I just got my Qualys TA to start pulling the full KB down, but now I see it uses HTML in several of the fields. What's the best way to display this to my end users? Here's an example. I've seen the answer here that proposes using Sideview. I might look into that, but I was hoping for a more straightforward method. Anyone have any ideas?
Patch -<BR> There are no vendor-supplied patches available at this time. <P> Workaround:<br/> - Server-specific recommendations can be found <A HREF='https://community.qualys.com/blogs/securitylabs/2011/11/02/how-to-protect-against-slow-http-attacks' TARGET='_blank'>here</A>.<P> - Countermeasures for Apache are described <A HREF='http://httpd.apache.org/docs/trunk/misc/security_tips.html#dos' TARGET='_blank'>here</A>.<P> - Reverse proxies, load balancers and iptables can help to prevent this attack from occurring.<P> - Adjusting the <A HREF='http://httpd.apache.org/docs/2.2/mod/core.html#timeout' TARGET='_blank'>TimeOut Directive</A> can also prevent this attack from occurring.<P> - A new module <A HREF='http://httpd.apache.org/docs/2.2/mod/mod_reqtimeout.html' TARGET='_blank'>mod_reqtimeout</A> has been introduced since Apache 2.2.15 to provide tools for mitigation against these forms of attack. <P> Also refer to <A HREF='http://www.cert.org/blogs/certcc/2009/07/slowloris_vs_your_webserver.html' TARGET='_blank'>Cert Blog</A> and <A HREF='http://bedagainstthewall.blogspot.com/2011/01/slowloris-and-mitigations-for-apache.html' TARGET='_blank'>Slowloris and Mitigations for Apache document</A> for further information.