Hi there I am starting to see if we can use Nessus to find spyware on our LAN.
It seems to work - but has a high false positive rate. I think what's happening is it looks for registry keys that are left behind by cleanup programs like SpyBot - so Nessus is effectively detecting hosts that *at some time* have had spyware installed on them - but can't differentiate between old and current infections. Is there a better way of doing this? Doesn't Spyware normally install actual programs that could be searched for? [I don't care about cookies! ;-)] Thanks -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
