Re: MS03-026 vulnerability detection

From: H D Moore (hdmat_private)
Date: Thu Aug 21 2003 - 13:25:02 PDT

Next message: sulloat_private: "updated bugtraq IDs for openssh_pam_timing.nasl"

Previous message: Renaud Deraison: "Re: MS03-026 vulnerability detection"
In reply to: Abe: "MS03-026 vulnerability detection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday 21 August 2003 06:14 am, Abe wrote:
> I have however found something interesting in the Xforce tool, which
> claims to test a host in two seperate ways.
[ snip ]
> I was wondering if this difference could be a good basis for a nessus
> plugin.

Running a scan across a slow or bursty network segment would prevent this 
from working correctly. I would prefer to deal with false positives based 
on the host response than those incurred by network latency, at least the 
former have a chance of being fixed at some point :)

-HD

Next message: sulloat_private: "updated bugtraq IDs for openssh_pam_timing.nasl"
Previous message: Renaud Deraison: "Re: MS03-026 vulnerability detection"
In reply to: Abe: "MS03-026 vulnerability detection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 21 2003 - 13:25:59 PDT