Try it with IDS Evasion turned on. Also set the rate to be "sneaky" or "paranoid".
I know there are several American ISPs who use IDS or at one point used IDS to identify "malicious" activity. Back when I was making my rounds at ISPs, many fast connections would be filtered by our firewalls as DDoS attacks -- firewalls that pointed both in AND out. With the state of the IDS market as it is today, I'm sure even running nessus with a slow connection setting will trip something somewhere unless you really work the IDS evasion features. I'd be suspect of your connection and firewalls and/or IDS boxes. >-----Original Message----- >From: Always Bishan [mailto:[EMAIL PROTECTED] >Sent: Wednesday, July 02, 2003 6:49 AM >To: [EMAIL PROTECTED] >Subject: false positives and internet diconnection > > >hi all > >In the process of doing penetration testing for one >of our clients when we scanned there machines for >vulnerabilites with the options enable all plugins >and optimize test. This gave us a lot of false >positives. > >So we again scanned those machines with optimize >option disabled, but again we got some new false >positives. But this time we got a lot of internet >disconnections. > >Is internet disconnection the problem for generating >false positives? If yes than how to avoid this. > >To check whether they are false positives I ran the >corresponding nasl script standalone, and they in >turn didn't give any success output. > >Is my criteria of verifying false positives correct? > >Any clues ... highly appreciated > >Regards, >Bishan > > > >_______________________________________________________________ >_________ >Want to chat instantly with your online friends? Get the FREE Yahoo! >Messenger http://uk.messenger.yahoo.com/ >
