"Adam Kosmin" <[EMAIL PROTECTED]> writes: > Can someone provide a description of the different plugin > families that are currently being used in 1.2.7
Although this does not concern Nessus 1.2.7, this may help: > The reason I'm asking for these descriptions is that I need to > understand why some plugins that belong to non 'denial of > service' families appear to crash remote servers/services. Because they test buffer overflows or format strings? > An example of this type of behavior would be the Weblogic DoS > plugin which belongs to the "Remote File Access" family. An error? Or maybe it allows to execute arbitrary code? > This plugin remains enabled when "Enable all but dangerous plugins" > is clicked 1. When you click this button, plugins are selected according to their _categories_, not _families_. 2. This should not happen, as it is marked as "ACT_DENIAL". 3. You'd better use "safe checks" than "Enable all but dangerous plugins" > However, I'm being stoned by my > management for killing these remote services when I swear to him > that I'm not doing "intrusive" scans. There is no such things as "non intrusive scans". Read nessus-core/doc/WARNING.En -- mailto:[EMAIL PROTECTED] GPG Public keys: http://michel.arboi.free.fr/pubkey.txt http://michel.arboi.free.fr/ http://arboi.da.ru/ FAQNOPI de fr.comp.securite : http://faqnopi.da.ru/
