Yep, done that. Still no luck.
Looking at the scan.log in C:\Program Files\Tenable\Nessus\logs, it appears that Nessus skip lots of Skype checks for whatever reason. Below is the relevant section. I am surprised by some of the plugins that Nessus decided to include
[Mon Dec 01 09:48:42 2008][256] Use default port range
[Mon Dec 01 09:49:00 2008][256] user localuser : testing lknngv7 (10.3.22.65) [256]
[Mon Dec 01 09:49:00 2008][256] Scan 10.3.22.65 using 53 plugins
[Mon Dec 01 09:49:00 2008][256] user localuser : launching clrtxt_proto_settings.nasl against 10.3.22.65 [1]
[Mon Dec 01 09:49:00 2008][256] user localuser : launching portscanners_settings.nasl against 10.3.22.65 [2]
[Mon Dec 01 09:49:00 2008][256] user localuser : launching dont_scan_settings.nasl against 10.3.22.65 [3]
[Mon Dec 01 09:49:00 2008][256] user localuser : launching ssh_settings.nasl against 10.3.22.65 [4]
[Mon Dec 01 09:49:00 2008][256] clrtxt_proto_settings.nasl (process 1) finished its job against 10.3.22.65 in 0.005 seconds
[Mon Dec 01 09:49:00 2008][256] portscanners_settings.nasl (process 2) finished its job against 10.3.22.65 in 0.005 seconds
[Mon Dec 01 09:49:00 2008][256] dont_scan_settings.nasl (process 3) finished its job against 10.3.22.65 in 0.004 seconds
[Mon Dec 01 09:49:00 2008][256] ssh_settings.nasl (process 4) finished its job against 10.3.22.65 in 0.001 seconds
[Mon Dec 01 09:49:00 2008][256] user localuser : launching ping_host.nasl against 10.3.22.65 [5]
[Mon Dec 01 09:49:17 2008][256] ping_host.nasl (process 5) finished its job against 10.3.10.157 in 16.562 seconds
[Mon Dec 01 09:49:17 2008][256] user localuser : launching dont_scan_printers.nasl against 10.3.22.65 [6]
[Mon Dec 01 09:49:17 2008][256] user localuser : launching cifs445.nasl against 10.3.22.65 [7]
[Mon Dec 01 09:49:18 2008][256] cifs445.nasl (process 7) finished its job against 10.3.22.65 in 1.006 seconds
[Mon Dec 01 09:49:25 2008][256] dont_scan_printers.nasl (process 6) finished its job against 10.3.22.65 in 8.020 seconds
[Mon Dec 01 09:49:25 2008][256] user localuser : launching dont_scan_netware.nasl against 10.3.22.65 [8]
[Mon Dec 01 09:49:25 2008][256] user localuser : launching dcetest.nasl against 10.3.22.65 [9]
[Mon Dec 01 09:49:25 2008][256] dcetest.nasl (process 9) finished its job against 10.3.22.65 in 0.020 seconds
[Mon Dec 01 09:49:27 2008][256] dont_scan_netware.nasl (process 8) finished its job against 10.3.22.65 in 2.010 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching dont_print_on_printers.nasl against 10.3.22.65 [10]
[Mon Dec 01 09:49:27 2008][256] user localuser : launching netbios_name_get.nasl against 10.3.22.65 [11]
[Mon Dec 01 09:49:27 2008][256] dont_print_on_printers.nasl (process 10) finished its job against 10.3.22.65 in 0.009 seconds
[Mon Dec 01 09:49:27 2008][256] netbios_name_get.nasl (process 11) finished its job against 10.3.22.65 in 0.016 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching global_settings.nasl against 10.3.22.65 [12]
[Mon Dec 01 09:49:27 2008][256] global_settings.nasl (process 12) finished its job against 10.3.22.65 in 0.000 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching oracle_settings.nbin against 10.3.22.65 [13]
[Mon Dec 01 09:49:27 2008][256] oracle_settings.nbin (process 13) finished its job against 10.3.22.65 in 0.000 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching smtp_settings.nasl against 10.3.22.65 [14]
[Mon Dec 01 09:49:27 2008][256] smtp_settings.nasl (process 14) finished its job against 10.3.22.65 in 0.001 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching cgibin_in_kb.nasl against 10.3.22.65 [15]
[Mon Dec 01 09:49:27 2008][256] cgibin_in_kb.nasl (process 15) finished its job against 10.3.22.65 in 0.000 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching TLD_wildcard.nasl against 10.3.22.65 [16]
