Goran Ličina wrote: > I would also like to raise a question about invasive and non-invasive (safe) > remote checks. Which one of these are preferred in OpenVAS? > > In my opinion checks based on reading version form banner are good and safe > way > to check for vulnerability, but still they are not as reliable as executing > the actual exploit and i.e. crash service. Maybe it makes sense to have both?
That's also good point for discussion. IMHO and in perfect situation, it would be best that we have both. i.e. first check banner only, if safe_check is off, do some additional tests. That info is something we should add to each vuln - how it is implemented(safe/banner only, triggering vulnerability, ...) for benefit to developers and users. Whetever it is wiki or some other form... Kost _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
