RE: [ISSForum] Internet Scanner 7.0

[Epperson, Michael]

Title: [ISSForum] Internet Scanner 7.0

Adam,   From the way that the internet scanner is initially designed performing the scan as an administrator to the remote machine or Domain Admin should not have any real effect on the scan at all.  Since the Internet Scanner is designed to be a remote vulnerability and service scanner typically you would not have admin access to the remote box.  ISS does have a product, System Scanner, that will get into the machine and provide the information you are looking for reliably but it does not integrate with Fusion.  Also, for the scan information to be imported into Fusion/Site Protector you are required to run the scans from the SP console (found this in an obscure doc in the knowledge base).  Also, when appling XPU's to the scanner they should be applied from the SP console and not the local console to the scanner.  If they are applied from the local console the SP console will never register the XPU's as being installed.   Michael Epperson FishNet Security         -----Original Message----- From: Adam Dyer [mailto:[EMAIL PROTECTED] Sent: Wed 11/5/2003 12:22 PM To: [EMAIL PROTECTED] Cc: Subject: [ISSForum] Internet Scanner 7.0 Has anyone else had problems running scans as an administrator with Internet Scanner 7?  We have been trying to use it to feed fusion so we can eliminate many of the events we see as being harmless. Right now when we scan with admin vs. when we scan without we aren't really seeing an added value.  Approx. 70% of the checks come back indeterminate with admin privileges and 85% without admin.  We have tried both as a domain administrator and a local administrator with the same results.  Internet Scanner is also not always able to determine the operating system accurately, even with domain administrator privileges. Is anybody else experiencing problems such as this, and if so, what have you done to decrease the number of indeterminates found? Thanks, Pipes _________________________________________________________________ Compare high-speed Internet plans, starting at $26.95.  https://broadband.msn.com (Prices may vary by service area.) _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo The information transmitted in this e-mail is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication in error, please contact us immediately at 816.421.6611, and delete the communication from any computer or network system. _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo