Well, two things. One way is to find out what within Nikto raised the warning (that is, based on what conditions) and assess from there if Apache config change is needed or if this is a false positive. Another way could be to have a second opinion using say a Nessus scan. If you dont run Nessus there is a free public service that does Nessus scans but I forgot the URI, shouldnt be hard to find though.
Last edited by unSpawn; 03-12-2006 at 05:39 AM.
|