All, I was curious if anyone has developed a set of NASL Scripts to review the Windows local (and domain) security policy settings of workstations, member servers and domain servers.
If so, can anyone share these with me? If these are available for a reasonable cost, can anyone point me to a vendor/solution (not a product to replace or augment Nessus, but a set of scripts that can be customized to meet the baseline security policy that a company may have defined as part of its security policies). I requested that Microsoft provide this capability as part of a future MBSA release, but until this is available, we would like to use Nessus to perform these types of checks (using our internal security policies as a baseline). We use the Center for Internet Security Tools to perform this type of security policy compliance checks, but CIS must be run locally on the target and we would like to incorporate this as part of our corporate Nessus scans. Any assistance in this matter is greatly appreciated. Rafael Rosado, CISSP, CISA IT Security Manager Lucent Technologies IT Infrastructure - Network Design 2400 SW 145th Avenue Miramar, Florida 33027 Office: 954-885-2176 Facsimile: 954-885-3861 Email: [EMAIL PROTECTED] This electronic mail message contains information belonging to Lucent Technologies, which may be confidential and/or legal privileged. The information is intended only for the use of the individual or entity named above. If you are not the intended recipient, you are hereby notified that any disclosure, printing, copying, distribution, or the taking of any action in reliance on the contents of this electronically mailed information is strictly prohibited. If you receive this message in error, please immediately notify us by electronic mail and delete this message. _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
