[Plugins-writers] islocalnets and severity

• Previous message: sullo@private: "Re: [Plugins-writers] iplanet_data_snag.nasl"
• Next in thread: Renaud Deraison: "Re: [Plugins-writers] islocalnets and severity"
• Reply: Renaud Deraison: "Re: [Plugins-writers] islocalnets and severity"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

now that nessus has a 'islocalnets()' function, I think it is time we looked at changing the severity of some of the plugins, based on if this is an external penetration/vulnerabilities assessment, vs in internal network assessment.

Example:

smb_login.nasl sets as a high severity, (security_hole()) if it finds a NULL session.  Maybe if this is a localnet, it should be a security_warning or note.

there are many pluigns that set security_hole and ask that you 'filter ports', and many of these should be changed to security_warning or note.

What do you think?

smb_login.nasl:

A) correctly logs in using given smblogin an localnet:
   security_note

B) logs in given administrator or guest (hole, no matter what!)

C) NULL session:
  localnet warning
  !localnet hole.

?
others?



Michael Scheidell
SECNAP Network Security
561-368-9561 x 1131
www.secnap.com 
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Next message: Renaud Deraison: "Re: [Plugins-writers] islocalnets and severity"
• Previous message: sullo@private: "Re: [Plugins-writers] iplanet_data_snag.nasl"
• Next in thread: Renaud Deraison: "Re: [Plugins-writers] islocalnets and severity"
• Reply: Renaud Deraison: "Re: [Plugins-writers] islocalnets and severity"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Dec 04 2003 - 06:50:47 PST