Re: [Plugins-writers] Comment on NID:11157

• Previous message: MadHat: "Re: [Plugins-writers] Comment on NID:11157"
• In reply to: MadHat: "Re: [Plugins-writers] Comment on NID:11157"
• Next in thread: MadHat: "Re: [Plugins-writers] Comment on NID:11157"
• Reply: MadHat: "Re: [Plugins-writers] Comment on NID:11157"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri Apr 15 2005 at 16:39, MadHat wrote:

> So, the better solution would be to fingerprint the port better,
> identifying OfficeScan as what is running

Right

> and not alert on it if it _is_ a valid app?

trojan_horses.nasl already does this. Unfortunately, this does not
eliminate all false alerts.
So this plugin is disabled if "avoid FP" is set.
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: MadHat: "Re: [Plugins-writers] Comment on NID:11157"
• In reply to: MadHat: "Re: [Plugins-writers] Comment on NID:11157"
• Next in thread: MadHat: "Re: [Plugins-writers] Comment on NID:11157"
• Reply: MadHat: "Re: [Plugins-writers] Comment on NID:11157"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Apr 15 2005 - 07:51:20 PDT