Re: XP SP2 and Nessus

[MegaHz <megahz () gmail com>]

when you run the nessus scan, configure it not to do any ICMP echo (ping).

On Fri, 23 Jul 2004 22:15:57 +0100, Maher Odeh <rax () netvision net il> wrote:
> Have you tried scanning the host after you configured Nessus to scan a
> none pingable machines ? a machines that doesn't respond to ICMP Echo
> Requests with replies to nessus a dead machine so you need to configure
> it and then scan ...
>
> -----Original Message-----
> From: JGrimshaw () ASAP com [mailto:JGrimshaw () ASAP com]
> Sent: Wednesday, July 21, 2004 9:57 PM
> Cc: patchmanagement () listserv patchmanagement org;
> security-basics () securityfocus com
> Subject: Re: XP SP2 and Nessus
>
> Isn't that a good thing?  I would expect that is one of the things that
> the firewall is supposed to prevent.
>
> "Mike" <mike () superiorholidayadventures ca>
> 07/21/2004 07:07 AM
>
> To
> <patchmanagement () listserv patchmanagement org>
> cc
> <security-basics () securityfocus com>
> Subject
> XP SP2 and Nessus
>
> Has anyone done any testing with XP SP2's firewall and Nessus?  I've
> begun a few simple tests and am finding that Nessus completely fails to
> scan the system when SP2's firewall is enabled.
>
> Mike Fetherston
> ------------------------------------------------------------------------
> ---
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
> off
>
> any course! All of our class sizes are guaranteed to be 10 students or
> less
> to facilitate one-on-one interaction with one of our expert instructors.
>
> Attend a course taught by an expert instructor with years of
> in-the-field
> pen testing experience in our state of the art hacking lab. Master the
> skills
> of an Ethical Hacker to better assess the security of your organization.
>
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ------------------------------------------------------------------------
> ----
>
> ------------------------------------------------------------------------
> ---
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
> off
> any course! All of our class sizes are guaranteed to be 10 students or
> less
> to facilitate one-on-one interaction with one of our expert instructors.
>
> Attend a course taught by an expert instructor with years of
> in-the-field
> pen testing experience in our state of the art hacking lab. Master the
> skills
> of an Ethical Hacker to better assess the security of your organization.
>
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ------------------------------------------------------------------------
> ----
>
> ---
> To unsubscribe send a blank email to leave-patchmanagement () patchmanagement org
>
>
>
>
> ---------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
> any course! All of our class sizes are guaranteed to be 10 students or less
> to facilitate one-on-one interaction with one of our expert instructors.
> Attend a course taught by an expert instructor with years of in-the-field
> pen testing experience in our state of the art hacking lab. Master the skills
> of an Ethical Hacker to better assess the security of your organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ----------------------------------------------------------------------------


-- 
  
  
MegaHz
www.megahz.org
megahz () megahz org

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------