Paul,
On 20.09.2015 00:30, Paul J wrote:
OpenVAS didn’t catch any of the first things I tried on Windows 7:
A non-Admin user in the backup group (thereby easily gaining access to
everybody’s files);
A non-Admin user having permission to access Event logs;
Didn’t check that UAC was set to Never Notify;
Didn’t appear to check Local Policies -> Security Options such as
“Domain member: Digitally sign secure channel data” or “Network
access: Let everyone permissions apply to anonymous users”
A non-standard hidden file executed by Task Scheduler.
You mixing up vulnerability tests and policy checks, you can do both
with OpenVAS but need to configure it correctly ;-)
--
Regards
Lukas Grunwald
http://www.greenbone.net
mail: lukas.grunw...@greenbone.net
Greenbone Networks GmbH
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
