Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security ISSForum
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISSForum] Checking for non-viable Admin Accounts in Inet Scanner

from [Dan Widger] Network Security [Permanent Link]
Subject: [ISSForum] Checking for non-viable Admin Accounts in Inet Scanner
Date: Tue, 30 Nov 2004 14:55:30 -0600 
In the Internet Scanner product, there is a significant dependency in
Windows environments on having an Admin account, in order to gain full
access to the windows host.  

 

In my experience, an admin account is used that has rights to all hosts
that are being scanned, and these are scanned every night.

 

What I've observed is that is the domain admin account has been locked
out, or even is it is within the 7 day window where the user is prompted
if they are going to chance the password, then the account used for
scanning is not granted access to the hosts, and therefore the scanner
can't access the full hosts.  Effectively, the scanner is prevented
from produce a viable report of the vulnerabilities because it didn't
have access to the host.  

 

Has anybody identified this before?  Has anyone identified a mechanism
where the scanner admin is notified that the scan wouldn't have accurate
vulnerability data, because it didn't have access to the windows host?

 

I'm looking for any insights, tools, work-arounds, and procedural
accommodations that would address this issue of having scans that have
incomplete data, because the account used to scan didn't have access.

 

Dan Widger

Security Engr

_______________________________________________
ISSForum mailing list
ISSForum@iss.net

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to 
https://atla-mm1.iss.net/mailman/listinfo/issforum

To contact the ISSForum Moderator, send email to mod-issforum@iss.net

The ISSForum mailing list is hosted and managed by Internet Security Systems, 
6303 Barfield Road, Atlanta, Georgia, USA 30328.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISSForum] Checking for non-viable Admin Accounts in Inet Scanner, Dan Widger <=
Previous by Date:  [ISSForum] Diffs on InetScanner in SiteProtector, Dan Widger
Next by Date:  [ISSForum] Security of the SP server, Freese, Kai
Previous by Thread:  [ISSForum] Diffs on InetScanner in SiteProtector, Dan Widger
Next by Thread:  [ISSForum] Security of the SP server, Freese, Kai
Indexes:  [Date] [Thread] [Top] [All Lists]