Penetration Testing mailing list archives
Rooting out false positives
From: "Erin Carroll" <amoeba () amoebazone com>
Date: Mon, 18 Jul 2005 16:19:55 -0700
I recently rejected the below submission to the list as it was more appropriate for Tenable's nessus list rather than pen-test but I wanted to submit it with an addendum to bring up a topic which I would love to see discussed: How do list members deal with rooting out false positives? When do you have "enough" feedback in pen-testing a possible vunerability before putting something in the false positive column? 5 years ago certain vulnerabilities would have been beyond my skill level at the time to assess and verify correctly. I'm sure there are things now that fall into that area as well. What methods do you guys use to minimize that situation from occuring?
-----Original Message----- From: darkslaker [mailto:darkslaker.secure () gmail com] Sent: Monday, July 18, 2005 2:48 PM To: pen-test () securityfocus com Subject: Help with MYSQL In my last PT , nessus detect Your MySQL database is not password protected. Anyone can connect to it and do whatever he wants to your data (deleting a database, adding bogus entries, ...) We could collect the list of databases installed on the remote host : i couldnĀ“t connect with the Server. I think is a False Positive. But i not sure in this case. I tray to connect with perl , php , mysql and mysqldump. Anyone have information about this. DarkSlaker
Current thread:
- Rooting out false positives Erin Carroll (Jul 18)
- RE: Rooting out false positives Scott Fuhriman (Jul 18)
- Re: Rooting out false positives Renaud Deraison (Jul 19)
- Re: Rooting out false positives Michel Arboi (Jul 20)
- Re: Rooting out false positives Renaud Deraison (Jul 19)
- RE: Rooting out false positives Omar Herrera (Jul 18)
- Re: Rooting out false positives Javier Fernandez-Sanguino (Jul 19)
- <Possible follow-ups>
- Re: Rooting out false positives Omar Herrera (Jul 19)
- RE: Rooting out false positives Scott Fuhriman (Jul 18)