You could possibly poll the system for this information or you could enable logging for these events and generate an alert when they occur.
http://cwashington.netreach.net has many scripts that you will find useful for this.
By the way, you may enumerate user accounts anonymously only if the system has not been configured to prevent it. That is, an administrator can require that you provide a valid userid/password to enumerate a system.
Regards, Brian
My question is this. Is it possible (how?) does one scan for admins logged in/when last logged in. And get the subsequent alert e-mailed? I've seen windows scanners which report admin users on the domain, time of last login and password change etc. All without a valid domain password. Can nessus do this and then report it asap?
_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
