I've had this same problem in Nikto as well... but something I disregarded for Nikto could work here. It could absolutely cause false-negatives, but... after XX positives on web attacks we could simply stop checking that web server, disregard the results we already got and issue a warning about not checking all the tests on the web server. I've never seen a server with 20 or more web specific vulnerabilities on the same port without most or all being false positives. But I've seen people just disregard *all* of a scan because Nessus reported so many web false-positives...it would certainly stop that.
For the curious, I disregarded it for Nikto because, well, web checks are all it does so it seemed kind of silly to stop checking :) -Sullo ___________________________________________________ http://www.cirt.net/ Home of Nikto - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
