I initially ran Nessus against a Redhat 7.2 server running Webmin wide open on the default port 10000. After realizing the hole, I moved Webmin to a different port ( ie., 7500 ) and enabled SSL. I have since verified that I cannot hit the domain on port 7500 w/o using an SSL connection.
After making the change, I re-ran Nessus against the same server and it found 79 holes - 78 of which were against port 7500?! They all referenced IIS or some asp/cgi script that is not installed on the server... I was thinking that Nessus was pretty accurate, but after this little blunder I want to make sure I fully understand what happened before passing final judgement.... Bill - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
