Hmm the code is from 2010 and there are 2 beta versions..doesn't look there is a lot of progress on the development of this product. I might try OpenVAS but it would be great if there was a check, since we do check files for Linux with OSSEC, I would imagine you could do something similar with OSSEC, Windows Accounts are stored (at least on older version) in the SAM database.
Op dinsdag 27 november 2012 18:20:47 UTC+1 schreef sklauminzer het volgende: > > Something like this might be a better tool for your needs: > SSA - Security System Analyzer 2.0 > http://code.google.com/p/ssa/ > > You could tie it into OSSEC with the full_command option. > > If all you need to t o determine the Admin account status, then use a > PowerShell command in full_command. > > Scott > > On Nov 27, 2012, at 4:02 AM, Michiel van Es > <[email protected]<javascript:>> > wrote: > > > Hi, > > > > We want to check for hardening and one of our Windows hardening rules is > to rename the Administrator account and create a decoy Administrator > account, not part of any group and disabled. > > One of the things we want to check is to see if the Administrator > account is enabled on Windows machines. > > > > Is there a check of simple script how I can establish this on the > Windows machines? > > > > Regards, > > > > Michiel > >
