Host Discovery with Ping Disabled
前言
Some network devices do not allow ping or do not handle ping well while Nessus is performing host discovery scans.
An alternative discovery scan method to ping is to enable a scan to perform port scanning without performing a ping request.
客户的主机禁ping了,默认扫描的话是扫不出东西的,需要修改扫描的配置。
ps:nmap -Pn参数可以绕过ping扫描,如下图所示。
一、Step
Tenable.sc
1.Log in to Tenable.sc.
2.In the top navigation, click Scans, then Policies.
3.In the top-right corner, click Add.
4.Under the Custom header, click Advanced Scan.
5.In the left settings menu, click Host Discovery.
6.Disable Ping the remote host.
7.In the left settings menu, click Port Scanning.
8.Change the Port scan range from default to the desired range of ports to be scanned. The more ports, the slower the scan will be.
Note: Include at least one port that is known to be open on all targets within the range. This may require more than one port.
9.In the left settings menu, click Plugins.
10.Disable all plugins.
11.Set any other policy settings needed such as the Name under Setup.
12.Save the policy.
13.Either create a new Active Scan or edit an existing one to use this new policy.
14.Run the scan.
The results of this scan can be used to update an Asset List for launching subsequent scans against.
二、结果
16:21扫描该主机完成,但host为0,如下图所示:
但查看日志,有1个host up如下图所示: