Mailing List Archive

Windows Compliance settings
Don't know if this is the proper way to ask this but I'm in the process of
trying to convince MGMT to utilize nessus Windows compliance .audit file
to run against our workstations. It's worse than trying to bra train a
little girl.

Anyway I'm looking at the .audit file and one entry looks like the

description: "PCI 2.2.2 Disable all unnecessary and insecure services and
protocols, Service Alerter Disabled"
value_type: SERVICE_SET
value_data: "Disabled"
service_name: "Alerter"
svc_option: CAN_BE_NULL

description: "PCI 8.5.9 Change user passwords at least every 90 days"
value_type: TIME_DAY
value_data: [MIN..90]
password_policy: MAXIMUM_PASSWORD_AGE

I'd like to include a policy to check to determine if the screen saver is
set to over 5 minutes. This might be several <custom_items> one to check
to see if the screen saver is running and the other to determine if it's
set to less than 15 minutes. I know this would probably be found in the
system registry but I'm really not sure what or how these audit files work
against windows machines.

I'd like to set up a few of my own tests to determine a variety of
settings but what am I looking for and if say the PASSWORD_POLICY is not
in the registry (which is is not; under that name) where does it look for
this information?


Frank Kenisky IV, CISSP, CISA, CISM
Information Technical Security Specialist
(210) 301-6433 - (210) 887-6985