Nicolas Pouvesle wrote:
Yes, but
we can't add a such script to Nessus because not everyone want
antivirus on their systems (yes really).
There are heaps of other checks that logic could apply to (e.g. the
spyware ones: some people actually want it...). It just means turn it on
or off before running the scan. I'd argue there are heaps of sites that
*assume* all Windows PCs on their network have AV, but can't scan to
prove it.
It certainly raises the issue of what other classes of checks Nessus
might look towards. Such "compliance" checks could really be useful...
However you can do a such script easily by looking at
antivirus_installed and adding the following main code at the end:
security_hole (port:port, data:"blablablablalba");
and it will report a security_hole if nav/mcafee/trendmicro is not
installed, else it should report info about your antivirus.
Hmmm - that sounds promising - I'll have a look. Thanks!
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
