Nessus
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Thorough test of a Web server

from [Arkadi.Kosmynin] [Permanent Link][Original]
To: <jms@bughunter.ca>
Subject: RE: Thorough test of a Web server
From: <Arkadi.Kosmynin@csiro.au>
Date: Sat, 20 Jan 2007 19:40:18 +1100
Cc: nessus@list.nessus.org
Delivered-to: sp-com-lists@consult.net
Delivered-to: nessus-list1@securepoint.com
Delivered-to: nessus@list.nessus.org
Domainkey-signature: s=email; d=csiro.au; c=nofws; q=dns; b=AkXOsu6mtTt4/i6Ied3QfOd+MWkWoeGEAVu4pjNWC+7X3WrRIJx5UVBQeEPQy27NK1KpzP/r9GT4kaJg9wQgcrvSprXxj9+7kIDba8csGYFHBPf9R8XhaQpxRi7uAiNk;
List-archive: <http://mail.nessus.org/pipermail/nessus>
List-help: <mailto:nessus-request@list.nessus.org?subject=help>
List-id: Discussion of Nessus software <nessus.list.nessus.org>
List-post: <mailto:nessus@list.nessus.org>
List-subscribe: <http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=subscribe>
List-unsubscribe: <http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=unsubscribe>
References: <011820071558.11585.45AF993A000E147C00002D4122007504389D0A9B0A03020E900006@comcast.net> <45AFB1CA.70105@tenablesecurity.com> <BF94750921492E4AA5B825026FCE6A24012A20C6@exnswn1-syd.nexus.csiro.au> <41677.24.70.141.188.1169195678.squirrel@mail.bughunter.ca>
Sender: nessus-bounces@list.nessus.org
Thread-index: Acc7o7YwbO4BX/emThO/yIlKDtR6ygAyrWAw
Thread-topic: Thorough test of a Web server 
Thanks,

AFAIK, this will add DoS tests that I don't want at this stage.

Regards,

Arkadi

> -----Original Message-----
> From: Justin Seitz [mailto:jms@bughunter.ca]
> Sent: Friday, 19 January 2007 7:35 PM
> To: Kosmynin, Arkadi (ATNF, Marsfield)
> Cc: nessus@list.nessus.org
> Subject: Re: Thorough test of a Web server
> 
> Are you using NessusWX? If so just disable the "Safe" scans, as I
believe
> this is essentially setting it to thorough.
> 
> Then again, it's late and sleep hasn't arrived at my door for days!
> 
> 
> JS
> 
> > Hello,
> >
> > I am trying to scan a web site with Nessus. Nessus server and client
are
> > both installed on my computer. The web server is on the local
network.
> >
> > I am using Nessus 3.0.4 on Win XP. I can configure it scan the
server,
> > but I don't think that it does what is expected. The web site has a
few
> > thousand pages, but scan takes only 20-30 minutes (I disable port
scans,
> > except port 80). I select all plugins, except the DoS group. The
> > webmiror plugin is selected too, but I don't think that it does
> > anything.
> >
> > I see this in scan information:
> >
> > Nessus version : 3.0.4
> > Plugin feed version : 200701161815
> > Type of plugin feed : Registered (7 days delay)
> > Scanner IP : <removed>
> > Port scanner(s) : synscan
> > Port range : 80
> > Thorough tests : no
> > Experimental tests : no
> > Paranoia level : 1
> > Report Verbosity : 1
> > Safe checks : yes
> > Max hosts : 20
> > Max checks : 4
> > Scan Start Date : 2007/1/18 12:20
> > Scan duration : 1676 sec
> >
> > The question is, how do I enable thorough tests? I want as tough
scan as
> > possible, even if it takes a couple days to do.
> >
> > The other question is, how to get the webmirror plugin working? I do
> > increase the number of cached pages to the max (99999).
> >
> > I found a couple of books describing Nessus, but they talk about
Nessus
> > 2. The new Nessus 3 interface is intuitive, but not well documented.
> >
> > Thanks,
> >
> > Arkadi
> > _______________________________________________
> > Nessus mailing list
> > Nessus@list.nessus.org
> > http://mail.nessus.org/mailman/listinfo/nessus
> >
> 

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: SSH Credentials problem, John Scherff
Next by Date:  RE: Thorough test of a Web server, Arkadi.Kosmynin
Previous by Thread:  Re: Thorough test of a Web server, Justin Seitz
Next by Thread:  Re: Thorough test of a Web server, George A. Theall
Indexes:  [Date] [Thread] [Top] [All Lists]