> hi all, > > i've got a vulnerability on the port http/80 that is added to the report > nessus. I've tried to work with the solution that nessus presents to me: > 1.Open Internet Services Manager. > 2.Right-click the Web server choose Properties from the context menu. > 3.Master Properties > 4.Select WWW Service -> Edit -> HomeDirectory -> Configuration > and remove the reference to .shtml/shtm and sht from the list. > > but, there aren't anyone of this .Shtml extensions on the servers, so nessus > until reports them. Have you ever seen this problem? Anyone has any idea? try looking at the sub roots, at some time or another, when you changed one of the permissions (ssl? authentication?) you copied over the web root permissions as well as the configuration, so look at some of the sub roots, sub domains or dub directories
-- Michael Scheidell, CEO SECNAP Network Security, LLC Sales: 866-SECNAPNET / (1-866-732-6276) Main: 561-368-9561 / www.secnap.net Looking for a career in Internet security? http://www.secnap.net/employment/ - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
