I think my real concern has already been stated. But I will repeat it.
As a philosphy, I believe it to be prudent to minimize the execution
of any untrusted code on the remote system. This is regardless of
whether or not the remote host has been compromised or not.
That's a good philosophy, so simply turn safe_checks on and the Nessus scan will match you philosophy. This comes at the price of accuracy of course.
Quite a few plugins do semi-dangerous stuff, like trying to upload files to an FTP server to see if it's writable. This will cause some printers to print a page. Look at plugin 11513 for some particularly interesting things done on the target host.
Regards,
Paul
-- Paul Johnston Internet Security Specialist Westpoint Limited Albion Wharf, 19 Albion Street, Manchester, M1 5LN England Tel: +44 (0)161 237 1028 Fax: +44 (0)161 237 1031 email: [EMAIL PROTECTED] web: www.westpoint.ltd.uk
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
