Hi David, Nessus 3 has a feature where you can specify to not log into a system with user accounts not specified in the credentials. This is under the 'Global Variable Settings' tab. Some Nessus plugins try various combinations of user/pass as a security audit. With this setting
Ron Gula, CTO Tenable Network Security Jones, David H wrote: > I'm having an issue with Nessus locking out root accounts on AIX servers. My > config seems like this shouldn't be happening: Safe Checks are enabled. The > following plugin families are disabled: "Default Unix Accounts" - "Gain a > shell remotely" - "Gain root remotely". > > I have also taken the "root" username out of the "SSH user name" field in the > "Credentials" section. > > According to the server admin that's complaining, these lockouts appear to be > coming from SSH connections. > > I have no idea which further plugins to disable, or what config changes to > make. Any assistance would be greatly appreciated. > > FYI: > nessus -v > nessus (Nessus) 3.2.1 for Linux > > (C) 1998 - 2008 Tenable Network Security, Inc. > SSL used for client - server communication > > > Thanks! > > David Jones > Principal Financial Group > I/S Information Security > 711 High Street > Des Moines, IA 50392-0257 > > Email: jones.davi...@principal.com > Phone: 515.362.2224 > > > > -----Message Disclaimer----- > > This e-mail message is intended only for the use of the individual or > entity to which it is addressed, and may contain information that is > privileged, confidential and exempt from disclosure under applicable law. > If you are not the intended recipient, any dissemination, distribution or > copying of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by > reply email to conn...@principal.com and delete or destroy all copies of > the original message and attachments thereto. Email sent to or from the > Principal Financial Group or any of its member companies may be retained > as required by law or regulation. > > Nothing in this message is intended to constitute an Electronic signature > for purposes of the Uniform Electronic Transactions Act (UETA) or the > Electronic Signatures in Global and National Commerce Act ("E-Sign") > unless a specific statement to the contrary is included in this message. > > While this communication may be used to promote or market a transaction > or an idea that is discussed in the publication, it is intended to provide > general information about the subject matter covered and is provided with > the understanding that The Principal is not rendering legal, accounting, > or tax advice. It is not a marketed opinion and may not be used to avoid > penalties under the Internal Revenue Code. You should consult with > appropriate counsel or other advisors on all matters pertaining to legal, > tax, or accounting obligations and requirements. > > _______________________________________________ > Nessus mailing list > Nessus@list.nessus.org > http://mail.nessus.org/mailman/listinfo/nessus > _______________________________________________ Nessus mailing list Nessus@list.nessus.org http://mail.nessus.org/mailman/listinfo/nessus