Classification: UNCLASSIFIED
Caveats: NONE
This might be a totally 'duh' Q&A, but I want to make sure I'm doing
this right. I've been mucking around with the Windows command line
version of Nessus recently. Basically, I wanted to be do a quick scan
for a specific MS Patch on several machines. So I ran the following
command, but I'm wondering if I understand the output correctly.
C:\Program Files\Tenable\Nessus>nessuscmd -PIT -v -p -O -i 33875 x.x.x.x
Starting nessuscmd 3.2 (windows)
Scanning 'x.x.x.x'...
Host x.x.x.x is up
Discovered open port clariion-evr01 (6389/tcp) on x.x.x.x
Discovered open port netbios-ssn (139/tcp) on x.x.x.x
Discovered open port epmap (135/tcp) on x.x.x.x
Discovered open port sunrpc (111/tcp) on x.x.x.x
Discovered open port http (80/tcp) on x.x.x.x
Discovered open port ftp (21/tcp) on x.x.x.x
Discovered open port fpitp (1045/tcp) on x.x.x.x
Discovered open port microsoft-ds (445/tcp) on x.x.x.x
Discovered open port ms-wbt-server (3389/tcp) on x.x.x.x
Discovered open port rxmon (1311/tcp) on x.x.x.x
+ Results found on x.x.x.x :
- Port ftp (21/tcp) is open
- Port http (80/tcp) is open
- Port sunrpc (111/tcp) is open
- Port epmap (135/tcp) is open
- Port netbios-ssn (139/tcp) is open
- Port microsoft-ds (445/tcp) is open
- Port fpitp (1045/tcp) is open
- Port rxmon (1311/tcp) is open
- Port ms-wbt-server (3389/tcp) is open
- Port clariion-evr01 (6389/tcp) is open
The scan doesn't seem to run the OS detection (a Windows 2003 server) or
check for the specified plugin. A check of this blog entry, admittedly
old, http://blog.tenablesecurity.com/2007/07/nessus-32-beta-.html seems
to validate my syntax. I have admin access to the server.
Is this the correct output or am I doing something wrong? Shouldn't it
tell me the OS dectection, the results of the plugin check or give me an
error that it can't do one or the other?
Thanks.
BTW, psinfo -s \\<machinename> | find "kb#" works as well, but for the
sake of using Nessus....
Craig L. Bowser
CISSP SANS GSEC (Gold)
-------------------------------
Price. Quality. Service: Pick two.
Classification: UNCLASSIFIED
Caveats: NONE
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Caveats: NONE
This might be a totally 'duh' Q&A, but I want to make sure I'm doing
this right. I've been mucking around with the Windows command line
version of Nessus recently. Basically, I wanted to be do a quick scan
for a specific MS Patch on several machines. So I ran the following
command, but I'm wondering if I understand the output correctly.
C:\Program Files\Tenable\Nessus>nessuscmd -PIT -v -p -O -i 33875 x.x.x.x
Starting nessuscmd 3.2 (windows)
Scanning 'x.x.x.x'...
Host x.x.x.x is up
Discovered open port clariion-evr01 (6389/tcp) on x.x.x.x
Discovered open port netbios-ssn (139/tcp) on x.x.x.x
Discovered open port epmap (135/tcp) on x.x.x.x
Discovered open port sunrpc (111/tcp) on x.x.x.x
Discovered open port http (80/tcp) on x.x.x.x
Discovered open port ftp (21/tcp) on x.x.x.x
Discovered open port fpitp (1045/tcp) on x.x.x.x
Discovered open port microsoft-ds (445/tcp) on x.x.x.x
Discovered open port ms-wbt-server (3389/tcp) on x.x.x.x
Discovered open port rxmon (1311/tcp) on x.x.x.x
+ Results found on x.x.x.x :
- Port ftp (21/tcp) is open
- Port http (80/tcp) is open
- Port sunrpc (111/tcp) is open
- Port epmap (135/tcp) is open
- Port netbios-ssn (139/tcp) is open
- Port microsoft-ds (445/tcp) is open
- Port fpitp (1045/tcp) is open
- Port rxmon (1311/tcp) is open
- Port ms-wbt-server (3389/tcp) is open
- Port clariion-evr01 (6389/tcp) is open
The scan doesn't seem to run the OS detection (a Windows 2003 server) or
check for the specified plugin. A check of this blog entry, admittedly
old, http://blog.tenablesecurity.com/2007/07/nessus-32-beta-.html seems
to validate my syntax. I have admin access to the server.
Is this the correct output or am I doing something wrong? Shouldn't it
tell me the OS dectection, the results of the plugin check or give me an
error that it can't do one or the other?
Thanks.
BTW, psinfo -s \\<machinename> | find "kb#" works as well, but for the
sake of using Nessus....
Craig L. Bowser
CISSP SANS GSEC (Gold)
-------------------------------
Price. Quality. Service: Pick two.
Classification: UNCLASSIFIED
Caveats: NONE
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus