Read nessus-core/doc/WARNING.En from the Nessus distribution. A couple of bits are excerpted below. I've seen conflicting info on the list though as to whether or not these two options really are redundant.
Regards, Michael 3.3. Scripts selection With the GUI, one can - select everything in one click, - select "Everything but dangerous plugins". This choice eliminates the categories ACT_DENIAL, ACT_KILL_HOST or ACT_DESTRUCTIVE_ATTACK. This is redundant with the "safe checks" option and will probably disappear one day. - select or remove each plugin individually. - select a whole family. Keep in mind that all dangerous scripts are not in the "denial of service" family! 3.4.4. Safe checks This option disables the dangerous script that may kill the system or some service. Nessus then relies upon the version numbers in banners, for example. If no clue is available, the test is simply dropped. This option is more dangerous that it looks: - You can get a false feeling of security. Not seeing a weakness in the report does not mean it is not there. - If the script was badly written and does not check the option with the safe_checks() function, the attack will be launched. Scripts delivered with Nessus are supposed to be safe, but a "unofficial" or experimental script might be dangerous. Note that ACT_DENIAL, ACT_KILL_HOST and ACT_DESTRUCTIVE_ATTACK scripts are never run when this option is on. > -----Original Message----- > From: Omernik, John [mailto:[EMAIL PROTECTED] > Sent: Monday, August 18, 2003 9:20 AM > To: [EMAIL PROTECTED] > Subject: DOS vs Non-DOS with Safechecks > > > If you have safe checks enabled is it safe to run the DOS plugins? I > have been running tests WITHOUT the DOS plugins, even though > I have safe > checks enabled. Thoughts? > > > > > > ____________________________________________________________________ > > Please look below this disclaimer for attachments. > > This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. This communication may contain material protected by > attorney-client privilege. If you are not the intended recipient or > the person responsible for delivering the email to the intended > recipient, be advised that you have received this email in error and > that any use, dissemination, forwarding, printing, or copying of this > email is strictly prohibited. If you have received this email in error > please notify the Information Systems Manager by telephone at > (715)845-3111 > > [EMAIL PROTECTED] > http://www.wipfli.com > >
