There also seems to be some inconsistency in the doc. Under "3.4 Important Options" it states that "a fourth one changes the behaviour of aggressive scripts: - Safe checks"
This implies that safe checks is not redundant with "Enable all but dangerous plugins" as the former changes behavior of a given script and the latter turns it off entirely. Unfortunately I'm not savvy enough to figure out what's really going on from the source code. Michael > -----Original Message----- > From: Cox, Michael > Sent: Monday, August 18, 2003 12:11 PM > To: Omernik, John; [EMAIL PROTECTED] > Subject: RE: DOS vs Non-DOS with Safechecks > > > Read nessus-core/doc/WARNING.En from the Nessus distribution. > > A couple of bits are excerpted below. I've seen conflicting > info on the list > though as to whether or not these two options really are redundant. > > Regards, > Michael > > 3.3. Scripts selection > > With the GUI, one can > - select everything in one click, > - select "Everything but dangerous plugins". > This choice eliminates the categories ACT_DENIAL, ACT_KILL_HOST or > ACT_DESTRUCTIVE_ATTACK. This is redundant with the "safe checks" > option and will probably disappear one day. > - select or remove each plugin individually. > - select a whole family. > Keep in mind that all dangerous scripts are not in the "denial of > service" family! > > 3.4.4. Safe checks > > This option disables the dangerous script that may kill the system or > some service. Nessus then relies upon the version numbers in banners, > for example. If no clue is available, the test is simply dropped. > > This option is more dangerous that it looks: > - You can get a false feeling of security. Not seeing a weakness in > the report does not mean it is not there. > - If the script was badly written and does not check the option with > the safe_checks() function, the attack will be launched. > Scripts delivered with Nessus are supposed to be safe, but a > "unofficial" or experimental script might be dangerous. > > Note that ACT_DENIAL, ACT_KILL_HOST and ACT_DESTRUCTIVE_ATTACK scripts > are never run when this option is on. > > > -----Original Message----- > > From: Omernik, John [mailto:[EMAIL PROTECTED] > > Sent: Monday, August 18, 2003 9:20 AM > > To: [EMAIL PROTECTED] > > Subject: DOS vs Non-DOS with Safechecks > > > > > > If you have safe checks enabled is it safe to run the DOS plugins? I > > have been running tests WITHOUT the DOS plugins, even though > > I have safe > > checks enabled. Thoughts? > > > > > > > > > > > > ____________________________________________________________________ > > > > Please look below this disclaimer for attachments. > > > > This email and any files transmitted with it are confidential and > > intended solely for the use of the individual or entity to > whom they > > are addressed. This communication may contain material protected by > > attorney-client privilege. If you are not the intended recipient or > > the person responsible for delivering the email to the intended > > recipient, be advised that you have received this email in > error and > > that any use, dissemination, forwarding, printing, or > copying of this > > email is strictly prohibited. If you have received this > email in error > > please notify the Information Systems Manager by telephone at > > (715)845-3111 > > > > [EMAIL PROTECTED] > > http://www.wipfli.com > > > > >
