How does nessus find out what application is running.Since it has to know this information in order to launch an exploit. And exactly how much information does nessus need to launch an exploit. I mean the full application name and version number is necessary or the service name is also sufficient in many cases?
Ive seen it sending the "get" probe but I was confused about wherther it would be able to find an application uniquely on the basis of this probe. So what is actually doing ? 1. Is it just matching a banner 2.does it have a database of responses for each application like maybe nmap does. 3.It is fingerprinting the application in some other way. __________________________________ Do you Yahoo!? Yahoo! Mail SpamGuard - Read only the mail you want. http://antispam.yahoo.com/tools _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
