On 01/19/2010 11:08 AM, Geoff Galitz wrote: > I'll put in a plug for a software project that I am developer/contributor > for, OpenVAS (Open Vulnerability Assessment Scanner). > > http://www.openvas.org > I look at this a while back, well over a year i think now. And the problem was that openvas does not actually test for the Vuln but it tries to use content to assume the exploits will not work. That is a very risky situation to get into. -- Karanbir Singh London, UK | http://www.karan.org/ | twitter.com/kbsingh ICQ: 2522219 | Yahoo IM: z00dax | Gtalk: z00dax GnuPG Key : http://www.karan.org/publickey.asc