Security Basics mailing list archives
Finding Nessus False POsitives
From: kaps lock <secnerdkaps () yahoo com>
Date: Sun, 6 Feb 2005 16:16:34 -0800 (PST)
Hi All,
I would like to know how experieced vulnerability
assesment anaylsts determine nessus results as false
positives or not.
The way i ascertain a result being a false positive or
not is by crafting the same http request to the
webserver .
The point where i struggle is how to craft the same
request.I mean if nessus says
"nessus was able to find the authentication mechanism
behind an smtp server as NTLM how cud i believe or
deduce tis true"
"or nessus cud actually upload a test file with PUT
and then delete the TEST file with DEL on the
webserver"
how can i determine these to be true?
thanks
kaps
__________________________________
Do you Yahoo!?
Yahoo! Mail - Easier than ever with enhanced search. Learn more.
http://info.mail.yahoo.com/mail_250
Current thread:
- RE: Need secure firewall for SOHO, (continued)
- RE: Need secure firewall for SOHO Andrew Shore (Feb 03)
- RE: Need secure firewall for SOHO Carson Sweet (Feb 03)
- Re:Need secure firewall for SOHO Ghaith Nasrawi (Feb 03)
- Re: Need secure firewall for SOHO James D. Fryman (Feb 04)
- Re: Re:Need secure firewall for SOHO Barrie Dempster (Feb 04)
- RE: Need secure firewall for SOHO Liran Cohen (Feb 03)
- RE: Need secure firewall for SOHO Danny Puckett (Feb 03)
- RE: Need secure firewall for SOHO Mike Sweeney (Feb 04)
- RE: Need secure firewall for SOHO DAmbrosia, Jim (Feb 04)
- Re: Need secure firewall for SOHO dante hicks (Feb 07)
- Finding Nessus False POsitives kaps lock (Feb 07)
- Password Auto-Repository xyberpix (Feb 09)
- RE: Password Auto-Repository Drew Burke (Feb 09)
- Re: Password Auto-Repository Mike Chapple (Feb 10)
- RE: Need secure firewall for SOHO Andrew Shore (Feb 03)
- RE: Need secure firewall for SOHO Justin Coffi (Feb 04)
- RE: Need secure firewall for SOHO Javier Otero De Alba (Feb 04)
- Re: Need secure firewall for SOHO Jonathan Nichols (Feb 07)
- RE: Need secure firewall for SOHO Mike Sweeney (Feb 07)