Is there a way to do what I want, and get it to recognize the customerror.aspx script in the Location: header?
--- "The avalanche has already begun. It is too late for the pebbles to vote." -- Kosh
Some of the HTTP servers I scan do not return 404 on a not-found page. They
return a 302 Found with a Location: header containing a URL that goes to a
customerror.aspx script, every time. This should be easy to recognize, but
I don't know how to tell Nessus 2.x that when it gets a 302 with a
Location: containing that aspx script, it's to treat it as a 404. Instead,
the no404.nasl seems to follow the redirect, then gets lost on the 200 OK
page that it receives from the customerror.aspx URL, not finding any text
in the body that matches what it's got for the body error message in
no404.nasl.
- Tell Nessus about no404 on my server Mike Batchelor
- Mike Batchelor
