On Aug 2, 2005, at 6:05 PM, Jason Haar wrote:
Hi there
Nessus currently has a bunch of rules that check to see if a
particular
AV is installed on a Windows PC, and if it is, whether it's out of
date
or not.
This is really the wrong way around.
It is not a wrong way because you want to know if you antivirus is up
to date too.
In a perfect world you'd want it to
check that an AV is installed, and generate a "security hole" event if
there *isn't*, and a "security warning" if it's out of date.
Has anyone written a nasl that does that? If not, I'll have a go
Yes, but
we can't add a such script to Nessus because not everyone want
antivirus on their systems (yes really).
However you can do a such script easily by looking at
antivirus_installed and adding the following main code at the end:
security_hole (port:port, data:"blablablablalba");
and it will report a security_hole if nav/mcafee/trendmicro is not
installed, else it should report info about your antivirus.
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
