Re: [cobalt-security] Nessus and the Raq4

["Zeffie" <cobaltlist@xxxxxxxx>]

> I've just run Nessus against one of our fully patched Raq 4's and I'm
seeing a lot of Security Hole listings.
> There are 5 Security Holes reported for http alone.  Now there is a
disclaimer in the Nessus report that this may be a false positive for each
reported hole.
> My question is has any one else run Nessus against their patched Raq4 and
if so how many of these reported holes are legit?

These listings are to be expected...  The problem is that some of the tests
are for the current version of running software... in this case apache and
php are both popping up as old versions that might have holes...  Sun Cobalt
makes the updates in hopes of closing the security holes found by patching
the current builds (rpms) with code that hopefully will close the holes and
the versions stay the same...

> I'm new to Nessus as well.  So there might be a better selection of
options to use in my scan.
> Those of you that are using Nessus, what are you doing?
> Thanks.

it's a personal choice about shutting off things like version checking...
You just need to be aware of what the report is and be able to determine if
it's valid or not.

Zeffie...  "Get your Z's with Zeffie"  734-454-9117
Cobalt RaQ Repairs, Development, and Maintenance.
Cobalt Spam Filter, Security, Firewall, Anti Virus Products
Authorized Wordassassin Dealer "Now with vertical penis protection"
http://www.zeffie.com/ Home of the Worlds Largest Collection of RaQ rpms