02233

Netværkssikkerhed
Network Security

• Introduktion
• Nessus Scan
• Nessus Questions
  • Question 1
  • Question 2
  • Question 3
  • Question4
  • Question 5
  • Question 6
  • Question 7
  • Question 8
  • Question 9
  • Question 10
  • Question 11
  • Question 12
  • Question 13
  • Question 14
  • Question 15
  • Question 16
  • Question 17
  • Question 18
  • Question 19
  • Question 20
  • Question 21
  • Question 22
  • Question 23
  • Question 24
  • Question 25
• Snort Questions
• References

Question 5

How would Nessus handle a server with several virtual servers and possible virtual folders?

This is rather problematic. You'll need somme way to discover which virtual servers are running on the system. On a *nix system running Apache, you can execute this command:

httpd -S

and get a list of the virtual servers on the system. But if the server has been chrooted you've got further problems. So, in order to reliably discover virtual servers, Nessus needs to be able to log in and execute commands on the remote system. rDNS is unreliable - it's simply not implemented by most ISPs - and only works if the machine has a global IP when being scanned.

Bjarne D Mathiesen

Michael Pantridge

Thabet Al-Assdi

Chang Jensen