Once the above two configuration items are in place, you can perform a credentialed scan on the host. Refer to the article titled, " Dynamic Remote Registry Auditing - Now you see it, now you don’t!" for more information. Alternatively, you can configure Nessus to enable and disable this service automatically. You must go into the "services" menu and enable it manually. In Windows 7, this is not enabled by default.
The Remote Registry service must be running on the target host. Even if your account has "Administrator" rights, Nessus needs the actual "Administrator" account in order to have sufficient credentials on the host. 
You must enable the "Administrator" account on the system. There are two issues to be aware of when scanning Windows 7 with credentials: Nessus can be used to perform patch auditing of Windows 7 systems. While Nessus without credentials does provide some useful information that can be used to identify "unfirewalled" Windows 7 installations on the network, it does not provide anything about missing patches or misconfiguration. When the firewall is disabled, Nessus reveals some information, but nothing in the way of vulnerabilities (even though the target is purposely missing patches). Let's look at each of these three activities separately and see how they perform against Windows 7: Network ScanĪ network scan with the Windows firewall enabled does not detect any vulnerabilities, or reveal any results for that matter, as all communication is blocked by the firewall. For our test, we used the upcoming Nessus 4.2, although this will also work with the current version of Nessus. Nessus can help you ensure that Windows 7 is as secured as it can be by scanning it across the network, using credentialed scans to perform local patch checks and performing credentialed configuration audits to verify that it is configured securely. This leaves us with some new challenges to face as we have a new desktop operating system that is likely to see widespread adoption, most malware will run on it and it is largely untested in production against users and attackers alike. In addition, malware is reported to run great on Windows 7 despite controls such as UAC, so there is no need for malware authors to have to port their code. The built-in firewall was overhauled, but is still best supplemented by third-party tools. 
An example of the "shiny" new OS, Windows 7 makes several improvements to the end user interface.įrom a security perspective, we still face many of the same challenges we always did.
0 kommentar(er)
