Yeah…i want to audit through Nessus scanner…for the local user accounts like guest
usually through commandline for every local user “password required =yes” should be configured as per the security guidelines of our organization..being an administrator i need to audit through nessus tool across 20K machines.
Microsoft Baseline Security Analyzer can probably accomplish this as well. It can be used via cmdline and scripted to run on a schedule job. It can also be dumped to default reports within MBSA or you can dump it to an text file. Not sure if it is delimited since I haven’t run it in a while. Back in Nessus you can check if the account is disabled using a credentialed scan. Guest is disabled by default so if you find devices with it enabled, then you probably have a bigger problem on your hands. With the size of your network I would hope there is no legitimate need for that account to be active on local workstations. Here is an article from Tenable on properly setting up a credentialed scan: http://static.tenable.com/documentation/nessus_credential_checks.pdf
Viewing 3 reply threads
You must be logged in to reply to this topic.
– EH-Net Live!Thurs Oct 29 @ 1:00 PM US ET. Details Coming Soon!