[Plugins-writers] islocalnets and severity

From: Michael Scheidell (scheidell@private)
Date: Thu Dec 04 2003 - 06:49:50 PST

  • Next message: Renaud Deraison: "Re: [Plugins-writers] islocalnets and severity"

    now that nessus has a 'islocalnets()' function, I think it is time we looked at changing the severity of some of the plugins, based on if this is an external penetration/vulnerabilities assessment, vs in internal network assessment.
    
    Example:
    
    smb_login.nasl sets as a high severity, (security_hole()) if it finds a NULL session.  Maybe if this is a localnet, it should be a security_warning or note.
    
    there are many pluigns that set security_hole and ask that you 'filter ports', and many of these should be changed to security_warning or note.
    
    What do you think?
    
    smb_login.nasl:
    
    A) correctly logs in using given smblogin an localnet:
       security_note
    
    B) logs in given administrator or guest (hole, no matter what!)
    
    C) NULL session:
      localnet warning
      !localnet hole.
    
    ?
    others?
    
    
    
    Michael Scheidell
    SECNAP Network Security
    561-368-9561 x 1131
    www.secnap.com 
    _______________________________________________
    Plugins-writers mailing list
    Plugins-writers@private
    http://mail.nessus.org/mailman/listinfo/plugins-writers
    



    This archive was generated by hypermail 2b30 : Thu Dec 04 2003 - 06:50:47 PST