I'm not sure about Win2k3, but with WinXP, if the admin password is blank, then that account doesn't work. If you have a password for the account, then you should be able to access or scan the machine remotely, based on default policies.
Hart, Lee Anne (AHRQ/IOD) wrote: > Thanks for the help! Is this documented somewhere? I'd been googling for > solutions before I posted a questions here. > > Thanks again! > Lee Anne > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Jim Kelly > Sent: Wednesday, March 04, 2009 12:46 PM > To: [email protected] > Subject: Re: Nessus Digest, Vol 65, Issue 1 > > WinXP and win2k3 won't let you authenticate with local admin over a > network. > > Jk > > Sent from Jim's iPhone > > On Mar 4, 2009, at 12:00 PM, "[email protected]" > <[email protected] > > wrote: > >> Send Nessus mailing list submissions to >> [email protected] >> >> To subscribe or unsubscribe via the World Wide Web, visit >> http://mail.nessus.org/mailman/listinfo/nessus >> or, via email, send a message with subject or body 'help' to >> [email protected] >> >> You can reach the person managing the list at >> [email protected] >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of Nessus digest..." >> >> >> Today's Topics: >> >> 1. RE: Unable to get Nessus to run local checks on Windows >> servers (Jones, David H) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Tue, 3 Mar 2009 11:07:48 -0600 >> From: "Jones, David H" <[email protected]> >> Subject: RE: Unable to get Nessus to run local checks on Windows >> servers >> To: "Hart, Lee Anne (AHRQ/IOD)" <[email protected]>, >> "[email protected]" <[email protected]> >> Message-ID: >> > <18e3472326219848899e4980bfe573b32b820...@pfgdsmmbx001.principalusa.corp > .principal.com >> Content-Type: text/plain; charset="us-ascii" >> >> Some time near the end of 2008, it seems that Microsoft "patched" >> something that changed the behavior of SMB access to remote >> registries. The team that handles Windows/AD at the company I'm at >> spent about a week trying to figure out what the issue was. We also >> used to use a local admin account and connect remotely to servers, >> but it no longer works. It seems that in an AD environment, one >> must use an AD account to access remote registries. >> >> We eventually moved down the path of having a domain account created >> for nessus to use, and when a scan is needed, a server admin will >> drop the AD account in to the local admin group. This solved our >> access/scanning issue, but it doesn't make ad-hoc scanning any >> easier. However, it was a suitable compromise between complete >> failure, and a full admin level AD account. >> >> There's more info out there in the exact technical details, but I >> dealt with this last several months ago, and all that info has >> fallen out of RAM. >> >> Hope that helps at least. >> >> >> >> >> David Jones >> Principal Financial Group >> I/S Information Security >> 711 High Street >> Des Moines, IA 50392-0257 >> >> Email: [email protected] >> Phone: 515.362.2224 >> >> -----Original Message----- >> From: [email protected] > [mailto:[email protected] >> ] On Behalf Of Hart, Lee Anne (AHRQ/IOD) >> Sent: Thursday, February 19, 2009 10:00 AM >> To: [email protected] >> Subject: Unable to get Nessus to run local checks on Windows servers >> >> Hello, >> >> >> >> I'm having trouble determining why the SMB credentials I've >> configured are not able to login and run the local checks on our >> Windows 2003 SP 2 servers. I can login using the same credentials >> over remote desktop but the Nessus scans gets locked out. I have >> ensured the user name and password is correct and that the account >> is part of the local admin group. We do not control the domain so I >> cannot get a domain account. Will a local admin account work? >> >> >> >> Thanks, >> >> Lee Anne >> >> >> >> -----Message Disclaimer----- >> >> This e-mail message is intended only for the use of the individual or >> entity to which it is addressed, and may contain information that is >> privileged, confidential and exempt from disclosure under applicable >> law. >> If you are not the intended recipient, any dissemination, >> distribution or >> copying of this communication is strictly prohibited. If you have >> received this communication in error, please notify us immediately by >> reply email to [email protected] and delete or destroy all >> copies of >> the original message and attachments thereto. Email sent to or from >> the >> Principal Financial Group or any of its member companies may be >> retained >> as required by law or regulation. >> >> Nothing in this message is intended to constitute an Electronic >> signature >> for purposes of the Uniform Electronic Transactions Act (UETA) or the >> Electronic Signatures in Global and National Commerce Act ("E-Sign") >> unless a specific statement to the contrary is included in this >> message. >> >> While this communication may be used to promote or market a >> transaction >> or an idea that is discussed in the publication, it is intended to >> provide >> general information about the subject matter covered and is provided >> with >> the understanding that The Principal is not rendering legal, >> accounting, >> or tax advice. It is not a marketed opinion and may not be used to >> avoid >> penalties under the Internal Revenue Code. You should consult with >> appropriate counsel or other advisors on all matters pertaining to >> legal, >> tax, or accounting obligations and requirements. >> >> >> >> ------------------------------ >> >> _______________________________________________ >> Nessus mailing list >> [email protected] >> http://mail.nessus.org/mailman/listinfo/nessus >> >> End of Nessus Digest, Vol 65, Issue 1 >> ************************************* > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > -- Todd Adamson Network Partners, Inc. [email protected] (402)434-5395 x3001 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
