Hi
Thanks for info, and one more thing
I am using Windows XP , Intel pentium 2.8Ghz (Duel core) , 2 GB Ram
where lInux Machine is 2.6 Ghz (Duel Core), 256 Mb Ram, RedHat Linux 9.0
Please confirm the usage of Nessus on Windows , with out having Nessus Tcp
Scanner Option.
Both on linux & windows can be continued , need any updates please help me
on this issue
Regards
Srikanth
On Wed, Sep 10, 2008 at 9:30 PM, <nessus-request@list.nessus.org> wrote:
> Send Nessus mailing list submissions to
> nessus@list.nessus.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mail.nessus.org/mailman/listinfo/nessus
> or, via email, send a message with subject or body 'help' to
> nessus-request@list.nessus.org
>
> You can reach the person managing the list at
> nessus-owner@list.nessus.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Nessus digest..."
>
>
> Today's Topics:
>
> 1. Re: Regarding Nessus tool on Windows (Ron Gula)
> 2. Re: Regarding Nessus tool on Windows (Michel Arboi)
> 3. plug-in for blank telnet password (Mandal, Rakesh)
> 4. RE: plug-in for blank telnet password (Mandal, Rakesh)
> 5. Plugin ID 11138 - Citrix published applications (Steve Templists)
> 6. Re: Plugin ID 11138 - Citrix published applications
> (George A. Theall)
> 7. Re: plug-in for blank telnet password (YARICK)
>
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 10 Sep 2008 08:32:10 -0400
> From: Ron Gula <rgula@tenablesecurity.com>
> Subject: Re: Regarding Nessus tool on Windows
> Cc: "nessus@list.nessus.org" <nessus@list.nessus.org>
> Message-ID: <48C7BE4A.8070804@tenablesecurity.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Hi there,
>
> Are your Nessus installs for Windows and Linux both on the same type of
> hardware, or does your Linux scanner run in a VM?
>
> Also, since you mentioned your Linux client was older, I am curious
> if you are using an older version of Nessus (Nessus 2). If so, it is
> much slower than Nessus 3.
>
> Ron Gula
> Tenable Network Security
>
> Srikanth Rakuditi wrote:
> > Hi All,
> >
> > This is Srikanth, I was installed Nessus tool on Windows and Linux ,
> Linux one is bit older one (Nessus Client V1.02) & Windows having newer
> version (Nessus Client V3.2.1.1)
> >
> > I was Configured Same Configurations both in Linux & windows .
> >
> > Below Two Options are not available in windows
> >
> > In Options Tab
> > ---------------------
> > 1) Exclude top-level domain wildcard host
> >
> > in Advanced Tab
> > ------------------------
> > 2 ) "Nessus TCP Scanner" pull down menu is not existing.
> >
> >
> > issue 1 : If above two options are required , how to update the tool
> > ------------
> >
> > issue 2 :
> > ------------
> >
> > While I am running the Nessus tool on Linux it took more than 3 hrs
> time
> > Where in Windows it's taking only 20 to 25 min's
> >
> > Why it's taking less time in windows , what are the dependencies any
> extra plugins are required, any other dependencies on windows.
> > Where I Was using Windows XP, IE 7.0 Browser.
> >
> > Please help me on this ASAP.
> >
> > Regards
> > Srikanth
> >
> >
> >
> >
> >
> >
> > ________________________________
> > "DISCLAIMER: This message is proprietary to Aricent and is intended
> solely for the use of the individual to whom it is addressed. It may contain
> privileged or confidential information and should not be circulated or used
> for any purpose other than for what it is intended. If you have received
> this message in error,please notify the originator immediately. If you are
> not the intended recipient, you are notified that you are strictly
> prohibited from using, copying, altering, or disclosing the contents of this
> message. Aricent accepts no responsibility forloss or damage arising from
> the use of the information transmitted by this email including damage from
> virus."
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Nessus mailing list
> > Nessus@list.nessus.org
> > http://mail.nessus.org/mailman/listinfo/nessus
>
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 10 Sep 2008 14:43:37 +0200
> From: Michel Arboi <mikhail@nessus.org>
> Subject: Re: Regarding Nessus tool on Windows
> To: nessus@list.nessus.org
> Cc: Srikanth Rakuditi <srikanth.rakuditi@aricent.com>
> Message-ID: <200809101443.37185.mikhail@nessus.org>
> Content-Type: text/plain; charset="iso-8859-15"
>
> On Tuesday 09 September 2008 14:52:40 Srikanth Rakuditi wrote:
> > 2 ) "Nessus TCP Scanner" pull down menu is not existing.
