> -----Original Message----- > From: Derr,Ben [mailto:[EMAIL PROTECTED] > Sent: Tuesday, February 24, 2004 8:23 PM > To: Elijah Savage > Cc: '[EMAIL PROTECTED]' > Subject: RE: Check for Admin Access > > You could enable the smb scanning options and put in a valid uid/password > for your group. > > I can't recall how specific the reports get, but if you're authorized > you'll > get a nice sized report of shares/users/resources that Windows coughs up > to > Nessus. This is pretty configurable. > > This may cause false positives in the sense that you will get intimate > looks > at the registry, that other users on your network don't see, of course. It > will also give you the unique ability to see many more Windows specific > vulnerabilities, as well, though. > > You can always use different Nessus accounts for scanning with different > levels of privilege to get the multiple perspectives. > > Check out this excellent paper on using Nessus and domain priveleges to > aid > in scanning: > > http://www.nessus.org/doc/nessus_windows_scanning.pdf > > -----Original Message----- > From: Elijah Savage [mailto:[EMAIL PROTECTED] > Sent: Tuesday, February 24, 2004 7:52 PM > To: [EMAIL PROTECTED] > Subject: Check for Admin Access > > > I searched the archives and I could not find where this was asked > before. I will just ask the question without going in to a bunch of > detail. > Is there anyway for me to use Nessus to scan our entire network and see > what machines our admin group has access to, basically a way to > determine if the domain admin group, is in the local administrators > group on the pc's? > > _______________________________________________ > Nessus mailing list > [EMAIL PROTECTED] > http://mail.nessus.org/mailman/listinfo/nessus
Thank you very much, I spent all this time looking through the archives and should have just been looking on the site at the documentation list. I only want to use this on an occasional basis anyway, every few months or so. This definitely seems like it will work for what I need it for, just to say hey we have 7000 machines on the network at the time of this scan and 6500 of them we have domain access to. Thank You _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