[Mon Dec 01 09:49:27 2008][256] TLD_wildcard.nasl (process 16) finished its job against 10.3.22.65 in 0.000 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching smb_scope.nasl against 10.3.22.65 [17]
[Mon Dec 01 09:49:27 2008][256] smb_scope.nasl (process 17) finished its job against 10.3.22.65 in 0.001 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching kerberos.nasl against 10.3.22.65 [18]
[Mon Dec 01 09:49:27 2008][256] kerberos.nasl (process 18) finished its job against 10.3.22.65 in 0.001 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching logins.nasl against 10.3.22.65 [19]
[Mon Dec 01 09:49:27 2008][256] logins.nasl (process 19) finished its job against 10.3.22.65 in 0.001 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching samba_detect.nasl against 10.3.22.65 [20]
[Mon Dec 01 09:49:27 2008][256] user localuser : launching rpc_portmap.nasl against 10.3.22.65 [21]
[Mon Dec 01 09:49:27 2008][256] user localuser : launching ilo_detect.nasl against 10.3.22.65 [22]
[Mon Dec 01 09:49:27 2008][256] rpc_portmap.nasl (process 21) finished its job against 10.3.22.65 in 0.006 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : not launching rpcinfo.nasl against 10.3.22.65: none of the required tcp ports are open
[Mon Dec 01 09:49:27 2008][256] user localuser : launching find_service.nasl against 10.3.22.65 [23]
[Mon Dec 01 09:49:27 2008][256] find_service.nasl (process 23) finished its job against 10.3.22.65 in 0.002 seconds
[Mon Dec 01 09:49:27 2008][256] ilo_detect.nasl (process 22) finished its job against 10.3.22.65 in 0.019 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching find_service1.nasl against 10.3.22.65 [24]
[Mon Dec 01 09:49:27 2008][256] find_service1.nasl (process 24) finished its job against 10.3.22.65 in 0.001 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching intrushield_console_detect.nasl against 10.3.22.65 [25]
[Mon Dec 01 09:49:27 2008][256] user localuser : launching find_service_3digits.nasl against 10.3.22.65 [26]
[Mon Dec 01 09:49:27 2008][256] user localuser : launching apache_SSL_complain.nasl against 10.3.22.65 [27]
[Mon Dec 01 09:49:27 2008][256] user localuser : launching ssh_get_info.nasl against 10.3.22.65 [28]
[Mon Dec 01 09:49:27 2008][256] find_service_3digits.nasl (process 26) finished its job against 10.3.22.65 in 0.012 seconds
[Mon Dec 01 09:49:27 2008][256] apache_SSL_complain.nasl (process 27) finished its job against 10.3.22.65 in 0.012 seconds
[Mon Dec 01 09:49:27 2008][256] ssh_get_info.nasl (process 28) finished its job against 10.3.22.65 in 0.005 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : not launching freebsd_pkg_70fc13d94ab411da932d00055d790c25.nasl against 10.3.22.65: required key missing
[Mon Dec 01 09:49:27 2008][256] user localuser : launching doublecheck_std_services.nasl against 10.3.22.65 [29]
[Mon Dec 01 09:49:27 2008][256] doublecheck_std_services.nasl (process 29) finished its job against 10.3.22.65 in 0.002 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching httpver.nasl against 10.3.22.65 [30]
[Mon Dec 01 09:49:27 2008][256] intrushield_console_detect.nasl (process 25) finished its job against 10.3.22.65 in 0.081 seconds
[Mon Dec 01 09:49:27 2008][256] httpver.nasl (process 30) finished its job against 10.3.22.65 in 0.011 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching clearswift_mimesweeper_smtp_detect.nasl against 10.3.22.65 [31]
[Mon Dec 01 09:49:27 2008][256] user localuser : launching xerox_document_centre_detect.nasl against 10.3.22.65 [32]
[Mon Dec 01 09:49:27 2008][256] user localuser : launching securenet_provider_detect.nasl against 10.3.22.65 [33]
[Mon Dec 01 09:49:27 2008][256] user localuser : launching cisco_ids_manager_detect.nasl against 10.3.22.65 [34]
