[unisog] Re: Nessus Scanning

Matt Crawford crawdad at fnal.gov
Thu May 13 13:25:04 GMT 2004


On May 10, 2004, at 12:00, Jens Haeusser wrote:
> Matt Crawford wrote:
>> We scan with the whole site with nessus, but only for the most 
>> critical vulnerabilities.  There hasn't been a problem.  [...]
>
> I know that many of you scan with a subset of the Nessus plugins- 
> which do you consider the most critical? Do any of you keep the list 
> updated on a website somewhere?


The uncommented ones are the current hot set ...

my @plugin_includes = (
#    '10180',                                # Ping the remote host
#    '10335',                                # tcp_connect() scan
#    '11219',                               # SYNscan
#    '11268',                               # Nmap OS fingerprint
#    '11765',                               # MS UPNP helper - disable 
it.
     '11890',                                # MS buffer overrun in 
Messenger Service
     '11835',                                # MS RPC buffer overrun 
KB824146
#    '11936',                               # OS fingerprint
#    '11943',                               # rsync heap overflow
     '12054',                                # MS04-007 ASN.1 Parsing Vul
     '12204',                                # MS04-011 IIS SSL part of 
KB835732
     '12209',                                # MS04-011 KB835732
);




More information about the unisog mailing list