>
> This scanner does not exist on Windows. It would be very slow on Windows XP
> SP2.
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 10 Sep 2008 08:49:33 -0400
> From: "Mandal, Rakesh" <rmandal@raytel.com>
> Subject: plug-in for blank telnet password
> To: <nessus@list.nessus.org>
> Message-ID:
> <96CA8DA99AB9D746B4219B4DA137A48EB23435@S0E2000.RaytelMedCorp.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Hi,
>
>
>
> I am Rakesh and we have installed Nessus 3 for scanning our network. Can
> anyone tell me which plug-in I need to select to scan for blank telnet,
> FTP, SQL, IIS, WEB server passwords...
>
>
>
> Please help me on this ASAP.
>
>
>
>
>
> Rakesh Mandal.
> Email: rmandal@raytel.com
>
>
>
> <mailto:rmandal@raytel.com>
>
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://mail.nessus.org/pipermail/nessus/attachments/20080910/ce7edbc0/attachment-0001.html
>
> ------------------------------
>
> Message: 4
> Date: Wed, 10 Sep 2008 10:36:56 -0400
> From: "Mandal, Rakesh" <rmandal@raytel.com>
> Subject: RE: plug-in for blank telnet password
> To: <yarickmirskiy@gmail.com>
> Cc: nessus@list.nessus.org
> Message-ID:
> <96CA8DA99AB9D746B4219B4DA137A48EB1F7AD@S0E2000.RaytelMedCorp.com>
> Content-Type: text/plain; charset="us-ascii"
>
> That's not the way Nessus is design to work you have thousand of plug-in
> each for specific use. Any it's not advisable to select all the plug-in
> as it might kill some of your server by intense scanning ......
>
> So request you to let me know if you know specific plug-in for the blank
> telnet , FTP etc.... password.
>
>
>
> Rakesh Mandal.
> Email: rmandal@raytel.com
>
>
>
> <mailto:rmandal@raytel.com>
>
> _____
>
> From: yarickmirskiy@gmail.com [mailto:yarickmirskiy@gmail.com] On Behalf
> Of YARICK
> Sent: Wednesday, September 10, 2008 10:30 AM
> To: Mandal, Rakesh
> Subject: Re: plug-in for blank telnet password
>
>
>
> i suggest to select all the plugins and nessus will only run applicable
> ones to the hosts detected.
>
>
>
> On Wed, Sep 10, 2008 at 8:49 AM, Mandal, Rakesh <rmandal@raytel.com>
> wrote:
>
> Hi,
>
>
>
> I am Rakesh and we have installed Nessus 3 for scanning our network. Can
> anyone tell me which plug-in I need to select to scan for blank telnet,
> FTP, SQL, IIS, WEB server passwords...
>
>
>
> Please help me on this ASAP.
>
>
>
>
>
> Rakesh Mandal.
> Email: rmandal@raytel.com
>
>
>
> <mailto:rmandal@raytel.com>
>
>
>
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
>
>
>
> --
> --Yarick Tsagoyko
>
> Advisory Notice: Email is covered by the Electronic Communications
> Privacy Act and is legally privileged, but inherently insecure. Content
> may be subject to alteration: email addresses may incorrectly identify
> the sender. This email transmission, and any documents, files, or
> previous email messages attached to it may be privileged and
> confidential, and are intended only for the use of the recipient(s)
> named in the address field. If the reader of this message is not an
> intended recipient, or the employee or agent responsible to deliver it
> to the recipient, you are hereby notified that any dissemination,
> distribution, or copying of this message or its contents is strictly
> prohibited. If you have received this message in error, please notify me
> by telephone or return email and delete it and any attachments from your
> computer. Thank you.
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://mail.nessus.org/pipermail/nessus/attachments/20080910/5b4e1333/attachment-0001.html
>
> ------------------------------
>
> Message: 5
> Date: Wed, 10 Sep 2008 11:05:07 -0400
> From: "Steve Templists" <stemplists@gmail.com>
> Subject: Plugin ID 11138 - Citrix published applications
> To: Nessus@list.nessus.org
> Message-ID:
> <9e70c19f0809100805h5401661ateda55d82549d2239@mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Does anyone know how/if this vulnerability can be prevented? The plugin
> doesn't provide any recommendations and I don't have access to a Citrix
> server (this was found on a clients network) to develop any of my own.
