On Thu, 28 Oct 2004 16:16:10 -0700, Joseph Lundgren <[EMAIL PROTECTED]> wrote: > Greetings, > > That guy's Nessus scan for georgewbush.com has obviously fallen into a > honeypot/IDS tarpit. The Nessus scan returned results from well-known > (and OLD) IIS, OmniHTTPd, and Cobalt Linux vulnerabilities, as well as > obvious CGI vulns. Disregarding the fact that IIS doesn't run on Cobalt > Web Appliances (Linux), there's no way that any administrator would > allow those out-of-date, unpatched, scripts to be run on a modern machine. > Well, AFAIK the scan was done sometime this spring,
it wouldn't surprise me that they had some honeypot style thing, since they would have had much more problem had they truly had that many vulnerabilities exposed. The scenario creating part of me thinks that there are probably several overenthusiastic script-kiddies who were quietly "recruited", as a result of their efforts on the president's website. > Nessus is indeed a pretty cool tool, but only if you know how to > interpret its output. > > Never place too much faith in anything you see, read or hear that you > cannot personally reproduce. Words of wisdom, listen to the man. -- http://Zoneverte.org -- information explained Do you know what your IT infrastructure does? _______________________________________________ EUGLUG mailing list [EMAIL PROTECTED] http://www.euglug.org/mailman/listinfo/euglug
