Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: NeWT Question

from [Nicolas Pouvesle] Network Security [Permanent Link]
Subject: Re: NeWT Question
Date: Wed, 25 Jan 2006 11:09:11 -0500 

On Jan 25, 2006, at 10:49 AM, jfvanmeter@comcast.net wrote:

Thanks Nicolas I wish I could, what I have is the report from a third party that ran NeWT and scanned several servers (all built from the same image). Generated the report and sent it to management. Now I have to figure out what is false and what is real.

I've been reading that having both optimize_test and safe_checks enable can generate fail hits and I know they had both enable.


optimize_test MUST be enabled.
safe_checks must be enabled too in most cases (else it may crash your services).


The flash issue only shows up on one server, just like i have a hit for the Guest account has to many privileges only a single hit on a one server.



If the plugin has reported an error, I can only suppose 3 things :

- the version of NeWT used for the scan was old
- plugins were not up to date. Plugin 11952 had not been updated and the regex was not working since 10 months
- Flash was installed on this system.


Nicolas
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  "high" vulnerability with TomCat, Puren, Steve
Next by Date:  Re: "high" vulnerability with TomCat, George A. Theall
Previous by Thread:  Re: NeWT Question, jfvanmeter
Next by Thread:  Re: NeWT Question, jfvanmeter
Indexes:  [Date] [Thread] [Top] [All Lists]