RE: nessus which plug'in reports which vulnerability?
From: MARTIN M. Bénoni (benoni_martin_at_hotmail.com)
Date: 02/23/04
- Previous message: John Petropoulos: "RE: Firewall Netscreen 10 - URGENTLY"
- Maybe in reply to: cissper: "nessus which plug'in reports which vulnerability?"
- Next in thread: Harshul Nayak: "RE: nessus which plug'in reports which vulnerability?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: cissper@yahoo.com.au, pen-test@securityfocus.com Date: Mon, 23 Feb 2004 10:22:25 +0000
You can get the source of the plugins on your box (the exact place of these
depend on your box, but they are *.nasl files, an "find / -name *.nasl |
grep dns" should help you in your case), or here:
http://cgi.nessus.org/plugins/dump.php3?viewby=family.
An example of a code sourceis here:
http://cvsweb.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/scripts/frontpage_passwordless.nasl?content-type=text/plain
(that's an example)
Hope it can helps :)
>From: "cissper" <cissper@yahoo.com.au>
>To: <pen-test@securityfocus.com>
>Subject: nessus which plug'in reports which vulnerability?
>Date: Mon, 23 Feb 2004 13:24:22 +1100
>
>Hi all
>
>One of my favourite general purpose scanner is nessus for obvious
>reasons. However, I do struggle with the interpretation and evaluation
>of the results:
>After the scan, I use the report function to generate a HTML type
>report. The vulnerabilities listed in that report are not associated
>with the plug-in's that detected them in the first place. How can I
>possible know which plug-in detected which vulnerability? I need to
>validate the identified vulnerabilities in order to eliminate false
>positives, therefore I would like to know which script was used to
>identify a certain vulnerability.
>
>One simple example:
>nessus reports that a DNS zone transfer was possible. However, when I
>try to manually perform a zone transfer, I am not able to do so!
>The conclusion would be a false positive - but - maybe the script is
>using a more sophisticated approach and is successful! The next step
>would be to look at the plug' in which detected the vulnerability in the
>first place - and I don't know which one it is.
>
>Any ideas guys?
>
>Thank you for your help.
>
>Kind regards,
>cissper
>
>
>
>---------------------------------------------------------------------------
>Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
>
>Protect your network with the comprehensive security solution that
>integrates six applications for ease of use and lower TCO.
>
>Firewall - Virus protection - Spam protection - URL blocking - VPN
>- Wireless security.
>
>Download 30-day evaluation at:
>http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
>----------------------------------------------------------------------------
>
_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
----------------------------------------------------------------------------
- Previous message: John Petropoulos: "RE: Firewall Netscreen 10 - URGENTLY"
- Maybe in reply to: cissper: "nessus which plug'in reports which vulnerability?"
- Next in thread: Harshul Nayak: "RE: nessus which plug'in reports which vulnerability?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
