Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

FDCC Audit FIle Question

from [jfvanmeter] Network Security [Permanent Link]
Subject: FDCC Audit FIle Question
Date: Tue, 27 Nov 2007 18:58:15 +0000 
Hello Everyone, I'm having a some issues with the FDCC Audit File.

I'm using the newest fdcc audit file FDCC_Desktops_v90.audit.

I'm rescanning a XP workstation that was previously  scanned with Secutor Prime 
and that scan reported that the workstation was complint.

When I scan the same workstation with Nessus and the FDCC_Desktops_v90.audit., 
I get ten failures.

As an example the file checks 

<item> 
        name: "Deny log on through Terminal Services"
        value: "Guests"
</item>

The report shows the following

"Denied Logon Through Terminal Services" : [FAILED]

Remote value: "guests" | "renamed_guest"
Policy value: "Guests"

The security policy Denied Logon Through Terminal Services  to the Guests 
group, but I also denied access to the renamed guest account. I don't believe 
this is a true failure, since I meet the criteria for the check, but I'm also 
restricting addational accounts. 

Is there a way that check can be written to look for "Guests" , but not fail if 
I place addational restrict on other groups or users?

Thanks in advanced

Take Care and Have Fun --John


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  multiple false positives, Mihai Petre
Next by Date:  Re: Solaris local checks - installed patches, darko.gavrilovic@utoronto.ca
Previous by Thread:  multiple false positives, Mihai Petre
Next by Thread:  RE: FDCC Audit FIle Question, Mehul
Indexes:  [Date] [Thread] [Top] [All Lists]