Thanks Nicolas, the issue, is the current scanner that the client requires me to uses reports it.
I would like to move them to Nessus.
The question I keep getting is why does one report it and Nessus does not. With that said, I figured I would create/find the plugin.
If anyone can add to what Nicolas has told me feel free to chime in.
Thank You in Advance --John
-------------- Original message --------------
From: Nicolas Pouvesle <[EMAIL PROTECTED]>
> On Sat, 2006-02-25 at 17:06 +0000, [EMAIL PROTECTED] wrote:
> >
> > DCOM allows applications to be distributed across locations, the application
> create program ids that can have the default launch and access permissons.
> >
> > A user account is added as authentication credentials to granted permission
> to access/launch the component. When the user credentials (as a example a
> service account) are add they can recieve the default access and launch
> permissions. Alot of time they don't need the default permissions.
> >
> > DCOMCNFG is the tool that comes with Windows that allows you to configure the
> DCOM settings of a COM application. The application can be liste d as a Name or
> by a program ID and its rather painful to manual check each.
> >
>
> Thanks for the information. I will try to look at that later and see
> what I can do.
>
>
> > Other scanners I've used will report on what user has what level of access
> and/or launch permission for a COM object. When I run an Administrative scan
> using Nessus, i've never see it report on this setting and so far i've been
> unable to find a plugin that does.
> >
> > I was thinking of writting a plugin to check the access and launch permission
> for COM objects. but didn't want to re-invent the wheel and thought I would ask
> to see if anyone else
> > has.
>
>
> I really don't think you want to do that. It is easy to use the DCOM
> protocol with the Windows API but it is much more complex to do that
> with Nessus ;-)
>
>
> Nicolas
>
> _______________________________________________
> Nessus mailing list
> [email protected]
> http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
