[Nikto-discuss] Nikto plugin for Nessus
subs at qcontinuum.plus.com
Tue May 1 07:33:51 CDT 2012
I'm not sure who is responsible for the nikto.nasl Nessus plugin, but
since I haven't got a response from Tenable yet, I decided to raise the
issue here as well.
I recently discovered the Nikto plugin for Nessus and installed it on
our server running Nessus 5.1. Having followed the configuration steps
on Tenable's website I got everything working nicely. About a week ago
it suddenly stopped working.
I have checked that:
- Nikto runs Ok on its own.
- Nikto directory is in the system path.
- Nikto can be called using ..\..\nasl nikto.nasl from the plugins
- Nikto is enabled in the policy preferences
- The correct policy is being used in the scan template
- web application tests are enabled
- CGI Abuses and CGI Abuses:XSS are enabled, along with service
detection, settings and web servers
- have also tried with ALL plugins enabled
- Disable if server never replies 404: tried checked and unchecked
- rebooted server to make sure
I cannot see anything in the log showing that the plugin is being run,
nor can I see a 'perl nikto.pl' process starting while the scan is in
progress. Although the plugins have been updated via our Professional
Feed, the nikto.nasl plugin appears to have the same date and appears
unchanged. I think this may be a Nessus rather than a Nikto issue so
apologies if I shouldn't have posted here, but I'm running out of ideas
and was hoping that someone might have thought of something I haven't.
More information about the Nikto-discuss