Problem with nmap_wrapper.nes - NMAP not scanning

Matt C. baddog at baddogmedia.com
Wed Aug 11 13:45:13 EDT 2004 

I am having problems with Nessus using NMAP to port scan targets (ID:
10336). Specifically it does not appear to scan any targets. Both the
SYN scan (11219) and the TCP Connect scan (10335) work correctly. 

I am running Nessus version 2.0.12 and NMAP 3.55.
Nmap is located within my $PATH and can be called directly from the
command line without a problem.
nmap_wrapper.nes is Version: $Revision: 1.105 $
All of my scanning occurs from the nessus command line client.

As you can see below from the scan log, the nmap_wrapper.nes is
finishing almost instantaneously. 

user xxxxx starts a new scan. Target(s) : zzz.zzz.zzz.zzz, , with
max_hosts = 30 and max_checks = 25
user xxxxx : testing dns-name-ip (zzz.zzz.zzz.zzz) [12442]
user xxxxx : new KB will be saved as
/usr/local/var/nessus/users/xxxxx/kbs/dns-name-ip
user xxxxx : launching ping_host.nasl against dns-name-ip [12443]
ping_host.nasl (process 12443) finished its job in 0.010 seconds
user xxxxx : launching nmap_wrapper.nes against dns-name-ip [12444]
nmap_wrapper.nes (process 12444) finished its job in 0.019 seconds

Any help that can be provided in troubleshooting this issue would be
most appreciated.

Regards,

Matt




---------A portion of my scan config file for your review:-----------

paranoia_level = 2
nessusd_user = xxxx
trusted_ca = /usr/local/com/nessus/CA/cacert.pem
nessusd_host = 127.0.0.1
begin(SCANNER_SET)
 10180 = yes
 10335 = no
 10336 = yes
 10796 = no
 11219 = no
 11840 = no
end(SCANNER_SET)

begin(SERVER_PREFS)
 kb_dont_replay_attacks = yes
 admin_user = xxxx
 plugin_upload = no
 plugin_upload_suffixes = .nasl
 kb_max_age = 864000
 kb_dont_replay_denials = yes
 kb_dont_replay_info_gathering = yes
 Kb_dont_replay_attacks = yes
 kb_dont_replay_scanners = yes
 only_test_hosts_whose_kb_we_have = no
 kb_restore = no
 only_test_hosts_whose_kb_we_dont_have = no
 save_knowledge_base = yes
 auto_enable_dependencies = no
 plugins_timeout = 320
 non_simult_ports = 139, 445
 delay_between_tests = 1
 checks_read_timeout = 15
 language = english
 per_user_base = /usr/local/var/nessus/users
 report_killed_plugins = yes
 port_range = 1-1024
 unscanned_closed = no
 max_hosts = 30
 max_checks = 25
 cgi_path = /cgi-bin:/scripts
 reverse_lookup = yes
 optimize_test = no
 safe_checks = yes
 use_mac_addr = no
 detached_scan = no
 continuous_scan = no
 log_whole_attack = yes
 slice_network_addresses = no
end(SERVER_PREFS)

begin(PLUGINS_PREFS)
 Services[entry]:Wrapped service read timeout : = 2
 Services[entry]:Network read/write timeout : = 4
 Services[entry]:Network connection timeout : = 4
 Default accounts[entry]:Simultaneous connections : = 20
 Nmap[radio]:Timing policy : = Normal
 Nmap[entry]:Ports scanned in parallel = 100
 Nmap[entry]:Source port : = any
 Nmap[checkbox]:Do not randomize the  order  in  which ports are scanned
= yes
 Ping the remote host[checkbox]:Do a TCP ping = no
 Ping the remote host[checkbox]:Do an ICMP ping = yes
 Ping the remote host[entry]:Number of retries (ICMP) : = 10
 Ping the remote host[checkbox]:Make the dead hosts appear in the report
= yes
 Nmap[radio]:TCP scanning technique : = SYN scan
 Nmap[checkbox]:UDP port scan = no
 Nmap[checkbox]:RPC port scan = no
 Nmap[checkbox]:Ping the remote host = no
 Nmap[checkbox]:Identify the remote OS = no
 Nmap[checkbox]:Use hidden option to identify the remote OS = no
 Nmap[checkbox]:Fragment IP packets (bypasses firewalls) = no
 Nmap[checkbox]:Get Identd info = no
 Nmap[radio]:Port range = Default range (nmap-services + privileged
ports)
 Services[entry]:Number of connections done in parallel : = 5
 Global variable settings[checkbox]:Enable experimental scripts = no
 Global variable settings[checkbox]:Thorough tests (slow) = no
 Global variable settings[radio]:Report verbosity = Normal
 Global variable settings[radio]:Log verbosity = Normal
 Global variable settings[entry]:Debug level = 0
 Ping the remote host[entry]:TCP ping destination port(s) : = bulit-in
 Ping the remote host[checkbox]:Log live hosts in the report = yes
 Global variable settings[radio]:Report paranoia = Normal
 Nmap[entry]:Data length : =
 Nmap[entry]:Ports scanned in parallel (max) =
 Nmap[entry]:Host Timeout (ms) : =
 Nmap[entry]:Min RTT Timeout (ms) : =
 Nmap[entry]:Max RTT Timeout (ms) : =
 Nmap[entry]:Initial RTT timeout (ms) =
 Nmap[entry]:Minimum wait between probes (ms) =
 Nmap[file]:File containing nmap's results : =
end(PLUGINS_PREFS)

begin(PLUGIN_SET)
 10001 = no
 10002 = no
 10003 = no
 10004 = no
 10005 = no
 10006 = no
 10007 = no
~All plugins defined correctly~
 14244 = yes
 14256 = yes
 14258 = yes
 14257 = yes
end(PLUGIN_SET)

begin(SERVER_INFO)
 server_info_nessusd_version = 2.0.12
 server_info_libnasl_version = 2.0.12
 server_info_libnessus_version = 2.0.12
 server_info_thread_manager = fork
 server_info_os = Linux
 server_info_os_version = 2.4.20-8
end(SERVER_INFO)

begin(RULES)
end(RULES)

More information about the Nessus mailing list