Eric,
Since the default account used by Internet Scanner 7.0 is not that of the
logged on user, but rather that of the machine that it is installed upon,
automatic authentication based on your user account is not going to be a factor.
What you would need to do is to add an entry into your KnownAccounts.bin file
using the machinename, username, and password of the account on the target
system and then use SmartScan (Common settings / Windows Logon Session in the
policy). Keep in mind that the logic incorporated into IS7.0 is such that
unless the machinename/domain name matches, the account name/password pair will
not be attempted. Also keep in mind that for SmartScan to function, your
targets lockout policy must be within the parameters set in your policy (same
section mentioned above.) and be sure to enable the "Drop current logon
session" feature so that any currently established connections with the
potential target does not interfere with Scanner connection attempts.
Hope that helps,
-- L²
Lynn E. Lowrie
GO ISS!!
---
"You do not really understand something
unless you can explain it to your grandmother."
- Albert Einstein, 1879 - 1955
---
-----Original Message-----
From: issforum-bounces@atla-mm1.iss.net On Behalf Of Eric Testa
Sent: Wednesday, March 23, 2005 11:56 PM
To: issforum@atla-mm1.iss.net
Subject: [ISSForum] Scanning with administrative rights
I am having trouble scanning and gaining administrator rights on the target
machine.
My set up is as follows:
ISS Internet Scanner 7.0 on a Windows XP machine w/SP1. I am trying to scan
a standalone NT 4.0 SP6a machine that has local user accounts. I have set
up a user account and added the user to the administrator group. The
account that I created on the target machine is identical to the user name
and password that I am logged on to the XP machine running the internet
scanner (not sure if this makes a difference). I have also imputed the user
name and password in the knowaccounts.bin file enabled the smart scan.
Every time I run the scan I run the report and under the column
administrative access is says NO.
What am I doing wrong?
Thanks
Eric
_______________________________________________
ISSForum mailing list
ISSForum@iss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to mod-issforum@iss.net
The ISSForum mailing list is hosted and managed by Internet Security Systems,
6303 Barfield Road, Atlanta, Georgia, USA 30328.
_______________________________________________
ISSForum mailing list
ISSForum@iss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum
To contact the ISSForum Moderator, send email to mod-issforum@iss.net
The ISSForum mailing list is hosted and managed by Internet Security Systems,
6303 Barfield Road, Atlanta, Georgia, USA 30328.
