Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Unable to scan with Nessus when hosts have FDCC implemented

from [Albert R. Campa] Network Security [Permanent Link]
Subject: Re: Unable to scan with Nessus when hosts have FDCC implemented
Date: Wed, 30 Jul 2008 10:04:23 -0500 
What specific changes do you have to undo?

All you should need is an exception put in the desktop firewall for
your Nessus scanner and use admin credentials for the scan.

Correct?

Saludos

Albert

On Wed, Jul 30, 2008 at 9:11 AM, Discini, Sonny
<Sonny.Discini@montgomerycountymd.gov> wrote:

It would be helpful for folks to know what FDCC is before continuing.
Federal Desktop Core Configuration:

The FDCC, an OMB (U.S. Office of Management and Budget) mandate, requires
that all Federal Agencies standardize the configuration of approximately 300
settings on each of their Windows XP and Vista Computer. The reason for this
standardization is to strengthen Federal IT security by reducing
opportunities for hackers to access and exploit government computer systems.

Yes, I have had the same result when scanning hosts that had the FDCC
policies applied. It's a double-edged sword. If you want to scan these
hosts, you have to undo some of the FDCC changes, which then move the hosts
out of compliance.

Sonny Discini, Senior Network Security Engineer
Office of the CIO
Department of Technology Services
Montgomery County Government





-----Original Message-----
From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org]
On Behalf Of Puerto, Richard (IG/A/ITSA)
Sent: Wednesday, July 30, 2008 8:14 AM
To: nessus@list.nessus.org
Subject: Unable to scan with Nessus when hosts have FDCC implemented

Hello All,

We have come across a site the we were auditing and conducting network
vulnerability scans, and the Nessus report came up empty. We figured out
that it was due to having FDCC implemented and the Nesssus scanner was
unable to access the machine. It would detect the host being there but not
able to access any of the host's ports.

Any one else encounter this and has found a solution?



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus





-- 

__________________________________
Albert R. Campa
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Unable to scan with Nessus when hosts have FDCC implemented, Discini, Sonny
Next by Date:  RE: Unable to scan with Nessus when hosts have FDCC implemented, jfvanmeter
Previous by Thread:  RE: Unable to scan with Nessus when hosts have FDCC implemented, Discini, Sonny
Next by Thread:  RE: Unable to scan with Nessus when hosts have FDCC implemented, Discini, Sonny
Indexes:  [Date] [Thread] [Top] [All Lists]