What specific changes do you have to undo? All you should need is an exception put in the desktop firewall for your Nessus scanner and use admin credentials for the scan.
Correct? Saludos Albert On Wed, Jul 30, 2008 at 9:11 AM, Discini, Sonny <[EMAIL PROTECTED]> wrote: > It would be helpful for folks to know what FDCC is before continuing. > Federal Desktop Core Configuration: > > The FDCC, an OMB (U.S. Office of Management and Budget) mandate, requires > that all Federal Agencies standardize the configuration of approximately 300 > settings on each of their Windows XP and Vista Computer. The reason for this > standardization is to strengthen Federal IT security by reducing > opportunities for hackers to access and exploit government computer systems. > > Yes, I have had the same result when scanning hosts that had the FDCC > policies applied. It's a double-edged sword. If you want to scan these > hosts, you have to undo some of the FDCC changes, which then move the hosts > out of compliance. > > Sonny Discini, Senior Network Security Engineer > Office of the CIO > Department of Technology Services > Montgomery County Government > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Puerto, Richard (IG/A/ITSA) > Sent: Wednesday, July 30, 2008 8:14 AM > To: [email protected] > Subject: Unable to scan with Nessus when hosts have FDCC implemented > > Hello All, > > We have come across a site the we were auditing and conducting network > vulnerability scans, and the Nessus report came up empty. We figured out > that it was due to having FDCC implemented and the Nesssus scanner was > unable to access the machine. It would detect the host being there but not > able to access any of the host's ports. > > Any one else encounter this and has found a solution? > > > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > -- __________________________________ Albert R. Campa _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
