Re: Access the remote Windows Registry / plugin 10400

To:	"Patrice.Arnal@alcatel.fr" <Patrice.Arnal@alcatel.fr>
Subject:	Re: Access the remote Windows Registry / plugin 10400
From:	"Doug Nordwall" <raleel@gmail.com>
Date:	Tue, 21 Nov 2006 06:06:36 -0800
Cc:	Luc.Fullenwarth@alcatel.fr, Nessus List <nessus@list.nessus.org>
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	nessus-list1@securepoint.com
Delivered-to:	nessus@list.nessus.org
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=ZXOdBo2EkAAFgcPen7cxLVA3fS2TzKQTmnIV0eVJXEoZ8c0tHQwsT8GJsk9l4mErfQKs2dNb0l7OMI2Tp51WooQJIEAjJoWFy9a0iWdiYJ27OU9dgfD5Hhu8hccQqmLpgOtnrVPbDq1MEbMcOL1wxc6Sf5+/11Uy4rTruzqk0Ls=
In-reply-to:	<OF3C110313.BFEF2C4C-ONC125722D.003B5DC6-C125722D.003CB54A@alcatel.com>
List-archive:	<http://mail.nessus.org/pipermail/nessus>
List-help:	<mailto:nessus-request@list.nessus.org?subject=help>
List-id:	Discussion of Nessus software <nessus.list.nessus.org>
List-post:	<mailto:nessus@list.nessus.org>
List-subscribe:	<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=subscribe>
List-unsubscribe:	<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=unsubscribe>
References:	<OF3C110313.BFEF2C4C-ONC125722D.003B5DC6-C125722D.003CB54A@alcatel.com>
Sender:	nessus-bounces@list.nessus.org

I believe that scanning with credentials on windows generally does not work over ssh, but rather the standard windows login mechanisms, such as IPC$. You will have to put in the credentials into the SMB username and password blanks provided in the credential section. You will also have to use a user who can mount IPC$

I would suggest taking a look at
http://www.tenablesecurity.com/images/pdfs/blended_security_checks.pdf
http://www.nessus.org/documentation/nessus_credential_checks.pdf

On 11/21/06, Patrice.Arnal@alcatel.fr <Patrice.Arnal@alcatel.fr> wrote:

Hello

I set up SSH access on all servers ( Unix & Wintel ) in order to run
internals checks ( patches ... ) on all servers.

The account used is "nessus" and the login is done through keys exchange (
no password )
This works well for netstat ( local port scanner) but the plugin 10400
fails.

A quick glance on the code seemed to indicate that the plugin is trying to
mount IPC$ by providing "login/password"
which obviously fail....

Thank you for the help

Cordialement / Mit freundlichen Grüßen / Best regards,
_____________________________________________
Patrice Arnal
ISS - DataCenter – E&S
Alcatel ICT Services
1rte Dr A.Schweitzer - 67408 - ILLKIRCH - FRANCE
Phone : +33 (0) 3 90 67 74 22 / 2187 74 22
Fax : +33 (0) 3 90 67 72 07
Mobile: +33 (0) 6 06 07 67 68 08
Mailto: patrice.arnal@alcatel.fr
_____________________________________________

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

--
Doug Nordwall
Unix, Network, and Security Administrator
Noise proves nothing. Often a hen who has merely laid an egg cackles as if she laid an asteroid. -- Mark Twain

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

<Prev in Thread]	Current Thread	[Next in Thread>
Access the remote Windows Registry / plugin 10400, Patrice . Arnal Re: Access the remote Windows Registry / plugin 10400, Doug Nordwall <=

Previous by Date:	Access the remote Windows Registry / plugin 10400, Patrice . Arnal
Next by Date:	Re: Application Fingerprinting & Reporting, Ron Gula
Previous by Thread:	Access the remote Windows Registry / plugin 10400, Patrice . Arnal
Indexes:	[Date] [Thread] [Top] [All Lists]