Sullo wrote:
If you know all the (virtual) domain names, provide that list of names (just names) to Nessus to scan and it _should_ use that information when testing (so when testing the web server it will send the "Host:" header with that domain in it)--it always works for me.
Ok, that's what I thought. But it doesn't do it. That is, it scans the webserver, but I never get any hits in my logfiles, only in the logfiles of the general webserver and of course it doesn't find any of the php-scripts I have.
-- Jesper S. Jensen Basisnet og Sikkerhed Uni-C - Ã…rhus, Danmark +45 8937-6666 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
