That was a version 1.x flag. What you can do in 2.x is create a user-defined "udb_404_strings" file in the plugins directory. If the 404 check fails to find a 404 based on headers, it will fall back on content and use these strings to identify 404 pages (and if that fails, hashing--which is tough to get right--and probably what your scan is doing now). <br>
<br>Just enter any strings you need, one per line. This file won't be over-written when updates are done.<br><br>This link explains the user databases (although for 404 strings you don't need a unique identifier).<br>
<a href="http://cirt.net/nikto2-docs/ch07s02.html">http://cirt.net/nikto2-docs/ch07s02.html</a><br><br>-Sullo<br><br><br><div class="gmail_quote">On Feb 13, 2008 9:28 AM, J Amuse <<a href="mailto:jamuse@gmail.com">jamuse@gmail.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Wasn't there a -404 option to specify a string for custom file not found error messages once upon a time? I'm using nikto-2.0.2. How do I define custom file not found error messages to reduce the FPs?<br>
<br>_______________________________________________<br>Nikto-discuss mailing list<br><a href="mailto:Nikto-discuss@attrition.org">Nikto-discuss@attrition.org</a><br><a href="https://attrition.org/mailman/listinfo/nikto-discuss" target="_blank">https://attrition.org/mailman/listinfo/nikto-discuss</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><br><a href="http://www.cirt.net">http://www.cirt.net</a> | <a href="http://www.osvdb.org/">http://www.osvdb.org/</a>