Hello Everyone I have a question about the check for the file regini.exe In version # Title: SP 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professional # Version: 0.90 # Profile: FDCC-Desktop # Description: This profile represents guidence outlined in Federal Desktop Core Configuration settings for Desktop systems.
The checks is for "%SystemRoot%\system32\regini.exe" but the report comes out as 5 - %SystemRoot%\system32\regina.exe: Failed ACL(s) to remove: [0]Administrators(1-5-32-544) type: Allow Apply to: "This object only" Inheritance: "not inherited" Permission: "Special" Rights: "list folder / Read data" "write attributes" "read extended attributes" "create files/write data" "delete" "take ownership" "transverse folder / execute file" "delete subfolder and files" "read permissions" "change permissions" "create folders/append data" "red attributes" With the below version # Title: SP 800-68: Guidance for Securing Microsoft Windows XP Systems for IT Professional # Version: 0.90 # Profile: FDCC-Desktop # Description: This profile represents guidence outlined in Federal Desktop Core Configuration # settings for Desktop systems. # # $Revision : 1.2 $ # # $Date : 11/28/07 # the audit file checks "%SystemRoot%\system32\regini.exe" but i'm not getting a pass or fail The first version failed the wrong file "%SystemRoot%\system32\regina.exe: Failed" when it checked for "%SystemRoot%\system32\regini.exe" and the new version doesn't report on it at all. I've verified that the regini.exe file is on the target system and on the system32 directory. best regards --John _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
