Before I generate the reports for management I go through them and remove those that I know are false positives. (NessusWX makes that easy.) I have had that problem with any scanner I have used, the only solution I have found is for knowledgeable security people to massage the reports to management.
Adrian -----Original Message----- From: Tim Sailer [mailto:[EMAIL PROTECTED]] Sent: Monday, July 22, 2002 10:47 AM To: Dion Stempfley Cc: [EMAIL PROTECTED] Subject: Re: false positives On Mon, Jul 22, 2002 at 01:47:47PM -0400, Dion Stempfley wrote: > And they think ISS will not! :) Well, some people are actually comparing side by side reports, and getting this conclusion... > Sorry, no real help. :/ thanks... Tim -- Tim Sailer <[EMAIL PROTECTED]> Brookhaven National Laboratory (631) 344-3001
