Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Using GROUP_MEMBERS_POLICY in .audit files

from [Mercer, Jeff C - Raleigh, NC] Network Security [Permanent Link]
Subject: Using GROUP_MEMBERS_POLICY in .audit files
Date: Tue, 6 Nov 2007 11:00:27 -0600 

I'm hoping someone can clarify something about the GROUP_MEMBERS_POLICY
check in Nessus3 .audit files.

From what I read in the documentation, you make a list of users

separated by a pipe sign to specify what members of a given group you
want to check.

What i'm not clear on is if that's a logical AND or logical OR
operation. For example, I might want to make sure the group "foo"
contains members "bob" OR "jane", but not both. Is that possible here?
And similarly, I'd like to have a list of acceptable members for a given
group, but not require they ALL be members. i.e. the Administrators
group may always contain Domain Admins, but may also contain a regional
group depending on its geographic location. I don't want to (and really
can't) implement an audit file for each possible location.

Any suggestions or help would be appreciated. Thanks!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jeff Mercer - USPS CISO - SVA Team
E-mail: jeff.c.mercer@usps.gov
Phone : 919-501-9448 
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Using GROUP_MEMBERS_POLICY in .audit files, Mercer, Jeff C - Raleigh, NC <=
Previous by Date:  Re: What ist the Nessus Script Licence ?, Jan-Oliver Wagner
Next by Date:  Reports: Problem.... solution...., Mike . Vasquez
Previous by Thread:  Re: What ist the Nessus Script Licence ?, Jan-Oliver Wagner
Next by Thread:  Does anyone else run Altiris on their network and use Nessus?, Olson, John (CTECH)
Indexes:  [Date] [Thread] [Top] [All Lists]