Thursday, May 29, 2014

Re: [389-users] Retna Scan Results

On 5/29/2014 11:27 AM, John Trump wrote:
> I believe they are false positives. I am just searching for "proof" to
> provide to person running sans.

If it were really testing for the vulnerabilities it would have to be
presenting requests that exploit them and checking the the desired
outcome (for example that it can crash the httpd process). You could
look for evidence of such activity using tcpdump, and also in the httpd
access logs.

389 users mailing list

No comments:

Post a Comment