Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. users
.Audit file question
jfvanmeter at comcast
May 3, 2007, 7:48 AM
Post #1 of 6 (4551 views)
Permalink
Hello everyone, my client has a direct feed and I was wondering if there are any preconfiguration audit files, to run a NIST check against a SQL server? if there are, are they downloaded with the plug in feed? or do they need to be downloaded seperately

Thanks

Take Care and Have Fun --John
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: .Audit file question [ In reply to ]
rgula at tenablesecurity
May 3, 2007, 8:13 AM
Post #2 of 6 (4435 views)
Permalink
jfvanmeter@comcast.net wrote:
> Hello everyone, my client has a direct feed and I was wondering if there are any preconfiguration audit files, to run a NIST check against a SQL server? if there are, are they downloaded with the plug in feed? or do they need to be downloaded seperately
>

The current NIST .audit files are available under the Tenable support
portal. There is a blog entry about it here:

http://blog.tenablesecurity.com/2007/04/nist_audit_poli.html

The audit policies are for XP Pro and 2003, not MS SQL. We have not
published any .audit files for MS SQL server auditing yet. NIST has not
published any guidence on hardenign MS SQL through their SCAP program
yet which is listed here:

http://nvd.nist.gov/scap/content.cfm

Ron Gula, CTO
Tenable Network Security

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: .Audit file question [ In reply to ]
jfvanmeter at comcast
May 3, 2007, 8:21 AM
Post #3 of 6 (4427 views)
Permalink
Thank You, I just wanted to check, I've been very busy lately and I was afraid I might have missed them

Thank You
Take Care and Have Fun --John

-------------- Original message ----------------------
From: Ron Gula <rgula@tenablesecurity.com>
> jfvanmeter@comcast.net wrote:
> > Hello everyone, my client has a direct feed and I was wondering if there are
> any preconfiguration audit files, to run a NIST check against a SQL server? if
> there are, are they downloaded with the plug in feed? or do they need to be
> downloaded seperately
> >
>
> The current NIST .audit files are available under the Tenable support
> portal. There is a blog entry about it here:
>
> http://blog.tenablesecurity.com/2007/04/nist_audit_poli.html
>
> The audit policies are for XP Pro and 2003, not MS SQL. We have not
> published any .audit files for MS SQL server auditing yet. NIST has not
> published any guidence on hardenign MS SQL through their SCAP program
> yet which is listed here:
>
> http://nvd.nist.gov/scap/content.cfm
>
> Ron Gula, CTO
> Tenable Network Security
>

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: .audit file question [ In reply to ]
pdavis at tenablesecurity
Oct 6, 2008, 8:16 AM
Post #4 of 6 (4312 views)
Permalink
John,

We don't support registry.pol files with the i2a tool (or any other tool). Depending upon your Windows versions, you may want to look at using
i2a with Security templates or possibly some of our support site audit files as guides..

jfvanmeter@comcast.net wrote:
> Hello every,
>
> I was hoping to use Nessus, and a .audit file to verify wither settings contained in a GPO are being applied.
>
> Most of the settings are contained in the registry.pol file, is there a utility like i2a that will convert the settings in the *.pol file into a .audit file?
>
> --
> "When the legend becomes fact, print the legend."
> _______________________________________________
> Nessus mailing list
> Nessus@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus
>

--
Best Regards,

Paul Davis
Research Engineer
Tenable Network Security Inc
Phone: 410.872.0555 x245
www.tenablesecurity.com

Is your network TENABLE?
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
Re: .audit file question [ In reply to ]
jfvanmeter at comcast
Oct 6, 2008, 9:05 AM
Post #5 of 6 (4298 views)
Permalink
THanks Paul, I

--
"When the legend becomes fact, print the legend."


-------------- Original message ----------------------
From: Paul Davis <pdavis@tenablesecurity.com>
> John,
>
> We don't support registry.pol files with the i2a tool (or any other tool).
> Depending upon your Windows versions, you may want to look at using
> i2a with Security templates or possibly some of our support site audit files as
> guides..
>
> jfvanmeter@comcast.net wrote:
> > Hello every,
> >
> > I was hoping to use Nessus, and a .audit file to verify wither settings
> contained in a GPO are being applied.
> >
> > Most of the settings are contained in the registry.pol file, is there a
> utility like i2a that will convert the settings in the *.pol file into a .audit
> file?
> >
> > --
> > "When the legend becomes fact, print the legend."
> > _______________________________________________
> > Nessus mailing list
> > Nessus@list.nessus.org
> > http://mail.nessus.org/mailman/listinfo/nessus
> >
>
> --
> Best Regards,
>
> Paul Davis
> Research Engineer
> Tenable Network Security Inc
> Phone: 410.872.0555 x245
> www.tenablesecurity.com
>
> Is your network TENABLE?

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
RE: .audit file question [ In reply to ]
JScherff at 24hourfit
Oct 6, 2008, 10:41 AM
Post #6 of 6 (4303 views)
Permalink
Has the method of checking for patches/updates changed for Linux
(specifically Red Hat)? Starting in August, our monthly patch scans
showed a ridiculously low number of vulnerabilities: 1 missing patch
(total) across 140 Linux servers. Our most recent patch scan ran this
past Saturday with the same results, yet running 'up2date --dry-run' on
4 randomly-chosen servers showed between 10 and 12 missing patches on
all four hosts. Most of the patches were released slightly less than
one month ago (since our last maintenance window, which is when we patch
our production systems).

I can send the nessusrc file and/or KB for the sample hosts privately.

John Scherff
24 Hour Fitness

-----Original Message-----
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of
jfvanmeter@comcast.net
Sent: Monday, October 06, 2008 9:06 AM
To: Paul Davis
Cc: Nessus
Subject: Re: .audit file question

THanks Paul, I

--
"When the legend becomes fact, print the legend."


-------------- Original message ----------------------
From: Paul Davis <pdavis@tenablesecurity.com>
> John,
>
> We don't support registry.pol files with the i2a tool (or any other
tool).
> Depending upon your Windows versions, you may want to look at using
> i2a with Security templates or possibly some of our support site audit

> files as guides..
>
> jfvanmeter@comcast.net wrote:
> > Hello every,
> >
> > I was hoping to use Nessus, and a .audit file to verify wither
> > settings
> contained in a GPO are being applied.
> >
> > Most of the settings are contained in the registry.pol file, is
> > there a
> utility like i2a that will convert the settings in the *.pol file into

> a .audit file?
> >
> > --
> > "When the legend becomes fact, print the legend."
> > _______________________________________________
> > Nessus mailing list
> > Nessus@list.nessus.org
> > http://mail.nessus.org/mailman/listinfo/nessus
> >
>
> --
> Best Regards,
>
> Paul Davis
> Research Engineer
> Tenable Network Security Inc
> Phone: 410.872.0555 x245
> www.tenablesecurity.com
>
> Is your network TENABLE?

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal