Please disregard. This has been fixed. The problem was in the "SSH settings[radio]:Elevate privileges with : = " setting in the nessusrc file. We had set this to "sudo" when we upgraded to Nessus 3.2.1 in August; however, the account Nessus uses to do local security checks has only limited sudo privileges (certain commands). It has the required "sudo id" privilege that Nessus requires to check sudo privileges, but apparently does not have sudo privileges for the commands Nessus uses to do the local security checks. Un-setting this corrected the problem.
Tenable support, please close ticket #BDM-72854-638 as resolved. John Scherff 24 Hour Fitness -----Original Message----- From: John Scherff Sent: Monday, October 06, 2008 10:43 AM To: 'Nessus' Cc: '[EMAIL PROTECTED]' Subject: LOCAL SECURITY CHECKS (Re-submitted) Sorry, previous message had a misleading subject line. Has the method of checking for patches/updates changed for Linux (specifically Red Hat)? Starting in August, our monthly patch scans showed a ridiculously low number of vulnerabilities: 1 missing patch (total) across 140 Linux servers. Our most recent patch scan ran this past Saturday with the same results, yet running 'up2date --dry-run' on 4 randomly-chosen servers showed between 10 and 12 missing patches on all four hosts. Most of the patches were released slightly less than one month ago (since our last maintenance window, which is when we patch our production systems). I can send the nessusrc file and/or KB for the sample hosts privately. John Scherff 24 Hour Fitness _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
