cclements at flatearth
Oct 1, 2008, 10:53 AM
Post #4 of 4
(971 views)
Permalink
|
|
Re: Filter report for hosts with no open ports
[In reply to]
|
|
Worked like a charm, thanks guys!
Chris Clements
cclements [at] flatearth
On Oct 1, 2008, at 12:10 PM, Ron Gula wrote:
> Chris Clements wrote:
>> Sorry if this has been asked before, but is there a way in the 3.2
>> client that I can filter my reports to exclude hosts with no open
>> ports?
>
> Hi Chris,
>
> Negative filtering (show me everything that does not match this
> thing) wasn't
> something we were shooting for in the Nessus Client. The filtering
> is vulnerability
> based, not IP/scanned-system based so you can't really turn off an
> IP if a certain
> parameter is or isn't there.
>
> Having said that, if you look for the charcater "(" in your port
> name fields,
> this will match on the text like like "microsoft-ds (445/tcp)". Keep
> in mind
> if you have some generic "general/tcp" or "general/udp" vulns, these
> will be
> filtered out in your report. However, the report will contain all
> systems which
> have open ports.
>
> In the Security Center, there is report filtering, but what is more
> interesting
> is the ability to use the results of any Nessus scan (or passively
> obtained with
> the Passive Vulnerability Scanner) to dynamically create lists of IP
> addresses
> that can then be used for reporting, filtering and even access
> control.
>
> Ron Gula
> Tenable Network Security
>
> _______________________________________________
> Nessus mailing list
> Nessus [at] list
> http://mail.nessus.org/mailman/listinfo/nessus
>
_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus
|
