Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


RE: nessus which plug'in reports which vulnerability?
.

  • To: [EMAIL PROTECTED], [EMAIL PROTECTED]
  • Subject: RE: nessus which plug'in reports which vulnerability?
  • From: "MARTIN M. Bénoni" <[EMAIL PROTECTED]>
  • Date: Mon, 23 Feb 2004 10:22:25 +0000
.
 
You can get the source of the plugins on your box (the exact place of these depend on your box, but they are *.nasl files, an "find / -name *.nasl | grep dns" should help you in your case), or here: http://cgi.nessus.org/plugins/dump.php3?viewby=family. 

An example of a code sourceis here:
http://cvsweb.nessus.org/cgi-bin/cvsweb.cgi/~checkout~/nessus-plugins/scripts/frontpage_passwordless.nasl?content-type=text/plain (that's an example) 

Hope it can helps :)



From: "cissper" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: nessus which plug'in reports which vulnerability?
Date: Mon, 23 Feb 2004 13:24:22 +1100

Hi all

One of my favourite general purpose scanner is nessus for obvious
reasons. However, I do struggle with the interpretation and evaluation
of the results:
After the scan, I use the report function to generate a HTML type
report. The vulnerabilities listed in that report are not associated
with the plug-in's that detected them in the first place. How can I
possible know which plug-in detected which vulnerability? I need to
validate the identified vulnerabilities in order to eliminate false
positives, therefore I would like to know which script was used to
identify a certain vulnerability.

One simple example:
nessus reports that a DNS zone transfer was possible. However, when I
try to manually perform a zone transfer, I am not able to do so!
The conclusion would be a false positive - but - maybe the script is
using a more sophisticated approach and is successful! The next step
would be to look at the plug' in which detected the vulnerability in the
first place - and I don't know which one it is.

Any ideas guys?

Thank you for your help.

Kind regards,
cissper



---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
----------------------------------------------------------------------------



_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail 


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
----------------------------------------------------------------------------
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.