On Sun, Oct 13, 2002 at 02:48:15PM +0200, WebMaster wrote: > hi all, > > > is there a monster bug in nessus for woody? > > i scaned a woody server from 2 differents hosts (woody server also) (...) > it detected a trinoo for linux
The 'trinoo' test in Nessus is (was?) flawed and led to a number
of false positives. In any case, consider that Nessus does *not* do
attacks based on the OS detected. This might lead to false positives but
also reduces false negatives. Example: a Linux firewall protecting a
Windows box will be scanned for *all* attacks, not only Windows specific.
This might lead to Windows-specific vulnerabilities being detected in the
Linux firewall which, in fact, belong to the Windows server (consider if
you are using NAT or port redirection for example).
Regards
Javi
PS: There are nessus packages available for the latest releases (for 1.2.5
at least, 1.2.6 is the latest official Nessus release). Check
packages.debian.org/nessus.
PPS: Joy is doing a great job updating these packages, we should all be
grateful :)
pgpjKy2ZBYywa.pgp
Description: PGP signature
