Tim Sailer <[EMAIL PROTECTED]> writes: > I'm getting serious pressure from Management to switch from Nessus > to ISS. One of the reasons being is that they claim that Nessus is > clouding any real issues with false positives.
Really? I heard exactly the contrary: launch netstat -l on some sensitive ports (22 maybe?) and ISS will happily spit all the vulnerabilities it knows on this port. -- mailto:[EMAIL PROTECTED] GPG Public keys: http://michel.arboi.free.fr/pubkey.txt http://michel.arboi.free.fr/ http://arboi.da.ru/ FAQNOPI de fr.comp.securite : http://faqnopi.da.ru/