[Mon Dec 01 09:49:27 2008][256] clearswift_mimesweeper_smtp_detect.nasl (process 31) finished its job against 10.3.22.65 in 0.014 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching xerox_workcentre_detect.nasl against 10.3.22.65 [35]
[Mon Dec 01 09:49:27 2008][256] xerox_document_centre_detect.nasl (process 32) finished its job against 10.3.22.65 in 0.014 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching compaq_wbem_detect.nasl against 10.3.22.65 [36]
[Mon Dec 01 09:49:27 2008][256] securenet_provider_detect.nasl (process 33) finished its job against 10.3.22.65 in 0.015 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching ciscoworks_detect.nasl against 10.3.22.65 [37]
[Mon Dec 01 09:49:27 2008][256] xerox_workcentre_detect.nasl (process 35) finished its job against 10.3.22.65 in 0.007 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching interspect_detect.nasl against 10.3.22.65 [38]
[Mon Dec 01 09:49:27 2008][256] samba_detect.nasl (process 20) finished its job against 10.3.22.65 in 0.144 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching linuxconf_detect.nasl against 10.3.22.65 [39]
[Mon Dec 01 09:49:27 2008][256] interspect_detect.nasl (process 38) finished its job against 10.3.22.65 in 0.006 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching websense_detect.nasl against 10.3.22.65 [40]
[Mon Dec 01 09:49:27 2008][256] cisco_ids_manager_detect.nasl (process 34) finished its job against 10.3.22.65 in 0.029 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching xedus_detect.nasl against 10.3.22.65 [41]
[Mon Dec 01 09:49:27 2008][256] xedus_detect.nasl (process 41) finished its job against 10.3.22.65 in 0.000 seconds
[Mon Dec 01 09:49:27 2008][256] user localuser : launching iwss_detect.nasl against 10.3.22.65 [42]
[Mon Dec 01 09:49:28 2008][256] ciscoworks_detect.nasl (process 37) finished its job against 10.3.22.65 in 0.986 seconds
[Mon Dec 01 09:49:28 2008][256] user localuser : launching imss_detect.nasl against 10.3.22.65 [43]
[Mon Dec 01 09:49:28 2008][256] imss_detect.nasl (process 43) finished its job against 10.3.22.65 in 0.003 seconds
[Mon Dec 01 09:49:28 2008][256] user localuser : launching tmcm_detect.nasl against 10.3.22.65 [44]
[Mon Dec 01 09:49:28 2008][256] linuxconf_detect.nasl (process 39) finished its job against 10.3.22.65 in 0.988 seconds
[Mon Dec 01 09:49:28 2008][256] user localuser : launching smb_nativelanman.nasl against 10.3.22.65 [45]
[Mon Dec 01 09:49:28 2008][256] websense_detect.nasl (process 40) finished its job against 10.3.22.65 in 0.994 seconds
[Mon Dec 01 09:49:28 2008][256] iwss_detect.nasl (process 42) finished its job against 10.3.22.65 in 0.988 seconds
[Mon Dec 01 09:49:28 2008][256] tmcm_detect.nasl (process 44) finished its job against 10.3.22.65 in 0.014 seconds
[Mon Dec 01 09:49:28 2008][256] smb_nativelanman.nasl (process 45) finished its job against 10.3.22.65 in 0.015 seconds
[Mon Dec 01 09:49:28 2008][256] user localuser : launching smb_login.nasl against 10.3.22.65 [46]
[Mon Dec 01 09:49:28 2008][256] smb_login.nasl (process 46) finished its job against 10.3.22.65 in 0.215 seconds
[Mon Dec 01 09:49:28 2008][256] user localuser : launching smb_registry_access.nasl against 10.3.22.65 [47]
[Mon Dec 01 09:49:28 2008][256] smb_registry_access.nasl (process 47) finished its job against 10.3.22.65 in 0.043 seconds
[Mon Dec 01 09:49:29 2008][256] compaq_wbem_detect.nasl (process 36) finished its job against 10.3.22.65 in 1.987 seconds
[Mon Dec 01 09:49:29 2008][256] user localuser : launching smb_registry_full_access.nasl against 10.3.22.65 [48]
[Mon Dec 01 09:49:29 2008][256] smb_registry_full_access.nasl (process 48) finished its job against 10.3.22.65 in 0.037 seconds
[Mon Dec 01 09:49:29 2008][256] user localuser : launching smb_reg_service_pack.nasl against 10.3.22.65 [49]
[Mon Dec 01 09:49:29 2008][256] user localuser : launching embedded_web_server_detect.nasl against 10.3.22.65 [50]
