On Tue Mar 08 2005 at 00:52, Kevin Davis wrote: > Why bother? Over a year ago I brought up the issue that both Nessus > and NessusWX store these credentials locally in plaintext in a config > file. No one seemed think (aside from CERT) it was a big deal then.
There are ways to protect those "nessusrc" files, e.g. store them on a removable media or an encrypted disk. Any trick at the Nessus client level would be security by obscurity. _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
