On Thu, Dec 04, 2003 at 09:49:50AM -0500, Michael Scheidell wrote: > now that nessus has a 'islocalnets()' function, I think it is time we looked at changing the severity of some of the plugins, based on if this is an external penetration/vulnerabilities assessment, vs in internal network assessment. This is on my TODO list. However, I'd prefer to have a global variable that the user would manually set to determine if the scan is internal or external : This would affect (on the top of my head) : smb_login.nasl -> low if internal cifs445.nasl -> high if external netbios_name_get -> medium if external smtp relay tests -> disabled if internal Then I should probably add a plugin called dangerous_ports.nasl which would yell if ports 135-139, 445, 23, 10-20 and a couple of others are open and we are doing an external test. -- Renaud _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2b30 : Thu Dec 04 2003 - 06:59:10 PST