Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Scanning Win2k with Nessus

from [Beau Nuanes] Network Security [Permanent Link]
Subject: Re: Scanning Win2k with Nessus
Date: Wed, 17 Jan 2007 07:56:28 -0700 
Please see my answers below.  Thank you.
  _____  

From: George A. Theall [mailto:theall@tenablesecurity.com]
To: nessus@list.nessus.org
Sent: Tue, 16 Jan 2007 17:38:58 -0700
Subject: Re: Scanning Win2k with Nessus

On Tue, Jan 16, 2007 at 03:53:23PM -0700, Beau Nuanes wrote:
  
  > 1)  Installed NessusClient and Nessus on a Fedora Core 6 machine.
  
  Which versions specifically?I am running 3.0.4 for Nessusd and 1.0.2 for 
NessusClient

  
   > 2)  Disabled "Safe Checks" and "Optimize the test" in NessusClient.
  
  Disabling safe checks might lead to crashes -- I'd leave it on unless 
  you're operating in a lab or until you become more familiar with Nessus.At 
this point I am running in a test environment.  When I move to production, and 
after I have become more familiar with Nessus, I will definitely heed your 
advice and enable safe checks.

  
  Are you enabling plugin dependencies when you run the scan?Yes, dependencies 
at runtime are enabled.  Silent dependencies are not.

  
   > 4)  Created a Nessus user on the win2k machines and gave him/her
   > administrative privledges (I'll change this by editing the winreg key
   > once I have this working)
  
  Read Tenable's white paper on configuring Nessus for checks with 
  credentials:
  
     http://www.nessus.org/documentation/nessus_credential_checks.pdf
  
  and pay particular attention to the section on configuring a local 
  account and inheriting guest privileges.This setting is not available on my 
targets, win2k machines.  The user I created is in the Administrators group 
though, which I thought would be sufficient.  Is there an equivalent Security 
option to the one referred to in nessus_credential_checks.pdf for win2k?

  
  > My problem is that it appears that I am not attempting to authenticate 
  > at all.  The Event viewer on the Win2k machines do not even show an 
  > attempted login.  The "Local Checks Failed" plugin is active but does
  > not give me anything in the report.
  
  Since you mention "Local Checks Failed" plugin, I assume you have a 
  registered or direct plugin feed, right?Yes, a registered feed.

  
  What lines associated with that plugin (hostlevel_check_failed.nasl) do 
  you see in nessusd.messages? What port range are you using for your scans?The 
only lines that I see in nessusd.messages associated with that plugin are:

Loading hostlevel_check_failed.nasl

Should I see more information in nessusd.messages?  The port range that I am 
scanning is the default range.  I have not edited nessus-services at all so 
it's the default range "out of the box".

  
  
  George
  -- 
  theall@tenablesecurity.com
  _______________________________________________
  Nessus mailing list
  Nessus@list.nessus.org
  http://mail.nessus.org/mailman/listinfo/nessus
        
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: smb_enum_services.nasl, Crone Willis, Kelly R
Next by Date:  Empty reports vary whether host is in same LAN than Nessus or not, Federico Petronio
Previous by Thread:  Re: Scanning Win2k with Nessus, Nicolas Pouvesle
Next by Thread:  Re: Scanning Win2k with Nessus [SPAM], Beau Nuanes
Indexes:  [Date] [Thread] [Top] [All Lists]