On Tue, Nov 30, 2004, Andrew Kraslavsky wrote: > To test the security of my proprietary HTTPS server, built with OpenSSL > library version 0.9.7d, I ran Nessus version 2.2 against it and it reported > the following alert (as issued by Nessus plug-in ID 11875, described at: > http://cgi.nessus.org/plugins/dump.php3?id=11875 ): ... > ---> My question is, why does Nessus report this alert
The why is fairly straightforward based on the plugin source -- in response to a corrupt client certificate sent by the plugin, your server sent either nothing or something other than an "unexpected_message" or "bad_record_mac" alert (by assumption) message. Now if your web server is on a different network than your Nessus server or was busy, this may have occured simply because the plugin timed out. Have you sniffed the traffic or added some display() statements to the plugin to learn exactly what's being returned? George -- [EMAIL PROTECTED]
pgpZ6eLFt7qV0.pgp
Description: PGP signature
