Quoting Adam Kosmin <[EMAIL PROTECTED]>: > Is there a way to exclude ALL plugins that could potentially > bring down a remote host or a service that is running on it?
When it comes right down to it, *any* connection to the target could potentially take down the host or service. As I said in my previous email, an HTTP request to some services is enough to kill it, even though an even semi-well written program should be able to handle it. Older versions of HP MeasureWare, for example, spike the CPU if you send "GET " (really any unexpected 4 string character). I've even encountered many hosts/services that fall over if you simply do an nmap scan of them. Disabling dangerous plugins and safe checks will keep the plugins from performing *intentional* DoS attempts, but you'd be fooling yourself to think that you can guarantee a scan won't hurt a host--and risking your job as well, it seems. -- http://www.cirt.net/
