On Thursday 14 March 2002 21:51, khayman wrote: > I completely agree with the signoff procedure you have in place, but > what is the point of disabling the dangerous options in Nessus? That > defeats the purpose and gives you a false sense of security. You'll > miss plenty of DoS exploits (among others) that could be used in
IMHO, one could first run safe scans, fix all security flaws, and then gather all administrators and tell them "Ok boys, now let's do some serious security scans.." This way, you'll have: 1. many minor security issues already patched 2. people will understand what is going on 3. people will accept the reason for doing security scans 4. people will be ready to try some hardcore issues So you get two things - minor security flaws already patched and experienced admins who'll have no fear of doing DoS scans. It will make them feel easier on running dangerous plugins, for they'll have some experience and deeper understanding of the process. -- Radoslav Dejanovic Senior Associate to Mayor's Office City of Zagreb, Croatia
