Re: Nessus

phn_at_icke-reklam.ipsec.nu
Date: 05/28/03

• Next message: SJ: "ISS Site Protector WAN Performance Issues"
• Previous message: Dusan Chromy: "Re: GnuPG front-end to safely en/de-crypt files using symmetic cipher"
• In reply to: Sam Pro: "Nessus"
• Next in thread: ObiWan: "Re: Nessus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 28 May 2003 10:10:58 +0000 (UTC)

Sam Pro <spro1@uic.edu> wrote:
> Okay, I have been put in charge of doing a security audit on our
> network because of a recent rash of IRC bots eating up bandwidth. I
> have setup a Linux box and ,among a few other tools, installed Nessus.
> I have been doing some preliminary scans over a few test machines.
> It is doing a great job of identifying compromised machines, and
> showing some holes that need to be covered. However, I am conserned
> mostly with NT boxes with blank/weak passwords. Can Nessus do this?
> I have tried enabling all the plugins, but it just isn't alerting me
> of accounts with blank passwords. I would really like Nessus to
> enumerate netBIOS accounts and then use a dictionary attack against
> them. Am I going to have to write my own plugin? Maybe something
> other then Nessus will work better for this?

> Also, does anyone know what minimum conditions need to be present on
> the target machine for a hacker to pull account names and then be able
> to gain full access through a dictionary/brute attack?

You need port 139 ( i think) in order for nessus to pull weak user-id's.
Maybe your firewall ( correctly) blocks these.

-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

---

• Next message: SJ: "ISS Site Protector WAN Performance Issues"
• Previous message: Dusan Chromy: "Re: GnuPG front-end to safely en/de-crypt files using symmetic cipher"
• In reply to: Sam Pro: "Nessus"
• Next in thread: ObiWan: "Re: Nessus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Nessus question ... I have been doing some preliminary scans over a few test machines. ... Can Nessus do this? ... of accounts with blank passwords. ... enumerate netBIOS accounts and then use a dictionary attack against ... (comp.security.unix) Nessus ... I have been doing some preliminary scans over a few test machines. ... Can Nessus do this? ... of accounts with blank passwords. ... enumerate netBIOS accounts and then use a dictionary attack against ... (comp.security.misc) Re: Nessus plugin can not find msblast infected machine? ... >> share with me how I can locate infected PC by using nessus? ... > your machines. ... There is a plugin id 11818 for detecting machine infected by msblast. ... (comp.security.unix) [Full-Disclosure] Nessus stores credentials in plain text ... Software Package: Nessus ... Username and password for various accounts stored in unencrypted plain text ... Vendor Response: ... (Full-Disclosure) Re: Nessus plugin can not find msblast infected machine? ... > I ran nessus with all the plugins turn on including those msblast ... > share with me how I can locate infected PC by using nessus? ... given ports (TFTP for worm replication, perhaps also a shell in a given ... Scan for those open in the infected machines and let us ... (comp.security.unix)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.misc  > 2003-05