About Nessus issue
Wayne.Lai
wayne.lai at etatung.com.tw
Mon Apr 4 04:11:14 EDT 2005
Dear sir:
Sorry to bother you,but it's really very important for us.
I have tried to use Nessus to scan our and customers' Linux RedHat9.0 system.The Nessus always showed me some security warning and holes found on the Linux system.Even we have upgraded all Package for RedHat9,include YUM,up2date and legacy version.And re-scan again by Nessus,the Nessus still showed me the same security warning and holes information.
Does the Nessus scan and check the Package version for the security warning? I have found many tool only check the main system version and can't check the Bugfix version.And it'll make perplexity on this situation.
For example,for redhat 9,the system Apatch version is 2.0.40
and the relation Package to fix the Apatch security problem(Bugfix version) is 2.0.40-21.xxx.rpm .I have upgraded the system with all bugfix version. But the Nessus still show me some warrang and holes after scaning the Linux system. And suggestion on Nessus still want us to upgrade Apatch to higher version(like Apatch 2.0.51...)
So my guestion:Does the Nessus scan the Bugfix Package version?
Or the RedHat9 really have many bug even with all Legacy Packet installed?
The response is really important for us.
Thanks for your response.
best regards Wayne
-------------------------------------------------
Wayne-Lai PSTN: +886-7-2251000 Ext:101
Fax:+886-7-2252000
E-mail: wayne.lai at etatung.com.tw
Http: www.etatung.com.tw
TSTI
Tatung System Technologies INC.
-------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.nessus.org/pipermail/nessus/attachments/20050404/84a1b5d5/attachment-0001.html
More information about the Nessus
mailing list