On Oct 7, 2007, at 5:27 PM, Klun, Jim wrote: > > I do an automated light nessus scan on all our VPN users as they enter > private space. > > I cannot rely on having credentials to the user's machine. > > MS06-040 plugin 21294 has been my test for the last year for users who > are likely not-doing auto-updates - and it has proved a reliable test. > > The test works and invariably they do not have any form of automated > patching. > > I am looking for a more current ( 2007 would be nice ;-) ) Microsoft > vuln plugin that achieves the same - without requiring credentials. > > Any suggestions?
Doing a Nessus plugin for an anonymous remote check requires mostly 2 things : 1) a remote vulnerability (through the network); 2) a possibility to test the flaw without damage. Since ms06-040 there were only 3 remote flaws (network) in Windows : - Active Directory (plugin 25699 for windows 2000) - .NET Framework (plugin 25700) - DNS RPC We found a way to test the first 2 issues but not the last one (except by crashing the service). Regards, Nicolas _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
