Mailing List Archive: nessus access control failure

nessus access control failure

Dec 15, 2008, 1:53 PM

Post #1 of 2 (2168 views)

Hi there,

We had an incident this afternoon when a user scanned an IP that was not included in his access list, and it rebooted the firewall. I used his account and tried to scan a few other IPs that were not included in the access list, all were successful. I tried to change default deny to default reject in the rule file, and the result was the same. Is it a known problem? how was it able to reboot the firewall? Thanks.

YanYan

Re: nessus access control failure [ In reply to ]

mikhail at nessus

Dec 16, 2008, 6:12 AM

Post #2 of 2 (2071 views)

Permalink

On Mon, 15 Dec 2008 16:53:18 -0500
"Yanyan Wang" <yanwang@mail.ucf.edu> wrote:

> Is it a known problem?

Yes. "Rules" are currently broken. They will be fixed in 3.2.2

> how was it able to reboot the firewall?

Did he scanned the firewall or *through* the firewall?
Any details on the policy? (safe checks or not, port range, selected plugins...)
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus