httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <>
Subject Re: [users@httpd] Nessus hole report: MS/DOS device names
Date Wed, 19 Sep 2007 15:12:58 GMT
On Wed, 19 Sep 2007 17:05:13 +0200
"Gregor Schneider" <> wrote:

> Within Nessus, you have the options to choose the tests you want to
> run. It's a bit of work, however, configuring (choosing those tests
> dealing with *your* os / webserver / database etc.) and then saving
> them for future usage is worth while and avoids such garbage-messages.

Sounds like nonsense anyway.  A normal server on any platform can
safely access those names, and retrieve documents from somewhere
under its DocumentRoot, or whatever other source may be configured.

That report looks to me like trying to access /dev/ on *X.  Doesn't
mean is anything to worry about.

Nick Kew

Application Development with Apache - the Apache Modules Book

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message