Penetration Testing mailing list archives
RE: nessus which plug'in reports which vulnerability?
From: "Vaccare, Anthony" <rvaccare () ola state md us>
Date: Mon, 23 Feb 2004 10:24:10 -0500
I posted your question to the Nessus ListServ and received the following responses. Hopefully this helps (it was enlightening for me, a Nessus newbie): ======================================================================== ========== The GTK client actually *does* link the result of the plugins to each plugin ID. If you export results in HTML, you can even click on the plugin link and be sent to the Nessus forums where you can ask questions about the results and all. I guess that this person is using NessusWX, which - as far as I understand it - does not include such links. Maybe that's a feature which should be asked to Victor ? _______________________________________________ ======================================================================== ==========
I suppose that since I am pretty new to Nessus and use NessusWX, I am not familiar with that functionality. I imagine the user that posted that question was in the same boat. Renaud, is there any way I could see what you are talking about on the Nessus client machine, or is it that since I am using NessusWX, I cannot produce the results with links at all?
The links are not available, but the plug-in ID number is displayed in the NessusWX results. From there, you can create your own link using the below URL: http://cgi.nessus.org/plugins/dump.php3?id=XXXXXXXXXX (obviously, replace the "XXXXX" with the plug-in number from NessusWX) ======================================================================== =========== -----Original Message----- From: cissper [mailto:cissper () yahoo com au] Sent: Sunday, February 22, 2004 9:24 PM To: pen-test () securityfocus com Subject: nessus which plug'in reports which vulnerability? Hi all One of my favourite general purpose scanner is nessus for obvious reasons. However, I do struggle with the interpretation and evaluation of the results: After the scan, I use the report function to generate a HTML type report. The vulnerabilities listed in that report are not associated with the plug-in's that detected them in the first place. How can I possible know which plug-in detected which vulnerability? I need to validate the identified vulnerabilities in order to eliminate false positives, therefore I would like to know which script was used to identify a certain vulnerability. One simple example: nessus reports that a DNS zone transfer was possible. However, when I try to manually perform a zone transfer, I am not able to do so! The conclusion would be a false positive - but - maybe the script is using a more sophisticated approach and is successful! The next step would be to look at the plug' in which detected the vulnerability in the first place - and I don't know which one it is. Any ideas guys? Thank you for your help. Kind regards, cissper ------------------------------------------------------------------------ --- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_pen-test_040219 ------------------------------------------------------------------------ ---- ************************************************************* Scanned by net.work.Maryland Antivirus Service ... the Backbone of eMaryland, the Digital State. ************************************************************* --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_pen-test_040219 ----------------------------------------------------------------------------
Current thread:
- nessus which plug'in reports which vulnerability? cissper (Feb 22)
- Re: nessus which plug'in reports which vulnerability? Javier Fernandez-Sanguino (Feb 24)
- RE: nessus which plug'in reports which vulnerability? Pete Herzog (Feb 24)
- RE: nessus which plug'in reports which vulnerability? Harshul Nayak (Feb 24)
- <Possible follow-ups>
- RE: nessus which plug'in reports which vulnerability? MARTIN M. Bénoni (Feb 24)
- RE: nessus which plug'in reports which vulnerability? Vaccare, Anthony (Feb 24)
- RE: nessus which plug'in reports which vulnerability? cissper (Feb 25)
- RE: nessus which plug'in reports which vulnerability? Vaccare, Anthony (Feb 25)