On Fri, Feb 20, 2004 at 12:03:09PM +0100, Golombek Kamil | BDO IT a.s. wrote:
> safe checks. So my choice was "enable all but dangerous" plus few other > changes (no NIDS evasion features etc). ... > I looked at the nessus log and I was quite surprised again - all (or at > least many) DoS plugins were run against targets. It appears you're assuming that any plugin with "dos" in its name is categorized as "dangerous", but that's not how nessus works. Decisions about which plugins to enable when setting "enable all but dangerous plugins" are made based on script categories -- those in the categories denial destructive_attack, and kill_host are excluded. None of those plugins you listed fall into those categories. Understand that a plugin name may contain "dos" simply because it detects a DoS vulnerability without actually exploiting it. For instance, zope_dos.nasl merely relies on a banner to check whether the target is vulnerable. Other plugins may rely on banners if safe_checks is enabled but otherwise resort to trying to crash the target; eg, iis_frontpage_dos.nasl. George -- [EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
