Hello all, I would really appreciate a little clarification on the DoS category of plugins. I am using NessusWX as a client, just in case it makes a difference for any of the questions.
1) Why does selecting "Enable Non-DoS" from the plugin list leave some checks in the DoS category active? Example: Abyss httpd crash is disabled, but Annex DoS is still enabled 2) Why are some plugins that seem to very specifically knock over services not classified as DoS? (This kind of overlaps with #1, but these plugins aren't even in the DoS category at all...) Example: 11612 PXE server overflow. In the description field it even says "Nessus disabled this service to perform this security check." It seems pretty clear from it description that it fully intends to disable the service, and classifies itself as an "ACT_DESTRUCTIVE_ATTACK". 3) I have a question about the overlap between safe-checks and the DoS category: is it the difference between a chance of crashing vs. definitely crashing? What is the dividing line? _____________________________________________________________________ Tarek Moussa E-mail: [EMAIL PROTECTED] Information Security Office Phone : 512.475.9430 Information Technology Services The University of Texas at Austin _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
