I received the below e-mail on another listserv and I thought it was a good question...
Hi all One of my favourite general purpose scanner is nessus for obvious reasons. However, I do struggle with the interpretation and evaluation of the results: After the scan, I use the report function to generate a HTML type report. The vulnerabilities listed in that report are not associated with the plug-in's that detected them in the first place. How can I possible know which plug-in detected which vulnerability? I need to validate the identified vulnerabilities in order to eliminate false positives, therefore I would like to know which script was used to identify a certain vulnerability. One simple example: nessus reports that a DNS zone transfer was possible. However, when I try to manually perform a zone transfer, I am not able to do so! The conclusion would be a false positive - but - maybe the script is using a more sophisticated approach and is successful! The next step would be to look at the plug' in which detected the vulnerability in the first place - and I don't know which one it is. Any ideas guys? Thank you for your help. Kind regards, cissper ************************************************************* Scanned by net.work.Maryland Antivirus Service ... the Backbone of eMaryland, the Digital State. ************************************************************* _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
