November 25th, 2003, 03:47 AM
Nessus scanning OS X Server
I have got a bit of a strange one.....
I just installed nessus, got everything working, and then started a scan of a freshly installed and patched OSX 10.3 Server. There were a few things that it came up with, but then there was the funny one....
Nessus has determined that my OS X 10.3 Server is infected with Code Red.
Nevermind that this is a total impossibility, nevermind that this machine has never been on a live network, nevermind anything else.
I have done a brief google, and a brief search of the nessus bugzilla, and came up with nothing.
Has anyone ever seen this before from nessus?
I just told nessus to use all available plugins, I suppose I should customize the scan for the individual host, but it also occured to me that I might miss something if I did that, so I told it to use all plugins.
November 25th, 2003, 04:00 AM
I don't know exactly how code red works, but maybe it is some evil conspiracy by apple to take down all IIS servers. They have the machine infected with a specially crafted version just for OS X which then launches attacks against IIS servers on the internet. Of course I'm only kidding. I think you just got a false result on your scan.
November 25th, 2003, 04:03 AM
Yeah, that is what I figured, just thought it was odd enough to share...