Creating packet traces of Nessus scans
Nessus 3 UNIX scanners have the ability to save all of their generated packets as a convenient libpcap compatible file. This means you can save your scans and view them under applications such as TCPDUMP or Wireshark.
Having a network trace can greatly assist in diagnosing your environment as well what Nessus is attempting. Tenable's support group often encounters customers who are scanning hosts that are firewalled or are being screened with an intrusion prevention system which is spoofing responses. Having exact packet logs of what is occurring can help diagnose the results.
At the Tenable blog.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.