Anders Bandholm wrote:
Hi again!In several Nessus-versions I have had the problem that some of the UDP-based backdoor-programs (Trin00, mstream, etc.) turn up as false positives on every host that I scan. One of the last in the 1.0.x series did not have this behavior... I have no idea what the problem is, and why it disappeared in that particular version. Does anybody else know this problem - or even better: A cure? I'm currently running Nessus 1.2.7 on Debian woody (built from source the "Debian Way" as describe previously by Joerg Friedrich)
I've also noticed it. This seems to have been fixed in latest releases of Nessus 1.3.x, I've been testing 1.3.3 (I haven't tested the changes for 1.3.4 yet) for a while now and I have not seen yet this false positives appear again for the moment (I did see them both in 1.2.7 and 1.3.1).
Regards
Javi
