From leebaird at gmail.com  Sun May 30 00:29:31 2010
From: leebaird at gmail.com (Lee Baird)
Date: Sun, 30 May 2010 01:29:31 -0400
Subject: [Nikto-discuss] timing out
Message-ID: <A94C4D62-5F10-4779-817A-96C2E01C4267@gmail.com>

On my last pentest while running Nikto, I was feeding it with a small list of IP addresses.  After scanning a couple of IPs, one web server would cause Nikto to just hang, resulting in the reset of the IPs in the list not to be scanned.  Is there a way to set a timeout so this can be avoided?


--

Lee Baird
leebaird at gmail.com






From jamuse at gmail.com  Sun May 30 02:42:14 2010
From: jamuse at gmail.com (Jamuse)
Date: Sun, 30 May 2010 10:42:14 +0300
Subject: [Nikto-discuss] timing out
In-Reply-To: <A94C4D62-5F10-4779-817A-96C2E01C4267@gmail.com>
References: <A94C4D62-5F10-4779-817A-96C2E01C4267@gmail.com>
Message-ID: <AANLkTik5-zLzCsMVXBdJHxSGPGb5JoEcLuh-IS37OxZV@mail.gmail.com>

>From the man page:

-timeout
        Delay in seconds before timeout.

- J

On Sun, May 30, 2010 at 8:29 AM, Lee Baird <leebaird at gmail.com> wrote:

> On my last pentest while running Nikto, I was feeding it with a small list
> of IP addresses.  After scanning a couple of IPs, one web server would cause
> Nikto to just hang, resulting in the reset of the IPs in the list not to be
> scanned.  Is there a way to set a timeout so this can be avoided?
>
>
> --
>
> Lee Baird
> leebaird at gmail.com
>
>
>
>
>
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20100530/0cdacdf6/attachment.html>

From dave at cirt.net  Sun May 30 02:50:52 2010
From: dave at cirt.net (David Lodge)
Date: Sun, 30 May 2010 08:50:52 +0100
Subject: [Nikto-discuss] timing out
In-Reply-To: <A94C4D62-5F10-4779-817A-96C2E01C4267@gmail.com>
References: <A94C4D62-5F10-4779-817A-96C2E01C4267@gmail.com>
Message-ID: <op.vdide2yxeh0gei@asgard.cable.virginmedia.net>

On Sun, 30 May 2010 06:29:31 +0100, Lee Baird <leebaird at gmail.com> wrote:
> On my last pentest while running Nikto, I was feeding it with a small  
> list of IP addresses.  After scanning a couple of IPs, one web server  
> would cause Nikto to just hang, resulting in the reset of the IPs in the  
> list not to be scanned.  Is there a way to set a timeout so this can be  
> avoided?

-timeout followed by a number in seconds, e.g.:
	-timeout 1

Unfortunately, due to perl weirdness it can only be in seconds, so 1 is as  
low as you can go (the default is 2).

I've seen the above on some embedded web servers - they stop responding  
after a while (as they get overloaded). I may see whether I can set some  
threshold where Nikto will stop itself if it encounters too many errors in  
a row (say 60).

dave


From leebaird at gmail.com  Mon May 31 13:19:43 2010
From: leebaird at gmail.com (Lee Baird)
Date: Mon, 31 May 2010 14:19:43 -0400
Subject: [Nikto-discuss] How many consecutive scans can Nikto perform?
Message-ID: <46D98154-12FC-428D-9497-4CF0212581BA@gmail.com>

I'm feeding Nikto with a list of servers to scan.  Sometimes a server will cause Nikto to hang resulting in the remaining servers to not be scanned.  I thought about creating a bash script that will open multiple tabs and running Nikto in each tab against a different server in hopes to avoid this issue.


--

Lee Baird
leebaird at gmail.com






From csullo at gmail.com  Mon May 31 21:10:04 2010
From: csullo at gmail.com (Sullo)
Date: Mon, 31 May 2010 22:10:04 -0400
Subject: [Nikto-discuss] How many consecutive scans can Nikto perform?
In-Reply-To: <46D98154-12FC-428D-9497-4CF0212581BA@gmail.com>
References: <46D98154-12FC-428D-9497-4CF0212581BA@gmail.com>
Message-ID: <AANLkTilQy0H7TMX4O1SMOjvKbTCDjgav52XoyqR0KAjK@mail.gmail.com>

You shouldn't have any problem running them in parallel, as long you
specify different output files for each scan so they don't try to
write to the same files. I often do this and set my output to
something like 'hostname_YYYYMMDD_nikto.html' so each has its own
output file.

On Mon, May 31, 2010 at 2:19 PM, Lee Baird <leebaird at gmail.com> wrote:
> I'm feeding Nikto with a list of servers to scan. ?Sometimes a server will cause Nikto to hang resulting in the remaining servers to not be scanned. ?I thought about creating a bash script that will open multiple tabs and running Nikto in each tab against a different server in hopes to avoid this issue.
>
>
> --
>
> Lee Baird
> leebaird at gmail.com
>
>
>
>
>
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
>



-- 

http://www.cirt.net     |      http://www.osvdb.org/