Hi there
We recently acquired a company and used Nessus to do an initial
vulnerability assessment - to ensure the site is in good shape. It
failed to discover much at all - even thought it ran with Domain Admin
privs.
Ends up none of their PCs have either WMI or Remote Registry services
enabled - which these days knocks 99% of nessus's checks on the head?
Now I know the Nessus docs say that these services have to be enabled,
but that means AD Policies, and for smaller sites that's actually a bit
difficult ("AD policies? What does 'AD' stand for?").
Could Nessus look at the option of attempting to remotely start those
services if they are not running? Easier said than done I know, but it
never hurts to ask. The reality is that we used to have (>1 year ago)
great success at running Nessus against such sites with nothing but
Domain Admin privs, but these days that doesn't appear to be enough.
Thanks
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
We recently acquired a company and used Nessus to do an initial
vulnerability assessment - to ensure the site is in good shape. It
failed to discover much at all - even thought it ran with Domain Admin
privs.
Ends up none of their PCs have either WMI or Remote Registry services
enabled - which these days knocks 99% of nessus's checks on the head?
Now I know the Nessus docs say that these services have to be enabled,
but that means AD Policies, and for smaller sites that's actually a bit
difficult ("AD policies? What does 'AD' stand for?").
Could Nessus look at the option of attempting to remotely start those
services if they are not running? Easier said than done I know, but it
never hurts to ask. The reality is that we used to have (>1 year ago)
great success at running Nessus against such sites with nothing but
Domain Admin privs, but these days that doesn't appear to be enough.
Thanks
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus