I was referring to the local guest user account on the server. If the local guest account is enabled on the server, this plugin flags the issue but the local administrator password being blank doesn't flag an issue. If I disable the local guest account, it will alert me that the local administrator password is blank.
Adam Campbell MIS Department a la mode, inc. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Saturday, April 12, 2008 11:00 AM To: [email protected] Subject: Nessus Digest, Vol 54, Issue 11 Send Nessus mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit http://mail.nessus.org/mailman/listinfo/nessus or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of Nessus digest..." Today's Topics: 1. Administrator and Guest Accounts (Adam Campbell) 2. Re: Administrator and Guest Accounts (George A. Theall) 3. Re: Host identification b/w workstation and server( or internet facing system) (Chak Kevin) ---------------------------------------------------------------------- Message: 1 Date: Fri, 11 Apr 2008 14:22:57 -0500 From: "Adam Campbell" <[EMAIL PROTECTED]> Subject: Administrator and Guest Accounts To: <[email protected]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="us-ascii" I am new to Nessus and am running some basic scans to get a grasp on it. I have two plugins enabled(SMB blank administrator password and SMB guest account for all users) but I am only getting results for one. If I check the log it says "required key missing" on the plugin that didn't run. Here is my targeted server configuration and the nessus output. Blank admin password and guest enabled = Results for SMB guest account for all users Blank admin password and guest disabled = Results for SMB blank administrator password Adam Campbell MIS Department a la mode, inc. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.nessus.org/pipermail/nessus/attachments/20080411/a010136d/at tachment-0001.html ------------------------------ Message: 2 Date: Fri, 11 Apr 2008 20:04:45 -0400 From: "George A. Theall" <[EMAIL PROTECTED]> Subject: Re: Administrator and Guest Accounts To: [email protected] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=WINDOWS-1252; format=flowed; delsp=yes On Apr 11, 2008, at 3:22 PM, Adam Campbell wrote: > I am new to Nessus and am running some basic scans to get a grasp on > it. I have two plugins enabled(SMB blank administrator password and > SMB guest account for all users) but I am only getting results for > one. If I check the log it says ?required key missing? on the > plugin that didn?t run. In the case of these two plugins, you'll see this message in the log if you have optimization turned on and the plugin doesn't report a problem. > Here is my targeted server configuration and the nessus output. > > > Blank admin password and guest enabled = Results for SMB guest > account for all users > Blank admin password and guest disabled = Results for SMB blank > administrator password With the "Guest only" module for local accounts, aren't network logons are automatically mapped to the guest account? How would you be able to determine if a particular local user, such as Administrator, is missing a password in that case? George -- [EMAIL PROTECTED] ------------------------------ Message: 3 Date: Sat, 12 Apr 2008 01:00:38 -1000 From: Chak Kevin <[EMAIL PROTECTED]> Subject: Re: Host identification b/w workstation and server( or internet facing system) To: Nessus Discussion Board <[email protected]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="big5" Thank you Mr. Theall. So, actually, how Nessus perform the particular process after finish loading a plugin? For example, like you said before, they send request to a port. How Nessus do this kind of sending? Which part do this, Nessus or plugin? Thanks~ Kevin Message: 19 Date: Wed, 26 Mar 2008 07:34:10 -0400 From: "George A. Theall" Subject: Re: Host identification b/w workstation and server( or internet facing system) To: [email protected] Message-ID: Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes On Mar 26, 2008, at 4:45 AM, Chak Kevin wrote: > I am trying to understand how Nessus identify a host is a web server > (or internet facing system) or just a regular workstation. Have this > identification been implemented in the source code? Or Nessus do > this by using some specific plugins? Service detection isn't as black and white as this -- a host isn't identified as being a web server or workstation. Instead, Nessus attempts to identify the services running on the various ports(s) being scanned so in theory it will catch the web server running along with MySQL, SSH, and SMTP. Nessus uses plugins for this. Some such as #10330, #17975, and #11153 are fairly general - they send a request to a port and make a determination based on the banner or the results returned. Others are specific to a single application / protocol. _________________________________________________________________ 5 GB ???? ????????????????? ? ???? Windows Live Hotmail http://mail.live.com ------------------------------ _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus End of Nessus Digest, Vol 54, Issue 11 ************************************** _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