[Mon Dec 01 09:49:29 2008][256] embedded_web_server_detect.nasl (process 50) finished its job against 10.3.22.65 in 0.003 seconds
[Mon Dec 01 09:49:29 2008][256] smb_reg_service_pack.nasl (process 49) finished its job against 10.3.22.65 in 0.039 seconds
[Mon Dec 01 09:49:29 2008][256] user localuser : not launching skype_detection.nasl against 10.3.22.65: none of the required tcp ports are open
[Mon Dec 01 09:49:29 2008][256] user localuser : launching smb_reg_service_pack_W2K.nasl against 10.3.22.65 [51]
[Mon Dec 01 09:49:29 2008][256] user localuser : launching smb_reg_service_pack_XP.nasl against 10.3.22.65 [52]
[Mon Dec 01 09:49:29 2008][256] user localuser : not launching skype_version.nbin against 10.3.22.65: required key missing
[Mon Dec 01 09:49:29 2008][256] user localuser : not launching tom_skype_installed.nasl against 10.3.22.65: required key missing
[Mon Dec 01 09:49:29 2008][256] user localuser : not launching skype_uri_overflow.nasl against 10.3.22.65: required key missing
[Mon Dec 01 09:49:29 2008][256] user localuser : not launching skype_overflow_nw.nasl against 10.3.22.65: required key missing
[Mon Dec 01 09:49:29 2008][256] user localuser : not launching skype_2008_003.nasl against 10.3.22.65: required key missing
[Mon Dec 01 09:49:29 2008][256] user localuser : not launching skype_2008_001.nasl against 10.3.22.65: required key missing
[Mon Dec 01 09:49:29 2008][256] user localuser : not launching skype_2006_001.nasl against 10.3.22.65: required key missing
[Mon Dec 01 09:49:29 2008][256] smb_reg_service_pack_W2K.nasl (process 51) finished its job against 10.3.22.65 in 0.013 seconds
[Mon Dec 01 09:49:29 2008][256] smb_reg_service_pack_XP.nasl (process 52) finished its job against 10.3.22.65 in 0.011 seconds
[Mon Dec 01 09:49:29 2008][256] user localuser : launching smb_hotfixes.nasl against 10.3.22.65 [53]
[Mon Dec 01 09:49:35 2008][256] smb_hotfixes.nasl (process 53) finished its job against 10.3.22.65 in 6.087 seconds
[Mon Dec 01 09:49:35 2008][256] user localuser : launching skype_overflow.nasl against 10.3.22.65 [54]
[Mon Dec 01 09:49:35 2008][256] skype_overflow.nasl (process 54) finished its job against 10.3.22.65 in 0.073 seconds
[Mon Dec 01 09:49:35 2008][256] Finished testing 10.3.22.65. Time : 35.213 secs, 64 plugins launched
[Mon Dec 01 09:49:35 2008][256] 1 hosts scanned
Thanks,
François Lachance, B. Sc., PMP
Threat and Vulnerability Analyst/ Analyste de menaces et vulnérabilité
Information Technology / Technologie de l'information
Farm Credit Canada / Financement agricole Canada
Tel/Tél. : (306) 780-8987 Fax/Téléc. :(306) 780-3480
Advancing the business of agriculture. Pour l'avenir de l'agroindustrie.
Please consider the environment before printing this e-mail. Pensons à l'environnement avant d'imprimer ce courriel.
-----Original Message-----
From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org] On Behalf Of Ron Gula
Sent: December-01-08 10:09 AM
To: Nessus
Subject: Re: Skype detection
Lachance wrote:
> Actually, this is an authenticated (credentials supplied) scan, so I guess I really only need to select "netstat portsscanner (WMI)" as the port scanner to use. The only plugins selected are the ones I found using the search for the word "skype".
>
> When I scan the one machine that has Skype installed, I get nothing at all returned. I'm wondering if there is a plugin that I should have selected that the Skype detection is dependent on. Any ideas?
>
> Thanks,
>
> François
When you are selecting just the plugins with the name
"Skype" in them, you should also be sure to enable plugin
dependencies. These Skype plugins you are selecting
are likely dependent on other plugins which might not
get executed with your minimal scan.
Ron Gula
Tenable Network Security
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus