Re: False positives scanning Red Hat servers running Apache

[Russell Fulton <r.fulton () AUCKLAND AC NZ>]

Wyman Miles wrote:
> In general, the DoS risk isn't that severe.  And, you're not the only
> person in the world who can cause one.  If you are, you probably don't
> need
> to bother with vulnerability scanning.

I'm with Wyman on this one.  We scan with all tests enabled, even
against our productions systems.  If we can knock the box over with a
scanner then so can anyone else.

The backporting of patches issue (as others have mentioned) has been
around for a long time.  I got so feed up with nessus at the time of all
the UNIX FTP vulerabilities (remember weftpd?) that I wrote my own
banner grabber script which checked the dates in the banners -- it was
*far* more reliable than the version alone (not infalible though!).

Russell