Hello Everyone, I have a questions about Nessuses ability to scan a Vista Workstation, with the FDCC V1.0 Q3 2008 Vista Security Settings Group Policy applied. The settings I would like to talk about is under Security Options \ Run all Administrators in Admin Approvel Mode that is enabled in FDCC V1.0 Q3 2008 Vista Security Settings Group Policy . The target workstation is a member of a domain, I ran a remote Nessus scan of my Vista workstation, the scan was ran with a domain account.
WIth the Run all Administrators in Admin Approvel Mode enabled, Nessus report that It was able to remotely connect to the Windows registry. The only FDCC Group Policy being applied to the target is FDCC V1.0 Q3 2008 Vista Security Settings. CCE-4907-2 requests that Run all Administrators in Admin Approvel Mode to be enabled. This setting restrict admin account so that it doesn't have full admin rights. Locally you can run a admin task by right clicking on the program selecting Run as administrators, then selecting allow. Remotely, the Nessus scan reported that it didn't have access to the registry and I believe this is due to the User Access Control in Vista restricting admin priveleges. Does Tenable have any plans of action to deal with this? Thank You for the information --John -- "When the legend becomes fact, print the legend." _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
