Thanks for the answer. Just wondering, though: assuming other scanning tools also fail to pick up on Windows95, downgrading might be a good security move as it will prevent you from being found by the baddies :-)
Regards, Riemer Brouwer, MBA CISA CISM CISSP ISSMP IT Audit Manager American University of Beirut Tel. +961-1-340460 / 350000, ext. 2353 P.O. Box 11-0236 / Internal Audit Dept. Beirut, Lebanon www.aub.edu.lb ----- Original Message ----- From: "Ron Gula" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Thursday, March 13, 2008 3:02 PM Subject: Re: Nessus: no vulns in Windows95? > Hi Riemer, > > Windows 95 is certainly not a platform that we give as much attention > to as XP, 2003 or Vista. And there is no support in 95 to give Nessus > credentials to do a patch audit either. If you loaded some sort of > application on top of Windows 95, Nessus will audit that as well. > > If you have OS fingerprint issues detecting Windows 95, it could be > a few things, but often when anyone mentions VMWare, I suspect issues > attempting scanning across a NAT interface. If you'd like to submit > your fingerprints from scanning, please consider the below blog > entry and then mailing your signatures to [EMAIL PROTECTED] > > http://blog.tenablesecurity.com/2007/05/enhanced_operat.html > > I'd also suggest you rescan with thorough checks enabled and perhaps > with more targeted ports. > > Ron Gula > Tenable Network Security > > Riemer Brouwer wrote: >> Dear list, >> >> The other day I ran Nessus against an original Windows95 distribution >> (without any patches, updates or service packs installed) running on >> VMWare. Surprisingly enough, it didn't find any weakness, just 1 open >> port (139) and 6 notes. Also, it recognized the operating system wrongly >> as a Windows NT4. >> >> Could it be Nessus does not (or has stopped) scanning for weaknesses in >> Windows 95, or am I doing something wrong? If the first, then starting >> what Windows version, Nessus can be used? >> >> Thanks, >> >> Riemer Brouwer, MBA CISA CISM CISSP ISSMP >> IT Audit Manager >> American University of Beirut >> >> Tel. +961-1-340460 / 350000, ext. 2353 >> P.O. Box 11-0236 / Internal Audit Dept. >> Beirut, Lebanon >> www.aub.edu.lb >> > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
