Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Plugin Dependency Not Working...

from [Perry LIM] Network Security [Permanent Link]
Subject: RE: Plugin Dependency Not Working...
Date: Thu, 11 Jan 2007 17:51:22 -0800 
We seem to be experiencing a similiar problem when scanning Windows XP,
2000 and 2003 systems. We have noticed plugin 10400 is showing the
following:
 
Synopsis :
 
Access the remote Windows Registry.
 
Description :
 
It was not possible to connect to PIPE\winreg on the remote host.
If you intend to use Nessus to perform registry-based checks, the
registry checks will not work because the 'Remote Registry Access'
service (winreg) has been disabled on the remote host or can not be
connected to with the supplied credentials.
 
As a result the patch status is not being reported correctly. Everything
was fine on the Wednesday January 10 2006 @ 13:40 PST.
 
The problem seems to occur after the latest daily plugin download at
January 11 2006 1:00 PST. Yesterday we were able to access the registry
to complete local security checks. We've checked the account the used to
logon to the systems and it is functioning correctly.
 
No changes were made on the system itself which has the following
configuration:
 
Information about this scan : 
 
Nessus version : 3.0.4
Plugin feed version : 200701111215
Type of plugin feed : Direct
 
On Redhat ES 4 with the latest updates
 
 
Thanks
 
Perry
 
 
 

  _____  

From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of Lad, Amit
Sent: Thursday, January 11, 2007 2:40 PM
To: nessus@list.nessus.org
Subject: Plugin Dependency Not Working...



Situation:  I ran a full scan on my servers for the 3 latest
vulnerabilities that came out this week.  Everything works and looks
fine.  Today when I re-ran the exact same scans/sessions, the scans are
not detecting any holes/warnings.  I cross-checked some systems and the
system shows that the patch has not been applied, but Nessus doesn't
even recognize it.

 

Troubleshooting:  Verified hosts, login configurations, plugins,
descriptions.  Also created a brand new session for one server for one
specific plugin to look for that I know has not been applied to that
system, and nothing.  No results.

I have also tried re-running the previous month's vulnerabilities on
systems that were not patched for last month for business reasons, and
those are coming up blank as well.  It is detecting open port and
informational warnings fine and is reporting those.

 

Possible Causes?: Well Microsoft did announce a minor revision in their
MS07-004 today, but that was just stating that a restart was not
required to apply this patch.

 

Any ideas on why Nessus is not detecting the vulnerabilities anymore?

 

 


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Plugin Dependency Not Working..., Lad, Amit
Next by Date:  Re: Resuming Scans, George A. Theall
Previous by Thread:  Re: Plugin Dependency Not Working..., George A. Theall
Next by Thread:  Re: Plugin Dependency Not Working..., Renaud Deraison
Indexes:  [Date] [Thread] [Top] [All Lists]