"Jim Hendrick" <[EMAIL PROTECTED]> writes: > The problem I have is that of the worst case situation. If a new version of > Bagle (or something else) were written to trigger damage on receipt of > "43ffffff0000000004120"
Highly theoritical, IMHO. Another version could trigger damage if you open the port and close it without sending data. Does this mean that we have to suppress the port scanning phase? As a matter of fact, port scanners _really_ do damage on broken services / IP stacks. > They now have to understand and weigh for themselves the risks of each > plugin (yes, in a perfect world, they would be doing this anyway). No, that's impossible. If they are able to determine the risk, this means that they know the exact configuration & weaknesses => they do not need Nessus to find the holes. > I simply think that in this case, the potential for danger is greater than > the potential gain. I do not see any danger here. _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
