[Openvas-devel] Report paranoia
Michael Meyer
michael.meyer at greenbone.net
Thu Nov 11 16:11:00 CET 2010
Hello,
there is an option "Report paranoia" which could have the following values:
Normal (0)",
"Avoid false alarms (1)",
"Paranoid (more false alarms) (2)".
Default value of "Report paranoia" is "Normal".
Question is: Should we use that for remote-version-checks which are prone to false
positives if software is backported.
,---[ foo.nasl ]
| [...]
| include("global_settings.inc");
| [...]
| if ( report_paranoia < 2 ) exit(0);
`---|
Otherwise we would have no _remote_ NVTs for vulnerabilities of backported software, where
a version check is the only way to "detect" the vulnerability.
There are at the moment around 100 NVTs using "report_paranoia". Most of them
are scripts inherited from Nessus.
Comments? ;)
Micha
--
Michael Meyer OpenPGP Key: 52A6EFA6
http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
More information about the Openvas-devel
mailing list