On Oct 31, 2007, at 5:02 PM, Ng, Kenneth (US) wrote: > Hello, I see that Nessus has the ability to query various Windows > functions if it is provided authentication information. I don't > want to > use the domain administrator account for obvious security reasons.
which ones ?? you can add another account to the administrator group too. > If I > set up a dedicated domain account, what are the bare minimum > permissions > I would need to give it to be able to use Nessus to gather things like > patch information? Administrator account allows you to do file version check, wmi test, and other LSA restricted tests. > Given such permissions, what harm could still be > done if the id were compromised? Same than with any other account ... Nicolas _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