> Also, the risk factor is a "Medium" but doesn't say the CVV2 style rating,
> would this still be a medium with the new rating system?
>
> BTW..The link for more information is no longer valid. The new link is:
> http://sh0dan.org/oldfiles/hackingcitrix.html
>
> I'd love to be able to provide my client with better information than what
> is provided above if anyone can help.
>
> Thanks.
> Steve
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://mail.nessus.org/pipermail/nessus/attachments/20080910/5d9726dd/attachment-0001.html
>
> ------------------------------
>
> Message: 6
> Date: Wed, 10 Sep 2008 11:20:43 -0400
> From: "George A. Theall" <theall@tenablesecurity.com>
> Subject: Re: Plugin ID 11138 - Citrix published applications
> To: nessus@list.nessus.org
> Message-ID: <E6E793A7-204F-4CD7-B441-ED8415685208@tenablesecurity.com>
> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
>
> On Sep 10, 2008, at 11:05 AM, Steve Templists wrote:
>
> > Does anyone know how/if this vulnerability can be prevented? The
> > plugin doesn't provide any recommendations and I don't have access
> > to a Citrix server (this was found on a clients network) to develop
> > any of my own.
>
> I don't off-hand, but notice that the hackingcitrix document includes
> a section entitled "Securing Citrix" with some tips.
>
> > Also, the risk factor is a "Medium" but doesn't say the CVV2 style
> > rating, would this still be a medium with the new rating system?
>
> Yes.
>
> > BTW..The link for more information is no longer valid. The new link
> > is: http://sh0dan.org/oldfiles/hackingcitrix.html
>
> Thanks. I'll update the plugin shortly with the new link, a CVSS
> score, and revise the description to agree with our more recent plugins.
>
> George
> --
> theall@tenablesecurity.com
>
>
>
>
>
> ------------------------------
>
> Message: 7
> Date: Wed, 10 Sep 2008 11:26:06 -0400
> From: YARICK <yarick@yarick.com>
> Subject: Re: plug-in for blank telnet password
> To: "Mandal, Rakesh" <rmandal@raytel.com>
> Cc: nessus@list.nessus.org
> Message-ID:
> <a2e6d8480809100826p61be38c1rb5f7dd44da08e89@mail.gmail.com>
> Content-Type: text/plain; charset="windows-1252"
>
> I am sorry, but it is my understanding that nessus scans a server without
> crashing it ( given you have SAFE CHECKS enabled ) and then determines
> which
> plugins are appropriate to run against the given host. For example AIX or
> CISCO plugins will not run against a microsoft based host.
>
> you are welcome to search for a specific plugin on www.nessus.org/plugins
> which is a very nice search facility for a given plugin by name in
> description, for example a word 'telnet'
>
> also, there is a facility to use NASL script language to write your own
> checks for specific things like you are talking about. please post them on
> this list once you do.
>
>
>
> On Wed, Sep 10, 2008 at 10:36 AM, Mandal, Rakesh <rmandal@raytel.com>
> wrote:
>
> > That's not the way Nessus is design to work you have thousand of plug-in
> > each for specific use. Any it's not advisable to select all the plug-in
> as
> > it might kill some of your server by intense scanning ??
> >
> > So request you to let me know if you know specific plug-in for the blank
> > telnet , FTP etc?. password.
> >
> >
> >
> > Rakesh Mandal.
> > Email: rmandal@raytel.com
> >
> >
> >
> > <rmandal@raytel.com>
> > ------------------------------
> >
> > *From:* yarickmirskiy@gmail.com [mailto:yarickmirskiy@gmail.com] *On
> > Behalf Of *YARICK
> > *Sent:* Wednesday, September 10, 2008 10:30 AM
> > *To:* Mandal, Rakesh
> > *Subject:* Re: plug-in for blank telnet password
> >
> >
> >
> > i suggest to select all the plugins and nessus will only run applicable
> > ones to the hosts detected.
> >
> > On Wed, Sep 10, 2008 at 8:49 AM, Mandal, Rakesh <rmandal@raytel.com>
> > wrote:
> >
> > Hi,
> >
> >
> >
> > I am Rakesh and we have installed Nessus 3 for scanning our network. Can
> > anyone tell me which plug-in I need to select to scan for blank telnet,
> FTP,
> > SQL, IIS, WEB server passwords?
> >
> >
> >
> > Please help me on this ASAP.
> >
> >
> >
> >
> >
> > Rakesh Mandal.
> > Email: rmandal@raytel.com
> >
> >
> >
> > <rmandal@raytel.com>
> >
> >
> >
> >
> > _______________________________________________
> > Nessus mailing list
> > Nessus@list.nessus.org
> > http://mail.nessus.org/mailman/listinfo/nessus
> >
> >
> >
> >
> > --
> > --Yarick Tsagoyko
> >
> > Advisory Notice: Email is covered by the Electronic Communications
> Privacy
> > Act and is legally privileged, but inherently insecure. Content may be
> > subject to alteration: email addresses may incorrectly identify the
> sender.
> > This email transmission, and any documents, files, or previous email
> > messages attached to it may be privileged and confidential, and are
> intended
> > only for the use of the recipient(s) named in the address field. If the
> > reader of this message is not an intended recipient, or the employee or
> > agent responsible to deliver it to the recipient, you are hereby notified
> > that any dissemination, distribution, or copying of this message or its
> > contents is strictly prohibited. If you have received this message in
> error,
> > please notify me by telephone or return email and delete it and any
> > attachments from your computer. Thank you.
> >
>
>
>
> --
> --Yarick Tsagoyko
>
> Advisory Notice: Email is covered by the Electronic Communications Privacy
> Act and is legally privileged, but inherently insecure. Content may be
> subject to alteration: email addresses may incorrectly identify the sender.
> This email transmission, and any documents, files, or previous email
> messages attached to it may be privileged and confidential, and are
> intended
> only for the use of the recipient(s) named in the address field. If the
> reader of this message is not an intended recipient, or the employee or
> agent responsible to deliver it to the recipient, you are hereby notified
> that any dissemination, distribution, or copying of this message or its
> contents is strictly prohibited. If you have received this message in
> error,
> please notify me by telephone or return email and delete it and any
> attachments from your computer. Thank you.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://mail.nessus.org/pipermail/nessus/attachments/20080910/ce35422f/attachment-0001.html
>
> ------------------------------
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
> End of Nessus Digest, Vol 59, Issue 7
> *************************************
>
Thanks for info, and one more thing
I am using Windows XP , Intel pentium 2.8Ghz (Duel core) , 2 GB Ram
where lInux Machine is 2.6 Ghz (Duel Core), 256 Mb Ram, RedHat Linux 9.0
Please confirm the usage of Nessus on Windows , with out having Nessus Tcp
Scanner Option.
Both on linux & windows can be continued , need any updates please help me
on this issue
Regards
Srikanth
On Wed, Sep 10, 2008 at 9:30 PM, <nessus-request@list.nessus.org> wrote:
> Send Nessus mailing list submissions to
> nessus@list.nessus.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mail.nessus.org/mailman/listinfo/nessus
> or, via email, send a message with subject or body 'help' to
> nessus-request@list.nessus.org
>
> You can reach the person managing the list at
> nessus-owner@list.nessus.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Nessus digest..."
>
>
> Today's Topics:
>
> 1. Re: Regarding Nessus tool on Windows (Ron Gula)
> 2. Re: Regarding Nessus tool on Windows (Michel Arboi)
> 3. plug-in for blank telnet password (Mandal, Rakesh)
> 4. RE: plug-in for blank telnet password (Mandal, Rakesh)
> 5. Plugin ID 11138 - Citrix published applications (Steve Templists)
> 6. Re: Plugin ID 11138 - Citrix published applications
> (George A. Theall)
> 7. Re: plug-in for blank telnet password (YARICK)
>
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 10 Sep 2008 08:32:10 -0400
> From: Ron Gula <rgula@tenablesecurity.com>
> Subject: Re: Regarding Nessus tool on Windows
> Cc: "nessus@list.nessus.org" <nessus@list.nessus.org>
> Message-ID: <48C7BE4A.8070804@tenablesecurity.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Hi there,
>
> Are your Nessus installs for Windows and Linux both on the same type of
> hardware, or does your Linux scanner run in a VM?
>
> Also, since you mentioned your Linux client was older, I am curious
> if you are using an older version of Nessus (Nessus 2). If so, it is
> much slower than Nessus 3.
