I 2nd this. Right now, this test is not practical. Notice, I did not say, theoretically correct - it's not practical. I have never been to a 100% native win2k environment, therefore this test will always fail since you can't restrictanonymous=2 in a mixed environment. Likewise, I have never been anywhere that was 100% windows free, either.
2 tests would allow me to disable this check & simply insert a note in my report stating all mixed windows environments have a known flaw, see MS article Q..... This would be less work & produce more meaningful results. > -----Original Message----- > From: Mike Shaw [mailto:[EMAIL PROTECTED]] > Sent: Thursday, September 26, 2002 5:54 PM > To: Nessus Mailing List (E-mail) > Subject: RE: Null session log in > > > > >Nessus is a tool to find what is wrong in the best possible way. > > Since it seems that there are two seperate vulnerabilities > depending on the > restrict anonymous setting, then I would think that the best > possible way > is to know each. If it shows up now, which is it? > > -Mike > > - > [EMAIL PROTECTED]: general discussions about Nessus. > * To unsubscribe, send a mail to [EMAIL PROTECTED] with > "unsubscribe nessus" in the body. > - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
