Thank you Paul
________________________________
From: nessus-bounces@list.nessus.org on behalf of Paul Davis
Sent: Fri 10/10/2008 12:58 PM
To: jfvanmeter@comcast.net
Cc: Nessus
Subject: Re: .audit code question
John,
While the description field can be quite long, for readability purposes, the best way to handle long description fields is to take advantage of
"INFO" tags:
e.g.
info: "CCE-1543 - Excel 2007"
info: "Test of HKCU\Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock\HtmlandXmlssFiles"
info: "Policy DWORD value should be 1"
This allows you to add multiple lines of descriptive text if needed.
I hope this helps!
Paul
jfvanmeter@comcast.net wrote:
> Is there a length limit to the description field?
>
> --
> "When the legend becomes fact, print the legend."
>
>
> -------------- Original message ----------------------
> From: jfvanmeter@comcast.net
>> Thanks Paul, the settings are defined under hkcu so I'm stuck quering that path.
>>
>> --
>> "When the legend becomes fact, print the legend."
>>
>>
>> -------------- Original message ----------------------
>> From: Paul Davis <pdavis@tenablesecurity.com>
>>> John,
>>>
>>> The syntax looks fine at a glance, however, it usually makes sense to query
>> from
>>> HKLM and not HKCU whenever possible because of the transient
>>> nature of HKCU.
>>>
>>> jfvanmeter@comcast.net wrote:
>>>> Hello Everyone, does anyone see anything wrong with the below or anything
>> that
>>> I should add.
>>>> I just want the test to check the regkey and pass it the value_data matches
>> or
>>> fail it it doesn't.
>>>> <custom_item>
>>>> type: REGISTRY_SETTING
>>>> description: "CCE-1543 - Excel 2007 - Enable Block opening of Html and
>> Xmlss
>>> files types"
>>>> value_type: POLICY_DWORD
>>>> value_data: "1"
>>>> reg_key:
>>> "HKCU\Software\Policies\Microsoft\Office\12.0\Excel\Security\FileOpenBlock\"
>>>> reg_item: "HtmlandXmlssFiles"
>>>> </item>
>>>>
>>>> Thanks --John
>>>> --
>>>> "When the legend becomes fact, print the legend."
>>>> _______________________________________________
>>>> Nessus mailing list
>>>> Nessus@list.nessus.org
>>>> http://mail.nessus.org/mailman/listinfo/nessus
>>>>
>>> --
>>> Best Regards,
>>>
>>> Paul Davis
>>> Research Engineer
>>> Tenable Network Security Inc
>>> Phone: 410.872.0555 x245
>>> www.tenablesecurity.com
>>>
>>> Is your network TENABLE?
>> _______________________________________________
>> Nessus mailing list
>> Nessus@list.nessus.org
>> http://mail.nessus.org/mailman/listinfo/nessus
>
>
--
Best Regards,
Paul Davis
Research Engineer
Tenable Network Security Inc
Phone: 410.872.0555 x245
www.tenablesecurity.com
Is your network TENABLE?
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus