Hi Everyone,
I am having a little trouble getting nessus (version 3.2.1) to
do what I want it to. If I run it without any port scanners enabled,
the only information I get back is about port 22 and 80 and there is
some descriptive information about each. When I run the scan again
with a port scanner enabled like the "Nessus TCP Scanner" I see a
couple extra ports open in the results (that's good) but I'm missing
the extra descriptive information on all ports, including 22 and 80
(that's not so good). The extra descriptions aren't very insightful in
this case, but my boss wants them. So far Google hasn't been able to
answer this one for me. How can I get ALL this data in one report.
Hope you guys/gals can help. Below are the text versions of the two
reports:
Thanks,
Trevor
############ WITHOUT the port scanner #################
Nessus Scan Report
------------------
SUMMARY
- Number of hosts which were alive during the test : 1
- Number of security holes found : 0
- Number of security warnings found : 0
- Number of security notes found : 4
TESTED HOSTS
192.168.1.1 (Security notes found)
DETAILS
+ 192.168.1.1 :
. List of open ports :
o general/tcp (Security notes found)
o http (80/tcp) (Security notes found)
o ssh (22/tcp) (Security notes found)
. Information found on port general/tcp
192.168.1.1 resolves as example.com.
. Information found on port http (80/tcp)
A web server is running on this port
. Information found on port ssh (22/tcp)
Synopsis :
An SSH server is listening on this port.
Description :
It is possible to obtain information about the remote SSH
server by sending an empty authentication request.
Risk factor :
None
Plugin output :
SSH version : SSH-2.0-OpenSSH_4.3
SSH supported authentication : publickey,gssapi-with-mic,password
. Information found on port ssh (22/tcp)
Synopsis :
An SSH server is running on the remote host.
Description :
This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.
Risk factor :
None
Plugin output :
The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
SSHv2 host key fingerprint : 13:92:dd:43:13:87:e1:d9:1b:65:02:8a:2c:f7:76:f1
------------------------------------------------------
This file was generated by the Nessus Security Scanner
########### WITH the port scanner ##############
Nessus Scan Report
------------------
SUMMARY
- Number of hosts which were alive during the test : 1
- Number of security holes found : 0
- Number of security warnings found : 0
- Number of security notes found : 1
TESTED HOSTS
192.168.1.1 (Security notes found)
DETAILS
+ 192.168.1.1 :
. List of open ports :
o ssh (22/tcp)
o general/tcp (Security notes found)
o http (80/tcp)
o nessus (1241/tcp)
. Information found on port general/tcp
192.168.1.1 resolves as example.com
------------------------------------------------------
This file was generated by the Nessus Security Scanner
#################################
IP addresses and some other information above was altered for security purposes.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
I am having a little trouble getting nessus (version 3.2.1) to
do what I want it to. If I run it without any port scanners enabled,
the only information I get back is about port 22 and 80 and there is
some descriptive information about each. When I run the scan again
with a port scanner enabled like the "Nessus TCP Scanner" I see a
couple extra ports open in the results (that's good) but I'm missing
the extra descriptive information on all ports, including 22 and 80
(that's not so good). The extra descriptions aren't very insightful in
this case, but my boss wants them. So far Google hasn't been able to
answer this one for me. How can I get ALL this data in one report.
Hope you guys/gals can help. Below are the text versions of the two
reports:
Thanks,
Trevor
############ WITHOUT the port scanner #################
Nessus Scan Report
------------------
SUMMARY
- Number of hosts which were alive during the test : 1
- Number of security holes found : 0
- Number of security warnings found : 0
- Number of security notes found : 4
TESTED HOSTS
192.168.1.1 (Security notes found)
DETAILS
+ 192.168.1.1 :
. List of open ports :
o general/tcp (Security notes found)
o http (80/tcp) (Security notes found)
o ssh (22/tcp) (Security notes found)
. Information found on port general/tcp
192.168.1.1 resolves as example.com.
. Information found on port http (80/tcp)
A web server is running on this port
. Information found on port ssh (22/tcp)
Synopsis :
An SSH server is listening on this port.
Description :
It is possible to obtain information about the remote SSH
server by sending an empty authentication request.
Risk factor :
None
Plugin output :
SSH version : SSH-2.0-OpenSSH_4.3
SSH supported authentication : publickey,gssapi-with-mic,password
. Information found on port ssh (22/tcp)
Synopsis :
An SSH server is running on the remote host.
Description :
This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.
Risk factor :
None
Plugin output :
The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
SSHv2 host key fingerprint : 13:92:dd:43:13:87:e1:d9:1b:65:02:8a:2c:f7:76:f1
------------------------------------------------------
This file was generated by the Nessus Security Scanner
########### WITH the port scanner ##############
Nessus Scan Report
------------------
SUMMARY
- Number of hosts which were alive during the test : 1
- Number of security holes found : 0
- Number of security warnings found : 0
- Number of security notes found : 1
TESTED HOSTS
192.168.1.1 (Security notes found)
DETAILS
+ 192.168.1.1 :
. List of open ports :
o ssh (22/tcp)
o general/tcp (Security notes found)
o http (80/tcp)
o nessus (1241/tcp)
. Information found on port general/tcp
192.168.1.1 resolves as example.com
------------------------------------------------------
This file was generated by the Nessus Security Scanner
#################################
IP addresses and some other information above was altered for security purposes.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus