From: Paul Johnston (paul@westpoint.ltd.uk)
Date: Wed Aug 04 2004 - 06:54:34 EDT
Hi,
Perhaps you could try setting up an IIS specific vulnerability, e.g.
iis_authentification_manager.nasl but use URL scan to rewrite the
Server: header to say Apache. An optimized Nessus test will miss this;
optimization is on by default.
Regards,
Paul
Chris Griffin wrote:
> Hi list,
> Im trying to find some good holes, that aren't major security issues,
> that i can create on a machine to see if our testing company really
> uses anything other than nessus.
>
>
>
-- Paul Johnston Internet Security Specialist Westpoint Limited Albion Wharf, 19 Albion Street, Manchester, M1 5LN England Tel: +44 (0)161 237 1028 Fax: +44 (0)161 237 1031 email: paul@westpoint.ltd.uk web: www.westpoint.ltd.uk
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:58 EDT