hey all,

my web guys created a custom 404 page for a client and it works just fine. i am having issues though, when i run my security scanner on the site, i get a lot of false-positives(58 to be exact). if i remove the custom error page and replace it with the original, these false exploits do not show up. the custom 404 page is just static html, nothing to fancy, so i'm not sure if it's their code or my scanner??? i did try adding a 404 string in the custom 404 page, but the scanner still got the same false-positives.

i am trying to get this custom 404 page to not show these false-positives, so if anyone could shed some light on this for me i would appreciate it.


btw
web server used: iis 5.0
security scanner used: http://www.gfi.com/lannetscan/index.htm