Open boisletterink opened 8 years ago
This is as intended, we care about the security of HTTP hosts, if it's running FTP it only increases the probability of having a problem, we're not investigating FTP in itself.
The scope was increased to also include FTP and other protocols (by the customer, part of the way through the assignment). We need to make the scope change (and its effects) clear in the final report..
What you are doing then is you're evaluating hosts as if you have hosts that only contain FTP and hosts that only contain HTTP, this says nothing about the security of the host in total. You can consider a host and then you can look at the service on that host to be able to say something about security...
The scanner currently determines an appropriate sample size for a 90% confidence interval with a 5% error margin, but only applies this to the population of HTTP servers. This same population is also scanned for FTP, SMTP etc., which the selected hosts may not be running at all.
This means that the effective number of version information samples for protocols other than HTTP is lower than the required sample size.