Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: FDCC Audit FIle Question

from [Mehul] Network Security [Permanent Link]
Subject: RE: FDCC Audit FIle Question
Date: Tue, 27 Nov 2007 15:00:27 -0500 
When I scan the same workstation with Nessus and the 
FDCC_Desktops_v90.audit., I get ten failures.

As an example the file checks 

<item> 
      name: "Deny log on through Terminal Services"
      value: "Guests"
</item>

The report shows the following

"Denied Logon Through Terminal Services" : [FAILED]

Remote value: "guests" | "renamed_guest"
Policy value: "Guests"



As per the FDCC guideline "Deny logon through Terminal Services" should only
be denied to "Guests". The 
FDCC checks within the .audit files are so designed, that they will pass
only if the settings on the remote system are "exactly" the same as
recommended
by the FDCC guideline. We have tested these against Virtual hard disks
published by NIST on the CSRC-FDCC website and can be downloaded from the
link below :

http://fdcc.nist.gov/download_fdcc.html

We have also published the results of our scan on our blog :

http://blog.tenablesecurity.com/2007/09/using-nessus-co.html

 

Is there a way that check can be written to look for "Guests" 
, but not fail if I place addational restrict on other groups 
or users?



Not at this time, but our future version of compliance checks will be able
support this kind of operation. We expect to release it in Q1 next year.

- Mehul

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: FDCC Audit FIle Question, jfvanmeter
Next by Date:  Re: Solaris local checks - installed patches, Louis Lerman
Previous by Thread:  FDCC Audit FIle Question, jfvanmeter
Next by Thread:  RE: FDCC Audit FIle Question, jfvanmeter
Indexes:  [Date] [Thread] [Top] [All Lists]