Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Scanning Win2k with Nessus

from [George A. Theall] Network Security [Permanent Link]
Subject: Re: Scanning Win2k with Nessus
Date: Tue, 16 Jan 2007 19:38:58 -0500 
On Tue, Jan 16, 2007 at 03:53:23PM -0700, Beau Nuanes wrote:

1) Installed NessusClient and Nessus on a Fedora Core 6 machine. 

Which versions specifically?

> 2)  Disabled "Safe Checks" and "Optimize the test" in NessusClient.

Disabling safe checks might lead to crashes -- I'd leave it on unless you're operating in a lab or until you become more familiar with Nessus.

Are you enabling plugin dependencies when you run the scan?

> 4)  Created a Nessus user on the win2k machines and gave him/her
> administrative privledges (I'll change this by editing the winreg key
> once I have this working)

Read Tenable's white paper on configuring Nessus for checks with credentials:

  http://www.nessus.org/documentation/nessus_credential_checks.pdf

and pay particular attention to the section on configuring a local account and inheriting guest privileges.

My problem is that it appears that I am not attempting to authenticate at all. The Event viewer on the Win2k machines do not even show an attempted login. The "Local Checks Failed" plugin is active but does
not give me anything in the report.

Since you mention "Local Checks Failed" plugin, I assume you have a registered or direct plugin feed, right?

What lines associated with that plugin (hostlevel_check_failed.nasl) do you see in nessusd.messages? What port range are you using for your scans?


George
--
theall@tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Scanning Win2k with Nessus [SPAM], Beau Nuanes
Next by Date:  RE: SSH Credentials problem, John Scherff
Previous by Thread:  Scanning Win2k with Nessus, Beau Nuanes
Next by Thread:  Re: Scanning Win2k with Nessus, Nicolas Pouvesle
Indexes:  [Date] [Thread] [Top] [All Lists]