From: Jamie C. <jca...@we...> - 2001-05-26 16:14:41
|
Stephen Hand wrote: > > I have webmin running smoothly on several servers that I administer. It has > been a great to have a system that will allow other staff members to add > mail users, add dns records, etc... so I don't have to do it all the time. > > I also utilize nessus as a tool to scan for security issues on these > servers. Immediately after installing webmin nessus now tells me that I have > over 50 security holes which I didn't have before. The servers in question > are live on the net, so I do not want to compromise security. Any > suggestions or comments would be helpful. I've seen this before when using nessus to scan a server running webmin.. Because it can't identify the webmin webserver, it outputs a big list of possible security holes in other webservers, none of which are relevant to webmin at all.. Maybe if you posted the list of holes reported by nessus to the mailing list, I could tell you for sure if they are a problem or not. - Jamie |