chris mr wrote: > How do I fine tune Nessus and reduce false positives? I would read through the documentation, the various blog posts at blog.tenablesecurity.com and also the archives of this mailing list. Nessus can be used for a lot of different types of audits, and each has different techniques for maximizing speed, reducing false positives, reducing false negatives, .etc.
> For example the MS Patches keeps showing up that I am missing KB944338, but > that KB is only good for IE6 and not IE7... > Any direction would be appreciated... Typically, if you think you have an issue with a plugin, letting everyone know the plugin ID in question can help. KB944338 matches plugin 31795 http://www.nessus.org/plugins/index.php?view=single&id=31795 http://www.microsoft.com/technet/security/Bulletin/MS08-022.mspx Reading the plugin output and MS08-22, VBScript and JScript is what is at risk here and would likely effect many different components beyond IE6 and/or IE7. Ron _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
