test group name regex : = f[a-z]\.tests?
Misc information on News server[entry]:Max crosspost : = 7
Misc information on News server[checkbox]:Local distribution = yes
Misc information on News server[checkbox]:No archive = no
SMB Scope[checkbox]:Request information about the domain = yes
SMB use domain SID to enumerate users[entry]:Start UID : = 1000
SMB use domain SID to enumerate users[entry]:End UID : = 2000
Web mirroring[entry]:Number of pages to mirror : = 20
Web mirroring[entry]:Start page : = /
Services[entry]:Number of connections done in parallel : = 5
Services[entry]:Network connection timeout : = 5
Services[entry]:Network read/write timeout : = 5
Services[entry]:Wrapped service read timeout : = 2
Services[radio]:Test SSL based services = All
Services[checkbox]:Quick SOCKS proxy checking = yes
SMTP settings[entry]:Third party domain : = nessus.org
SMTP settings[entry]:From address : = nobody at example.com
SMTP settings[entry]:To address : = postmaster@[AUTO_REPLACED_IP]
NIDS evasion[radio]:TCP evasion technique = none
NIDS evasion[checkbox]:Send fake RST when establishing a TCP connection = no
SMB use host SID to enumerate local users[entry]:Start UID : = 1000
SMB use host SID to enumerate local users[entry]:End UID : = 1200
HTTP login page[entry]:Login page : = /
HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS%
ftp writeable directories[radio]:How to check if directories are writeable : = Trust the permissions (drwxrwx---)
Libwhisker options[radio]:IDS evasion technique: = X (none)
Brute force login (Hydra)[entry]:Number of simultaneous connections : = 4
Brute force login (Hydra)[checkbox]:Brute force telnet = no
Brute force login (Hydra)[checkbox]:Brute force FTP = no
Brute force login (Hydra)[checkbox]:Brute force POP3 = no
Brute force login (Hydra)[checkbox]:Brute force IMAP = no
Brute force login (Hydra)[checkbox]:Brute force cisco = no
Brute force login (Hydra)[checkbox]:Brute force cisco-enable = no
Brute force login (Hydra)[checkbox]:Brute force VNC = no
Brute force login (Hydra)[checkbox]:Brute force SOCKS 5 = no
Brute force login (Hydra)[checkbox]:Brute force rexec = no
Brute force login (Hydra)[checkbox]:Brute force NNTP = no
Brute force login (Hydra)[checkbox]:Brute force HTTP = no
Brute force login (Hydra)[checkbox]:Brute force ICQ = no
Brute force login (Hydra)[checkbox]:Brute force PCNFS = no
Brute force login (Hydra)[checkbox]:Brute force SMB = no
Brute force login (Hydra)[checkbox]:Brute force LDAP = no
HTTP NIDS evasion[checkbox]:Use HTTP HEAD instead of GET = no
HTTP NIDS evasion[radio]:URL encoding = none
HTTP NIDS evasion[radio]:Absolute URI type = none
HTTP NIDS evasion[radio]:Absolute URI host = none
HTTP NIDS evasion[checkbox]:Double slashes = no
HTTP NIDS evasion[radio]:Reverse traversal = none
HTTP NIDS evasion[checkbox]:Self-reference directories = no
HTTP NIDS evasion[checkbox]:Premature request ending = no
HTTP NIDS evasion[checkbox]:CGI.pm semicolon separator = no
HTTP NIDS evasion[checkbox]:Parameter hiding = no
HTTP NIDS evasion[checkbox]:Dos/Windows syntax = no
HTTP NIDS evasion[checkbox]:Null method = no
HTTP NIDS evasion[checkbox]:TAB separator = no
HTTP NIDS evasion[checkbox]:HTTP/0.9 requests = no
Nmap[radio]:TCP scanning technique : = connect()
Nmap[checkbox]:UDP port scan = no
Nmap[checkbox]:RPC port scan = no
Nmap[checkbox]:Ping the remote host = yes
Nmap[checkbox]:Identify the remote OS = yes
Nmap[checkbox]:Use hidden option to identify the remote OS = yes
Nmap[checkbox]:Fragment IP packets (bypasses firewalls) = no
Nmap[checkbox]:Get Identd info = no
Nmap[radio]:Port range = User specified range
Nmap[checkbox]:Do not randomize the order in which ports are scanned = yes
Nmap[entry]:Source port : = any
Nmap[entry]:Ports scanned in parallel (max) = 128
Nmap[radio]:Timing policy : = Normal
Ping the remote host[entry]:TCP ping destination port(s) : = 135
Ping the remote host[checkbox]:Do a TCP ping = yes
Ping the remote host[checkbox]:Do an ICMP ping = yes
Ping the remote host[entry]:Number of retries (ICMP) : = 5
Ping the remote host[checkbox]:Make the dead hosts appear in the report = no
Login configurations[checkbox]:Only use NTLMv2 = no
HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS%
HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS%
HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS%
HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS%
HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS%
HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS%
HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS%
HTTP login page[entry]:Login form fields : = user=%USER%&pass = %PASS%
