Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: nessus which plug'in reports which vulnerability?
From: "MARTIN M. Bénoni" <benoni_martin () hotmail com>
Date: Mon, 23 Feb 2004 10:22:25 +0000

You can get the source of the plugins on your box (the exact place of these depend on your box, but they are *.nasl files, an "find / -name *.nasl | grep dns" should help you in your case), or here: http://cgi.nessus.org/plugins/dump.php3?viewby=family.

An example of a code sourceis here:
http://cvsweb.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/scripts/frontpage_passwordless.nasl?content-type=text/plain (that's an example)

Hope it can helps :)


From: "cissper" <cissper () yahoo com au>
To: <pen-test () securityfocus com>
Subject: nessus which plug'in reports which vulnerability?
Date: Mon, 23 Feb 2004 13:24:22 +1100

Hi all

One of my favourite general purpose scanner is nessus for obvious
reasons. However, I do struggle with the interpretation and evaluation
of the results:
After the scan, I use the report function to generate a HTML type
report. The vulnerabilities listed in that report are not associated
with the plug-in's that detected them in the first place. How can I
possible know which plug-in detected which vulnerability? I need to
validate the identified vulnerabilities in order to eliminate false
positives, therefore I would like to know which script was used to
identify a certain vulnerability.

One simple example:
nessus reports that a DNS zone transfer was possible. However, when I
try to manually perform a zone transfer, I am not able to do so!
The conclusion would be a false positive - but - maybe the script is
using a more sophisticated approach and is successful! The next step
would be to look at the plug' in which detected the vulnerability in the
first place - and I don't know which one it is.

Any ideas guys?

Thank you for your help.

Kind regards,
cissper



---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
----------------------------------------------------------------------------


_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]