>
> Ron Gula
> Tenable Network Security
>
> Srikanth Rakuditi wrote:
> > Hi All,
> >
> > This is Srikanth, I was installed Nessus tool on Windows and Linux ,
> Linux one is bit older one (Nessus Client V1.02) & Windows having newer
> version (Nessus Client V3.2.1.1)
> >
> > I was Configured Same Configurations both in Linux & windows .
> >
> > Below Two Options are not available in windows
> >
> > In Options Tab
> > ---------------------
> > 1) Exclude top-level domain wildcard host
> >
> > in Advanced Tab
> > ------------------------
> > 2 ) "Nessus TCP Scanner" pull down menu is not existing.
> >
> >
> > issue 1 : If above two options are required , how to update the tool
> > ------------
> >
> > issue 2 :
> > ------------
> >
> > While I am running the Nessus tool on Linux it took more than 3 hrs
> time
> > Where in Windows it's taking only 20 to 25 min's
> >
> > Why it's taking less time in windows , what are the dependencies any
> extra plugins are required, any other dependencies on windows.
> > Where I Was using Windows XP, IE 7.0 Browser.
> >
> > Please help me on this ASAP.
> >
> > Regards
> > Srikanth
> >
> >
> >
> >
> >
> >
> > ________________________________
> > "DISCLAIMER: This message is proprietary to Aricent and is intended
> solely for the use of the individual to whom it is addressed. It may contain
> privileged or confidential information and should not be circulated or used
> for any purpose other than for what it is intended. If you have received
> this message in error,please notify the originator immediately. If you are
> not the intended recipient, you are notified that you are strictly
> prohibited from using, copying, altering, or disclosing the contents of this
> message. Aricent accepts no responsibility forloss or damage arising from
> the use of the information transmitted by this email including damage from
> virus."
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Nessus mailing list
> > Nessus@list.nessus.org
> > http://mail.nessus.org/mailman/listinfo/nessus
>
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 10 Sep 2008 14:43:37 +0200
> From: Michel Arboi <mikhail@nessus.org>
> Subject: Re: Regarding Nessus tool on Windows
> To: nessus@list.nessus.org
> Cc: Srikanth Rakuditi <srikanth.rakuditi@aricent.com>
> Message-ID: <200809101443.37185.mikhail@nessus.org>
> Content-Type: text/plain; charset="iso-8859-15"
>
> On Tuesday 09 September 2008 14:52:40 Srikanth Rakuditi wrote:
> > 2 ) "Nessus TCP Scanner" pull down menu is not existing.
>
> This scanner does not exist on Windows. It would be very slow on Windows XP
> SP2.
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 10 Sep 2008 08:49:33 -0400
> From: "Mandal, Rakesh" <rmandal@raytel.com>
> Subject: plug-in for blank telnet password
> To: <nessus@list.nessus.org>
> Message-ID:
> <96CA8DA99AB9D746B4219B4DA137A48EB23435@S0E2000.RaytelMedCorp.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Hi,
>
>
>
> I am Rakesh and we have installed Nessus 3 for scanning our network. Can
> anyone tell me which plug-in I need to select to scan for blank telnet,
> FTP, SQL, IIS, WEB server passwords...
>
>
>
> Please help me on this ASAP.
>
>
>
>
>
> Rakesh Mandal.
> Email: rmandal@raytel.com
>
>
>
> <mailto:rmandal@raytel.com>
>
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://mail.nessus.org/pipermail/nessus/attachments/20080910/ce7edbc0/attachment-0001.html
>
> ------------------------------
>
> Message: 4
> Date: Wed, 10 Sep 2008 10:36:56 -0400
> From: "Mandal, Rakesh" <rmandal@raytel.com>
> Subject: RE: plug-in for blank telnet password
> To: <yarickmirskiy@gmail.com>
> Cc: nessus@list.nessus.org
> Message-ID:
> <96CA8DA99AB9D746B4219B4DA137A48EB1F7AD@S0E2000.RaytelMedCorp.com>
> Content-Type: text/plain; charset="us-ascii"
>
> That's not the way Nessus is design to work you have thousand of plug-in
> each for specific use. Any it's not advisable to select all the plug-in
> as it might kill some of your server by intense scanning ......
>
> So request you to let me know if you know specific plug-in for the blank
> telnet , FTP etc.... password.
>
>
>
> Rakesh Mandal.
