Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Local accounts for Nessus to use.

from [Ray Van Dolson] Network Security [Permanent Link]
Subject: Local accounts for Nessus to use.
Date: Fri, 21 Mar 2008 17:20:27 -0700 
Hi all.  Up until now, we've mostly been using Nessus to probe exploits
on a system without using credentialed checks.  I'm wanting to change
that to be able to more effectively enforce certain policies before
allowing machines to be placed on certain parts of our networks.

I'm trying to determine the best way to do this and am interested in
hear from some of you as to what you've found are "best practicies".

The goal is to not only complete an initial scan, but to regularly scan
these hosts once they are deployed.  This means leaving the accounts
that Nessus used on the systems.  I want to do this securely as
possible.

It looks like on the Unix/SSH side I could set up a generic account on
each system and allow authentication with SSH keys.

On the Windows side I'm not quite as sure.

 * Do I need an account with Administrator level access?  Or will a
   Power User do?  Recommendations?  We want to be able to check for
   missing updates, and eventually do Policy Compliance
 * It looks as if I can provide an SMB username and password with
   various hashes.  Perhaps Kerberos as well?

How do you handle your credentialed accounts on deployed systems?
Obviously the risk with a passworded account is that this password gets
out.

Anyways, looking forward to any feedback / advice.  Will be perusing
the archives as well.

Ray
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Altering a plugins Risk Factor, Rathbun, Dan
Next by Date:  Re: Altering a plugins Risk Factor, Ron Gula
Previous by Thread:  Altering a plugins Risk Factor, Rathbun, Dan
Next by Thread:  Re: Local accounts for Nessus to use., Ron Gula
Indexes:  [Date] [Thread] [Top] [All Lists]