Re: [Plugins-writers] islocalnets and severity

From: Renaud Deraison (deraison@private)
Date: Thu Dec 04 2003 - 06:57:03 PST

  • Next message: Paul Johnston: "[Plugins-writers] Dupe plugin id"

    On Thu, Dec 04, 2003 at 09:49:50AM -0500, Michael Scheidell wrote:
    > now that nessus has a 'islocalnets()' function, I think it is time we looked at changing the severity of some of the plugins, based on if this is an external penetration/vulnerabilities assessment, vs in internal network assessment.
    
    This is on my TODO list. However, I'd prefer to have a global variable 
    that the user would manually set to determine if the scan is internal or
    external :
    
    This would affect (on the top of my head) :
    
    	smb_login.nasl -> low if internal
    	cifs445.nasl   -> high if external
    	netbios_name_get -> medium if external
    	smtp relay tests -> disabled if internal
    
    Then I should probably add a plugin called dangerous_ports.nasl which
    would yell if ports 135-139, 445, 23, 10-20 and a couple of others are
    open and we are doing an external test.
    
    
    				-- Renaud
    _______________________________________________
    Plugins-writers mailing list
    Plugins-writers@private
    http://mail.nessus.org/mailman/listinfo/plugins-writers
    



    This archive was generated by hypermail 2b30 : Thu Dec 04 2003 - 06:59:10 PST