Services[file]:SSL certificate : =
Services[file]:SSL private key : =
Services[password]:PEM password : =
Services[file]:CA file : =
Login configurations[entry]:HTTP account : =
Login configurations[password]:HTTP password (sent in clear) : =
Login configurations[entry]:NNTP account : =
Login configurations[password]:NNTP password (sent in clear) : =
Login configurations[entry]:POP2 account : =
Login configurations[password]:POP2 password (sent in clear) : =
Login configurations[entry]:POP3 account : =
Login configurations[password]:POP3 password (sent in clear) : =
Login configurations[entry]:IMAP account : =
Login configurations[password]:IMAP password (sent in clear) : =
Login configurations[entry]:SMB account : =
Login configurations[password]:SMB password : =
Login configurations[entry]:SMB domain (optional) : =
Login configurations[entry]:SNMP community (sent in clear) : =
Brute force login (Hydra)[file]:Logins file : =
Brute force login (Hydra)[file]:Passwords file : =
Brute force login (Hydra)[entry]:Web page to brute force : =
HTTP login page[entry]:Login form : =
HTTP login page[entry]:Login form fields : = user=%USER%&pass=%PASS%
HTTP NIDS evasion[entry]:HTTP User-Agent =
HTTP NIDS evasion[entry]:Force protocol string : =
end(PLUGINS_PREFS)
# cat /usr/local/nessus/etc/nessus/nessusd.conf
# Configuration file of the Nessus Security Scanner
# Every line starting with a '#' is a comment
# Path to the security checks folder :
plugins_folder = /usr/local/nessus/lib/nessus/plugins
# Maximum number of simultaneous hosts tested :
max_hosts = 192
# Maximum number of simultaneous checks against each host tested :
max_checks = 128
# Niceness. If set to 'yes', nessusd will renice itself to 10.
be_nice = no
# Log file (or 'syslog') :
logfile = /usr/local/nessus/var/nessus/logs/nessusd.messages
# Shall we log every details of the attack ?
log_whole_attack = yes
# Log the name of the plugins that are loaded by the server ?
log_plugins_name_at_load = no
# Dump file for debugging output, use `-' for stdout
dumpfile = /usr/local/nessus/var/nessus/logs/nessusd.dump
# Rules file :
rules = /usr/local/nessus/etc/nessus/nessusd.rules
# Users database :
users = /usr/local/nessus/etc/nessus/nessusd.users
# CGI paths to check for (cgi-bin:/cgi-aws:/ can do)
cgi_path = /cgi-bin:/scripts:/cgi:/msadc:/c:/
# Range of the ports the port scanners will scan :
# 'default' means that Nessus will scan ports found in its
# services file.
port_range = 1-65535
# Optimize the test (recommanded) :
optimize_test = yes
# Language of the plugins :
language = english
# Optimization :
# Read timeout for the sockets of the tests :
checks_read_timeout = 5
# Ports against which two plugins should not be run simultaneously :
# non_simult_ports = Services/www, 139, Services/finger
non_simult_ports = 139, 445
# Maximum lifetime of a plugin (in seconds) :
plugins_timeout = 120
# Safe checks rely on banner grabbing :
safe_checks = no
# Automatically activate the plugins that are depended on
auto_enable_dependencies = yes
# Designate hosts by MAC address, not IP address (useful for DHCP networks)
use_mac_addr = no
#--- Knowledge base saving (can be configured by the client) :
# Save the knowledge base on disk :
save_knowledge_base = yes
# Restore the KB for each test :
kb_restore = yes
# Only test hosts whose KB we do not have :
only_test_hosts_whose_kb_we_dont_have = no
# Only test hosts whose KB we already have :
only_test_hosts_whose_kb_we_have = no
# KB test replay :
kb_dont_replay_scanners = no
kb_dont_replay_info_gathering = no
kb_dont_replay_attacks = no
kb_dont_replay_denials = no
kb_max_age = 18000
#--- end of the KB section
# Can users upload their plugins ?
plugin_upload = no
# Suffixes of the plugins the user can upload :
plugin_upload_suffixes = .nasl, .inc
# Name of the user who can remotely update the plugins
admin_user = root
# If this option is set, Nessus will not scan a network incrementally
# (10.0.0.1, then 10.0.0.2, 10.0.0.3 and so on..) but will attempt to
# slice the workload throughout the whole network (ie: it will scan
# 10.0.0.1, then 10.0.0.127, then 10.0.0.2, then 10.0.0.128 and so on...
slice_network_addresses = no
#end.
#
# Added by nessus-mkcert
#
cert_file=/usr/local/nessus/com/nessus/CA/servercert.pem
key_file=/usr/local/nessus/var/nessus/CA/serverkey.pem
ca_file=/usr/local/nessus/com/nessus/CA/cacert.pem
# If you decide to protect your private key with a password,
# uncomment and change next line
# pem_password=password
# If you want to force the use of a client certificate, uncomment next line
# force_pubkey_auth = yes
More information about the Nessus
mailing list