Absolutely correct. There is no way anything that sends packets can be made 100% safe.
And nessus already has a class of "dangerous" plugins (I believe Renaud already put this on in that class). My point is mostly that I prefer a toolkit made up of a set of simple tools that (each) do one (or a few) things very well. By *intentionally* crossing that line, when there are other ways to address the problem, I think unnecessicarily complicates things. Jim ----- Original Message ----- From: "Jesper S. Jensen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, January 23, 2004 8:00 AM Subject: Re: Bagle remover + Nessus 2.2 > Jim Hendrick wrote: > > > The problem I have is that of the worst case situation. If a new version of > > Bagle (or something else) were written to trigger damage on receipt of > > "43ffffff0000000004120" > > You got a point, but what about the thousands of other know > exploits/holes out there. > > If eg. the "good" old Unicode Directory Transversal hole was used by a > virus. I mean, used as in a virus infects a server, and set up this > trap. As Nessus comes by and tests for the hole, BAM the virus formats C > (or something similar). It would be virtually impossible to make a > scanner that couldn't be a trigger like that. > > > -- > > Jesper S. Jensen > Basisnet og Sikkerhed > Uni-C - �rhus, Danmark > +45 8937-6666 > _______________________________________________ > Nessus mailing list > [EMAIL PROTECTED] > http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
