On Tue, Jun 08, 2004 at 03:27:37PM -0400, [EMAIL PROTECTED] wrote:
> We're getting a half a dozen account lockouts each week from a internal
> Nessus scan. We have disabled several plugins that do brute force type
> testing, but haven't found the one doing it yet. Is there a list compiled
> somewhere of plugins that could lock out NetBIOS accounts? Safe Checks is
> NOT enabled. Would that mitigate this? My understanding from the
> description has always been that has to do with relying on banners for
> determining certain vulnerabilities, so that wouldn't effect this. ??
Plugin id #10404 (Windows/SMB log in as users) is typically responsible for
accounts lockouts. You should disable it to avoid this problem.
-- Renaud
_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus
