Re: Nessus ID 11157 firing many times

Jason Leuenberger Tue, 07 Nov 2006 10:40:30 -0800

No banners, and not the same port on every host.

Thanks for the information George...

On 11/6/06, George A. Theall < [EMAIL PROTECTED]> wrote:

On Fri, Nov 03, 2006 at 10:28:44AM -0500, Jason Leuenberger wrote:

> Just finished an internal scan, and Nessus ID 11157 fired quite a bit. I
> understand that this can indeed be a false positive....but it probably
> went off on 40-50% of all internal hosts.

That plugin fires if any of a select number of ports is simply open and
is not running a known service. Thus, it might be a trojan or it could
just as easily be a valid service that we don't (yet) know how to identify.

Is there a banner reported on any of the affected hosts? Is it the same
port on each host?

George
--
[EMAIL PROTECTED]
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus

--
-->j

_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus

Re: Nessus ID 11157 firing many times

Reply via email to