John Hally wrote: > Hello All, > > can anyone tell me the minimum windows credentials needed for a complete > credentialed scan? I'm guessing that reading the registry is the most > important, but wasn't sure if leveraging one of the built-in windows > accounts is an option. >
Hi John, Being able to read the registry to perform patch audits is a misconception. Many of the Nessus checks require file read access to look inside a variety of files to read their contents. MS Patch audits, checks for anti-virus, checks for ActiveX/Flash installs are file based, not registry based. So having said that, if you don't have admin privileges and you've locked down a computer in a random fashion, you will have a random chance of getting the audit to work. For example, you may have installed an application that limits access to the local files to some new account. If you don't scan with very robust rights, you won't be able to read those files. Ron Gula Tenable Network Security _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
