Re: Windows Compliance Check Problems

To:	"Mike Forrester" <mikef@pocketlint.com>
Subject:	Re: Windows Compliance Check Problems
From:	"Doug Nordwall" <raleel@gmail.com>
Date:	Thu, 25 Jan 2007 15:16:43 -0500
Cc:	nessus@list.nessus.org
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	nessus-list1@securepoint.com
Delivered-to:	nessus@list.nessus.org
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=b6bx2YGHWvn6IbgIu80Du0ruv8fcCUdgIOIH1ULj5Vz8/QljUE9JsTF2oSlE8Qn/DGt72y9rZmht31dee/DjtvKXJNAkr7r0eYncarYFy8QOYwwxXd61fVb7Qc+xA9wdTR9ijjkLL/iX5GF2fjYmHcs62m8Xyj7I6ZJhBXwUess=
In-reply-to:	<45B906E2.4030803@pocketlint.com>
List-archive:	<http://mail.nessus.org/pipermail/nessus>
List-help:	<mailto:nessus-request@list.nessus.org?subject=help>
List-id:	Discussion of Nessus software <nessus.list.nessus.org>
List-post:	<mailto:nessus@list.nessus.org>
List-subscribe:	<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=subscribe>
List-unsubscribe:	<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=unsubscribe>
References:	<45B906E2.4030803@pocketlint.com>
Sender:	nessus-bounces@list.nessus.org

i have a support request in for the same thing :)

On 1/25/07, Mike Forrester <mikef@pocketlint.com> wrote:

I'm hoping someone can figure out something that I'm missing when trying
to get the Windows compliance checks working (UNIX works fine).

Nessus Server:
CentOS 4.4
Nessus 3.0.3 (RedHat ES4 rpm)
Nessus Direct Feed

Nessus Client:
Fedora Core 6
NessusClient 1.0.2

Policy Info (brief):
Plugins:
Windows Compliance Checks Plugin - enabled
Enable dependencies at runtime - enabled
Silent dependencies - enabled

Crendentials:
SMB account - specified (local admin)
SMB password - specified
SMB domain - specified

Target selection:
Target: Single Windows XP SP2 host

Prefs:
Windows Compliance Checks:
Policy file #1: federal_nsa_microsoft_xp_user_right_assignment.audit
Policy file #2: federal_audit_microsoft_windows_os_guideline.audit

I get the following error in nessusd.dump every time I try to run a scan:

[26363](compliance_check.nbin:0x161a) A non-authenticated script
attempted to use an authenticated function - returning NULL
[26363](compliance_check.nbin:0x161a)
script_get_preference_file_location: script is not authenticated!

I've tried both domain and local authenticated accounts (just local
Admin, not domain). I get entries in the Security event log for two
successful login for whatever test account I use plus a couple others
(administrator and nessus+random number). When I enable Windows checks
that check policy requiring a login, they work just fine.

Any ideas on what I'm missing?

Thanks,
Mike
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

--
Doug Nordwall
Unix, Network, and Security Administrator
Noise proves nothing. Often a hen who has merely laid an egg cackles as if she laid an asteroid. -- Mark Twain

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

<Prev in Thread]	Current Thread	[Next in Thread>
Windows Compliance Check Problems, Mike Forrester Re: Windows Compliance Check Problems, Doug Nordwall <= Re: Windows Compliance Check Problems, Renaud Deraison

Previous by Date:	Windows Compliance Check Problems, Mike Forrester
Next by Date:	Re: Windows Compliance Check Problems, Renaud Deraison
Previous by Thread:	Windows Compliance Check Problems, Mike Forrester
Next by Thread:	Re: Windows Compliance Check Problems, Renaud Deraison
Indexes:	[Date] [Thread] [Top] [All Lists]