Could someone explain to me if it is possible to have Nessus explicitly report a "not vulnerable" status for each and every plugin run against a system that it is not vulnerable to?
This could serve as a complete record listing of all plugins run against a system, and potentially allow in the future for the diff scan functionality to be able to report the 'disappearance' of vulnerabilities over time (which it cannot currently do). Additionally, if a security analyst were examining an attack against a system, they could review this record to determine that it is not vulnerable to the attack underway, and safely ignore it. As is, it seems the Nessus results would only be helpful in confirming that a system is in fact vulnerable to an attack. I think it would be helpful to have this "not vulnerable" status reported in either the report, or, more likely, the data file under /usr/var/nessus/users/scan/sessions/.
Please let me know if this information does exist somewhere that I've missed, if there are plans to implement this, or why it would not be as beneficial as it seems, or why I am otherwise way off the mark. ; )
Thanks,
_________________________________________________________________ Check out the coupons and bargains on MSN Offers! http://youroffers.msn.com
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