> Email: rmandal@raytel.com
>
>
>
> <mailto:rmandal@raytel.com>
>
> _____
>
> From: yarickmirskiy@gmail.com [mailto:yarickmirskiy@gmail.com] On Behalf
> Of YARICK
> Sent: Wednesday, September 10, 2008 10:30 AM
> To: Mandal, Rakesh
> Subject: Re: plug-in for blank telnet password
>
>
>
> i suggest to select all the plugins and nessus will only run applicable
> ones to the hosts detected.
>
>
>
> On Wed, Sep 10, 2008 at 8:49 AM, Mandal, Rakesh <rmandal@raytel.com>
> wrote:
>
> Hi,
>
>
>
> I am Rakesh and we have installed Nessus 3 for scanning our network. Can
> anyone tell me which plug-in I need to select to scan for blank telnet,
> FTP, SQL, IIS, WEB server passwords...
>
>
>
> Please help me on this ASAP.
>
>
>
>
>
> Rakesh Mandal.
> Email: rmandal@raytel.com
>
>
>
> <mailto:rmandal@raytel.com>
>
>
>
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
>
>
>
> --
> --Yarick Tsagoyko
>
> Advisory Notice: Email is covered by the Electronic Communications
> Privacy Act and is legally privileged, but inherently insecure. Content
> may be subject to alteration: email addresses may incorrectly identify
> the sender. This email transmission, and any documents, files, or
> previous email messages attached to it may be privileged and
> confidential, and are intended only for the use of the recipient(s)
> named in the address field. If the reader of this message is not an
> intended recipient, or the employee or agent responsible to deliver it
> to the recipient, you are hereby notified that any dissemination,
> distribution, or copying of this message or its contents is strictly
> prohibited. If you have received this message in error, please notify me
> by telephone or return email and delete it and any attachments from your
> computer. Thank you.
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://mail.nessus.org/pipermail/nessus/attachments/20080910/5b4e1333/attachment-0001.html
>
> ------------------------------
>
> Message: 5
> Date: Wed, 10 Sep 2008 11:05:07 -0400
> From: "Steve Templists" <stemplists@gmail.com>
> Subject: Plugin ID 11138 - Citrix published applications
> To: Nessus@list.nessus.org
> Message-ID:
> <9e70c19f0809100805h5401661ateda55d82549d2239@mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Does anyone know how/if this vulnerability can be prevented? The plugin
> doesn't provide any recommendations and I don't have access to a Citrix
> server (this was found on a clients network) to develop any of my own.
> Also, the risk factor is a "Medium" but doesn't say the CVV2 style rating,
> would this still be a medium with the new rating system?
>
> BTW..The link for more information is no longer valid. The new link is:
> http://sh0dan.org/oldfiles/hackingcitrix.html
>
> I'd love to be able to provide my client with better information than what
> is provided above if anyone can help.
>
> Thanks.
> Steve
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://mail.nessus.org/pipermail/nessus/attachments/20080910/5d9726dd/attachment-0001.html
>
> ------------------------------
>
> Message: 6
> Date: Wed, 10 Sep 2008 11:20:43 -0400
> From: "George A. Theall" <theall@tenablesecurity.com>
> Subject: Re: Plugin ID 11138 - Citrix published applications
> To: nessus@list.nessus.org
> Message-ID: <E6E793A7-204F-4CD7-B441-ED8415685208@tenablesecurity.com>
> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
>
> On Sep 10, 2008, at 11:05 AM, Steve Templists wrote:
>
> > Does anyone know how/if this vulnerability can be prevented? The
> > plugin doesn't provide any recommendations and I don't have access
> > to a Citrix server (this was found on a clients network) to develop
> > any of my own.
>
> I don't off-hand, but notice that the hackingcitrix document includes
> a section entitled "Securing Citrix" with some tips.
>
> > Also, the risk factor is a "Medium" but doesn't say the CVV2 style
> > rating, would this still be a medium with the new rating system?
>
> Yes.
>
> > BTW..The link for more information is no longer valid. The new link
> > is: http://sh0dan.org/oldfiles/hackingcitrix.html
>
> Thanks. I'll update the plugin shortly with the new link, a CVSS
> score, and revise the description to agree with our more recent plugins.
