I would like to run a simple test against a group of systems.
I want to only test for
1. No passwords for ids like root, oracle, mysql, etc.
2. Default userid & passwords
Is there any easy way to tell nessus to JUST do this type of test?
By going to a site like
http://www.cirt.net/cgi-bin/passwd.pl?method=csv
I can get a list of common default user ids and passwords.
I would like nessus to use this list of ids and passwords in its tests.
Is that possible? (with some reformatting I assume)
--
Bill Petersen, CISSP
Senior Information Security Analyst
Alcatel North America Information Security
Bill.Petersen@alcatel.com
Voice: 972-519-4249
Fax: 972-477-5300
I want to only test for
1. No passwords for ids like root, oracle, mysql, etc.
2. Default userid & passwords
Is there any easy way to tell nessus to JUST do this type of test?
By going to a site like
http://www.cirt.net/cgi-bin/passwd.pl?method=csv
I can get a list of common default user ids and passwords.
I would like nessus to use this list of ids and passwords in its tests.
Is that possible? (with some reformatting I assume)
--
Bill Petersen, CISSP
Senior Information Security Analyst
Alcatel North America Information Security
Bill.Petersen@alcatel.com
Voice: 972-519-4249
Fax: 972-477-5300