Hello, I am using the "eEye Retina" Scanners in order to monitor web servers vulnerabilities ( code-red/Nimda) and I plan to replace the two scanners ( one for Code-red one for Nimda ) by Nessus.
In order to set up the "attacks" to use, I found a IIS vulnerable server ( according to the retina scanner) and i launched a nessus (1.2.6) against it . I did an nmap scan on ports 0-1500 I set the plugins to "allow all but dangerous plugins" . I unchecked the "safe test" and "optimize scan" . The ONLY vulnerability found was the "ICMP timestamp" Does somebody knows exactly what are the conditions on which the retina scanner answers "vulnerable code-red" ? Patrice ARNAL ALCANET France Site d'ILLKIRCH 1 Route du Dr Albert SCHWEITZER 67408 ILLKIRCH CEDEX - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
