Quote:
Originally Posted by vishalsamyal
m new user and was not sure.
|
When you find yourself in the company of an international audience please write English like it was meant to like "
I am a new user" and not use IM-speek. Next to that being new or (feigning) ignorance are no valid reasons for cross-posting as you agreed to play by our rules: the
LQ Rules when you signed up for the account.
Quote:
Originally Posted by vishalsamyal
(..) when I scan my websites there are some Vulnerabilities Issue.. Like following are the few example
|
You didn't:
- include the reason for scanning (not required but its good to know if you go for regulatory compliance, etc)
- include the product used for scanning,
- the scan type or plugin Id,
- its complete description,
- any risk or severity the scanner assigned the scan result,
- any solution(s) suggested by the tool,
- any scan details,
* and I doubt you investigated what the scan actually does or have read the related material (if any).
While OS identification may help an attacker to select OS-specific attacks, the majority of web-based attacks these days are caused by running obsolete software versions in the web stack, lack of preventive measures and proper system and service hardening.