Wow, great responses! Thanks! I have the products you have described, I have also tried UpdateExpert which is great for tracking down servers that DO have a particular patch but I need to hand in a report with evidence of who does NOT have patches that make them vulnerable to remote code execution. The other apps give me too much information considering I have to scan 300+ servers that is why I booted up Fedora and brought up Nessus.
Robert, you are correct, I am fairly new to Nessus, I have used it to compare our vuln scans but never really dug into it and took advantage of all the plug-ins. I'll try what you had described and see what I can do with it. I'd like to narrow down the search to only look for remote code execution but that might be asking too much.... But it would make a nice report to say "this list of servers are vulnerable..." I did read that there are additional plug-ins that can be downloaded, maybe I should check out that list. Thanks again for all the e-mails!! Nice to get this much of a response!! Tony On 6/13/05, Robert Keith <[EMAIL PROTECTED]> wrote: > > > Sounds like you are new to Nessus. > > 1. Install Nessus, and the windows client NessusWX (if desired, otherwise > use the Xterminal version). > > 2. Configure a scan profile for the subnet containing your windows systems. > > 3. Update this profile, select the "Configure plugins" under the plugins > tab. > > 4. Add the SMB user and SMB Password entries, this needs to be a user with > "administrator" privileges, to be able to access the registry. > > > This will scan windows and list all the vulnerabilities you asked about. > > Be aware: Windows XP systems have a firewall by default, and this will > prevent these scans unless they have the file share enabled, or have ports > 138, etc. open. > > Also, older Windows systems may or may not have remote registry access > services active. > > > Rgs, > Robert > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of TStark > Sent: Monday, June 13, 2005 10:46 AM > To: [email protected] > Subject: Nessus Detecting Servers without MS Patch > > Hello all, > > I have been asked to audit our servers with Nessus and find all > computers that do not have MS patches which correct vulnerabilities of > a remote code execution attack. How can I use Nessus, on Fedora 3, to > find if a server has a particular patch or this vulnerability only? > > Thanks everyone for your help!! Nice to have a place to ask these questions! > > Tony > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
