theall at tenablesecurity
Sep 19, 2008, 5:38 PM
Post #2 of 2
On Sep 19, 2008, at 5:34 PM, Juan Catalano wrote:
> Hi! I'm having what it appears to be a common problem, but I cannot
> solve it with the answers given previously. I'm using nessusd 2.2.9
> for Linux and nessusclient 2.2.9 for Linux too. My problem is I
> always get the message "nessusd returned an empty report" whenever I
> perform a scan task. I've tried unchecking ping requests, but it
> still doesn't work. Inmediatly after I start the scan, scan finishes
> and I get that message. żAny idea?. Thanks a lot!
What do you see in nessusd.messages? That the remote host is dead?
One common cause of this is ping_host.nasl. Even though you've
disabled it, it still might run because it's a dependency of several
of the port scanners and plugin dependencies are enabled by default.
[.You can verify this by configuring your scan to log details of the
attack (eg, 'log_whole_attack = yes' in nessusd.conf), re-running a
scan, and looking for mention of 'ping_host.nasl' in
nessusd.messages.] One approach then is to ensure the TCP ping
destination port(s) configuration option includes at least one port
that you know is open on the targets ("extended" tries to use a number
of ports - check the plugin's source for the list). Another is to
disable TCP, ICMP, and UDP pings.
Another possibility, although it's less likely, is that the targets
you're trying to scan are things Nessus regards as "fragile" devices
-- printers and Novell Netware servers. In the past, users would
routinely experience problems scanning such devices so Nessus now
excludes then by default. Look for the "Do not scan fragile devices"
option settings if you really do want to scan them.
theall [at] tenablesecurity
Nessus mailing list
Nessus [at] list