[Openvas-discuss] false positives and version detection
Stefan.Schwarz at unibw.de
Thu Oct 6 16:13:05 CEST 2011
Am 06.10.2011 15:13, schrieb Michael Meyer:
> *** Thomas Reinke<lists at securityspace.com> wrote:
>> 1) We disable the banner checks if a local security check was run.
>> 2) Use a more granular approach - "up" report the version of
>> 3) A even more granular approach of flagging that an LSC detecting
> 4) http://seclists.org/openvas/2010/q4/152
As already discussed on this list, report paranoia isn't a solution to
this problem as long as most of the relevant NVTs don't use this option.
My current counting shows that only 156 NVTs of more than 22K are using it.
In my example of having FPs with PHP on Debian nothing changed when
switching to "avoid false alarms".
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 6299 bytes
Desc: S/MIME Cryptographic Signature
More information about the Openvas-discuss