Re: Nessus portscan takes loooooong
Kjetil Kjernsmo wrote:
> One thing I've come to think about: My ISP has suffered many
> DDoS-attacks, I have no idea why. However, could it be that they have
> installed a firewall on the router that makes this go so slow?
Possible. Maybe they've installed something like psad on their system. If that's the case (and psad is configured correctly) you'll have a hell of a time pulling off a portscan with nmap or nessus's built-in scanner.
> So, I entered the filename into "File containing nmap's results", but at
> first sight, it just starts another slow scan
Hmm, works for me. The portscan bar zips across, and the attack bar starts going. The only thing I can think of is make sure you use the same full host name in the nmap scan as you put in nessus's Target textbox. Also, make sure you use the full path to the namp scan file and that it's spelled correctly. Nessus won't complain if it can't find the file you entered!
>>Also, if
>>you're not concerned about rpc, udp, and os fingerprinting, just turn
>>off the nmap scan and use nessus's built-in SYN and tcp connect()
>>scans which can be faster.
>
> OK! How do I turn off the nmap scan?
Under the "Scan Options" tab and go down to Port Scanner. Unselect nmap and everything else except TCP connect scan. (There's no sense in using SYN scans if your not trying to be sneaky ;-) Then select the ports you want to scan under Port Range in the Scan Options tab.
Good Luck,
Brent
Reply to: