Cory Hollingsworth wrote:
I've just run Nessus against one of our fully patched Raq 4's and I'm seeing a lot of Security Hole listings. There are 5 Security Holes reported for http alone. Now there is a disclaimer in the Nessus report that this may be a false positive for each reported hole. My question is has any one else run Nessus against their patched Raq4 and if so how many of these reported holes are legit? I'm new to Nessus as well. So there might be a better selection of options to use in my scan. Those of you that are using Nessus, what are you doing?
Hi Cory,I have seen the results of a nessus scan on a fully patched Raq4 and spent many evenings poring over the results checking each one off. The report that I saw listed *A LOT* of issues (over 25 pages) of which I only found a couple of actual problems which were so small I fixed them myself or I mailed Sun about and I'm pretty sure have now been patched.
IMHO about 95% of successful hacks that I have seen have been due to content hosted on websites themselves instead of the servers. It's a lot easier to do a google search to find sites running a vulnerable script than to spend time scanning servers for remote vulnerabilities. I'm not saying it doesn't happen just where to put your effort.
Regards, Dan -- http://www.dogsbody.org/