RE: Bagle remover...dangerous precedent?

Wed, 21 Jan 2004 16:45:22 -0800 

I am cut-and-pasting this from an earlier message.
---

From: nessus-bounces<at>list<dot>nessus<dot>org on behalf of Renaud
Deraison
[deraison<at>nessus<dot>org]
Sent: Tuesday, January 20, 2004 5:58 AM
To: nessus<at>lists<dot>nessus<dot>org
Subject: Re: Windows Registry handling

On Mon, Jan 19, 2004 at 10:39:19PM -0800, Biswas, Proneet wrote:
> Hi All,
> Many of the VA vendors have utilities to fix registry entries on
Windows. Is
> there anything on these lines in Nessus or any work being done ?

No. Nessus is a vulnerability _scanner_. No other features - it just
scans. It does not fix stuff, it does not have reports allowing you to
do
vulnerability management. It's only a scanner.

If you want a tool which "fixes" the stuff found by Nessus, then use a
dedicated tool, like Hercules, which can read Nessus reports.


                                -- Renaud
_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus

> -----Original Message-----
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On Behalf Of Thomas Reinke
> Sent: Wednesday, January 21, 2004 4:03 PM
> To: [EMAIL PROTECTED]
> Subject: Bagle remover...dangerous precedent?
> 
> 
> The recent bagle_remover.nasl script sets a somewhat dangerous
> precedent, IMHO, of crossing the line from vulnerability detection
> to remediation.  Not to mention that you are trusting the bagle
> remover script to do its own removal cleanly.  There are a number
> of reasons why this is bad, not the least of which is that I
> personally would not trust a virus to remove itself cleanly to
> begin with. It is by definition, after all, untrusted code.
> 
> I would suggest that this script be modified (if possible) into
> a detection only script and leave the corrective action out as
> a separate activity.
> 
> Thomas
> 
> _______________________________________________
> Nessus mailing list
> [EMAIL PROTECTED]
> http://mail.nessus.org/mailman/listinfo/nessus
> 
> 

_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus

Reply via email to