John Hally wrote: > Thanks Mr Gula. > > So in essence, use administrative rights where ever possible, correct? > What do you see configured most often? A 'scanner' user in the admin > group?
Not being tongue-in-check, I really think you should test your systems and understand what the results from Nessus mean. We've seen a lot of issues on the CIS and FDCC side of the house where someone wasn't auditing with enough credentials and as they tighten up a system, they can't perform the same audits. Creating an admin equivalent scanner user is a technique I see used quite a bit. Perhaps calling the account 'audit' would be more descriptive as scanner might be mis-interpreted as an anti-virus scanner. Ron Gula Tenable Network Security _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
