>-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of H D Moore >Sent: Tuesday, June 15, 2004 4:18 PM >To: [EMAIL PROTECTED] >Subject: Law suits and Nessus plugins (was: Two plugins same ID) > > ><rant> >That is absolutely ridiculous; Nessus routinely includes plugins which >produce a warning when questionable or oft-insecure software is >discovered. How is this different from stating that any telnet service >should be disabled as it is inherently insecure. If the problem is the >'spyware' label; remove it, but include a description of what the product >does and why it could be a security issue. Granted, just because you are >not slandering them doesn't mean that they cant sue you for it anyways :( ></rant>
Unfortunately, 'telnet' does not have a vendor associated with it. It is just some accepted standard. McAfee deals with this sort of "detection" in the new versions VirusScan Enterprise by having it available but disabling it by default. So, Nessus could probably get by doing the same. Nessus can detect if someone has KaZaa or WinMX or even IIS running, so I don't see how this is different. As long as Nessus doesn't try to crash the service and carefully words the associated text, there is no issue. -Jason ------------------------------------------------------------------------------ Confidentiality notice: This e-mail message, including any attachments, may contain legally privileged and/or confidential information. If you are not the intended recipient(s), or the employee or agent responsible for delivery of this message to the intended recipient(s), you are hereby notified that any dissemination, distribution, or copying of this e-mail message is strictly prohibited. If you have received this message in error, please immediately notify the sender and delete this e-mail message from your computer. ============================================================================== _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
