*** Jan-Oliver Wagner <[email protected]> wrote: > I stumbled (again) across the question how we should treat > the results of NVTs like os_fingerprint.nasl which > tries to guess some information (here the OS) > and adds this to the KB. > It also sends a security_note about the result. > > IMHO this should only be a log_message() as the OS > type as such has not relation to security status.
When scanning an entire Network, the installed Operating Systems could be an interesting Information. IMHO. ;-) I would prefer the use of 'report_verbosity' for such NVTs. So the user can then make the decision himself whether he wants to see such Informations or not. Im using 'report_verbosity' in all of my "Service Detection' NVTs. If 'report_verbosity' is set to 'Quiet' these NVTs will not report about found Software. Only security related stuff is reported in this case. I dont't like to hide informations collected by OpenVAS unless the user has configured to hide them. Micha _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
