On Sun, Oct 13, 2002 at 02:48:15PM +0200, WebMaster wrote: > hi all, > > > is there a monster bug in nessus for woody? > > i scaned a woody server from 2 differents hosts (woody server also) (...) > it detected a trinoo for linux The 'trinoo' test in Nessus is (was?) flawed and led to a number of false positives. In any case, consider that Nessus does *not* do attacks based on the OS detected. This might lead to false positives but also reduces false negatives. Example: a Linux firewall protecting a Windows box will be scanned for *all* attacks, not only Windows specific. This might lead to Windows-specific vulnerabilities being detected in the Linux firewall which, in fact, belong to the Windows server (consider if you are using NAT or port redirection for example). Regards Javi PS: There are nessus packages available for the latest releases (for 1.2.5 at least, 1.2.6 is the latest official Nessus release). Check packages.debian.org/nessus. PPS: Joy is doing a great job updating these packages, we should all be grateful :)
Attachment:
pgpLClQalk5jY.pgp
Description: PGP signature