I've noticed that when specifying the ports to scan, nessus will accept default, or a list of ports, but will not accept something like "default,1234,2345" which is what I would expect to be able to put in if I wanted to scan all the default ports but wanted to be sure to add a couple of extra ports to the scan. Nessus doesn't like this combination. Does this seem like something nessus should do?
While I'm on the subject of the port specification, I've noticed some strange results (nessus 2.2.2a, so pretty recent). On occasion I've wanted to return to a single port and rescan. So for example the web server is running, so I want to run only the things on 80. (I know that the nasl interpreter allows you to run individual plugins if you can plug the right options in, but that's not convenient to run all CGI Abuse category plugins, for example.) TCP Scanning options is SYN Scan but NMap is selected as the scanner. Optimize checks off, assume other ports closed. So I run the scan, and even though 80 is the only port in the list, and assume other ports closed, 80 doesn't even show up in the results, 53 is the only one that shows up (with some DNS information).
I've had strange results whenever the assume other ports closed was checked, but it was ususally involved in something like netbios where I suppose some other port could have been required to run the test. This one is really blatent, there's no other related port.
Thanks
While I'm on the subject of the port specification, I've noticed some strange results (nessus 2.2.2a, so pretty recent). On occasion I've wanted to return to a single port and rescan. So for example the web server is running, so I want to run only the things on 80. (I know that the nasl interpreter allows you to run individual plugins if you can plug the right options in, but that's not convenient to run all CGI Abuse category plugins, for example.) TCP Scanning options is SYN Scan but NMap is selected as the scanner. Optimize checks off, assume other ports closed. So I run the scan, and even though 80 is the only port in the list, and assume other ports closed, 80 doesn't even show up in the results, 53 is the only one that shows up (with some DNS information).
I've had strange results whenever the assume other ports closed was checked, but it was ususally involved in something like netbios where I suppose some other port could have been required to run the test. This one is really blatent, there's no other related port.
Thanks