Re: nessus exceptions

From: Paul Johnston (paul@westpoint.ltd.uk)
Date: Wed Aug 04 2004 - 06:54:34 EDT

• Next message: Marc Heuse: "RE: nessus exceptions"
• Previous message: FocusHacks: "Re: nessus exceptions"
• In reply to: Chris Griffin: "nessus exceptions"
• Next in thread: Marc Heuse: "RE: nessus exceptions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

Perhaps you could try setting up an IIS specific vulnerability, e.g.
iis_authentification_manager.nasl but use URL scan to rewrite the
Server: header to say Apache. An optimized Nessus test will miss this;
optimization is on by default.

Regards,

Paul

Chris Griffin wrote:

> Hi list,
> Im trying to find some good holes, that aren't major security issues,
> that i can create on a machine to see if our testing company really
> uses anything other than nessus.
>
>
>

-- 
Paul Johnston
Internet Security Specialist
Westpoint Limited
Albion Wharf, 19 Albion Street,
Manchester, M1 5LN
England
Tel: +44 (0)161 237 1028
Fax: +44 (0)161 237 1031
email: paul@westpoint.ltd.uk
web: www.westpoint.ltd.uk

• Next message: Marc Heuse: "RE: nessus exceptions"
• Previous message: FocusHacks: "Re: nessus exceptions"
• In reply to: Chris Griffin: "nessus exceptions"
• Next in thread: Marc Heuse: "RE: nessus exceptions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:58 EDT