>
> George
> --
> theall@tenablesecurity.com
>
>
>
>
>
> ------------------------------
>
> Message: 7
> Date: Wed, 10 Sep 2008 11:26:06 -0400
> From: YARICK <yarick@yarick.com>
> Subject: Re: plug-in for blank telnet password
> To: "Mandal, Rakesh" <rmandal@raytel.com>
> Cc: nessus@list.nessus.org
> Message-ID:
> <a2e6d8480809100826p61be38c1rb5f7dd44da08e89@mail.gmail.com>
> Content-Type: text/plain; charset="windows-1252"
>
> I am sorry, but it is my understanding that nessus scans a server without
> crashing it ( given you have SAFE CHECKS enabled ) and then determines
> which
> plugins are appropriate to run against the given host. For example AIX or
> CISCO plugins will not run against a microsoft based host.
>
> you are welcome to search for a specific plugin on www.nessus.org/plugins
> which is a very nice search facility for a given plugin by name in
> description, for example a word 'telnet'
>
> also, there is a facility to use NASL script language to write your own
> checks for specific things like you are talking about. please post them on
> this list once you do.
>
>
>
> On Wed, Sep 10, 2008 at 10:36 AM, Mandal, Rakesh <rmandal@raytel.com>
> wrote:
>
> > That's not the way Nessus is design to work you have thousand of plug-in
> > each for specific use. Any it's not advisable to select all the plug-in
> as
> > it might kill some of your server by intense scanning ??
> >
> > So request you to let me know if you know specific plug-in for the blank
> > telnet , FTP etc?. password.
> >
> >
> >
> > Rakesh Mandal.
> > Email: rmandal@raytel.com
> >
> >
> >
> > <rmandal@raytel.com>
> > ------------------------------
> >
> > *From:* yarickmirskiy@gmail.com [mailto:yarickmirskiy@gmail.com] *On
> > Behalf Of *YARICK
> > *Sent:* Wednesday, September 10, 2008 10:30 AM
> > *To:* Mandal, Rakesh
> > *Subject:* Re: plug-in for blank telnet password
> >
> >
> >
> > i suggest to select all the plugins and nessus will only run applicable
> > ones to the hosts detected.
> >
> > On Wed, Sep 10, 2008 at 8:49 AM, Mandal, Rakesh <rmandal@raytel.com>
> > wrote:
> >
> > Hi,
> >
> >
> >
> > I am Rakesh and we have installed Nessus 3 for scanning our network. Can
> > anyone tell me which plug-in I need to select to scan for blank telnet,
> FTP,
> > SQL, IIS, WEB server passwords?
> >
> >
> >
> > Please help me on this ASAP.
> >
> >
> >
> >
> >
> > Rakesh Mandal.
> > Email: rmandal@raytel.com
> >
> >
> >
> > <rmandal@raytel.com>
> >
> >
> >
> >
> > _______________________________________________
> > Nessus mailing list
> > Nessus@list.nessus.org
> > http://mail.nessus.org/mailman/listinfo/nessus
> >
> >
> >
> >
> > --
> > --Yarick Tsagoyko
> >
> > Advisory Notice: Email is covered by the Electronic Communications
> Privacy
> > Act and is legally privileged, but inherently insecure. Content may be
> > subject to alteration: email addresses may incorrectly identify the
> sender.
> > This email transmission, and any documents, files, or previous email
> > messages attached to it may be privileged and confidential, and are
> intended
> > only for the use of the recipient(s) named in the address field. If the
> > reader of this message is not an intended recipient, or the employee or
> > agent responsible to deliver it to the recipient, you are hereby notified
> > that any dissemination, distribution, or copying of this message or its
> > contents is strictly prohibited. If you have received this message in
> error,
> > please notify me by telephone or return email and delete it and any
> > attachments from your computer. Thank you.
> >
>
>
>
> --
> --Yarick Tsagoyko
>
> Advisory Notice: Email is covered by the Electronic Communications Privacy
> Act and is legally privileged, but inherently insecure. Content may be
> subject to alteration: email addresses may incorrectly identify the sender.
> This email transmission, and any documents, files, or previous email
> messages attached to it may be privileged and confidential, and are
> intended
> only for the use of the recipient(s) named in the address field. If the
> reader of this message is not an intended recipient, or the employee or
> agent responsible to deliver it to the recipient, you are hereby notified
> that any dissemination, distribution, or copying of this message or its
> contents is strictly prohibited. If you have received this message in
> error,
> please notify me by telephone or return email and delete it and any
> attachments from your computer. Thank you.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://mail.nessus.org/pipermail/nessus/attachments/20080910/ce35422f/attachment-0001.html
>
> ------------------------------
>
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>
> End of Nessus Digest, Vol 59, Issue 7
> *************************************
>