Please disregard. This has been fixed.
The problem was in the "SSH settings[radio]:Elevate privileges with : =
" setting in the nessusrc file. We had set this to "sudo" when we
upgraded to Nessus 3.2.1 in August; however, the account Nessus uses to
do local security checks has only limited sudo privileges (certain
commands). It has the required "sudo id" privilege that Nessus requires
to check sudo privileges, but apparently does not have sudo privileges
for the commands Nessus uses to do the local security checks.
Un-setting this corrected the problem.
Tenable support, please close ticket #BDM-72854-638 as resolved.
John Scherff
24 Hour Fitness
-----Original Message-----
From: John Scherff
Sent: Monday, October 06, 2008 10:43 AM
To: 'Nessus'
Cc: 'support@tenablesecurity.com'
Subject: LOCAL SECURITY CHECKS
(Re-submitted) Sorry, previous message had a misleading subject line.
Has the method of checking for patches/updates changed for Linux
(specifically Red Hat)? Starting in August, our monthly patch scans
showed a ridiculously low number of vulnerabilities: 1 missing patch
(total) across 140 Linux servers. Our most recent patch scan ran this
past Saturday with the same results, yet running 'up2date --dry-run' on
4 randomly-chosen servers showed between 10 and 12 missing patches on
all four hosts. Most of the patches were released slightly less than
one month ago (since our last maintenance window, which is when we patch
our production systems).
I can send the nessusrc file and/or KB for the sample hosts privately.
John Scherff
24 Hour Fitness
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
The problem was in the "SSH settings[radio]:Elevate privileges with : =
" setting in the nessusrc file. We had set this to "sudo" when we
upgraded to Nessus 3.2.1 in August; however, the account Nessus uses to
do local security checks has only limited sudo privileges (certain
commands). It has the required "sudo id" privilege that Nessus requires
to check sudo privileges, but apparently does not have sudo privileges
for the commands Nessus uses to do the local security checks.
Un-setting this corrected the problem.
Tenable support, please close ticket #BDM-72854-638 as resolved.
John Scherff
24 Hour Fitness
-----Original Message-----
From: John Scherff
Sent: Monday, October 06, 2008 10:43 AM
To: 'Nessus'
Cc: 'support@tenablesecurity.com'
Subject: LOCAL SECURITY CHECKS
(Re-submitted) Sorry, previous message had a misleading subject line.
Has the method of checking for patches/updates changed for Linux
(specifically Red Hat)? Starting in August, our monthly patch scans
showed a ridiculously low number of vulnerabilities: 1 missing patch
(total) across 140 Linux servers. Our most recent patch scan ran this
past Saturday with the same results, yet running 'up2date --dry-run' on
4 randomly-chosen servers showed between 10 and 12 missing patches on
all four hosts. Most of the patches were released slightly less than
one month ago (since our last maintenance window, which is when we patch
our production systems).
I can send the nessusrc file and/or KB for the sample hosts privately.
John Scherff
24 Hour Fitness
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus