Mailing List Archive: Nessus: users

.Audit file question

Index | Next | Previous | View Threaded

jfvanmeter at comcast

May 3, 2007, 7:48 AM

Post #1 of 6 (1634 views)
Permalink

.Audit file question

Hello everyone, my client has a direct feed and I was wondering if there are any preconfiguration audit files, to run a NIST check against a SQL server? if there are, are they downloaded with the plug in feed? or do they need to be downloaded seperately

Thanks

Take Care and Have Fun --John
_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus

rgula at tenablesecurity

May 3, 2007, 8:13 AM

Post #2 of 6 (1564 views)
Permalink

Re: .Audit file question [In reply to]

jfvanmeter [at] comcast wrote:
> Hello everyone, my client has a direct feed and I was wondering if there are any preconfiguration audit files, to run a NIST check against a SQL server? if there are, are they downloaded with the plug in feed? or do they need to be downloaded seperately
>

The current NIST .audit files are available under the Tenable support
portal. There is a blog entry about it here:

http://blog.tenablesecurity.com/2007/04/nist_audit_poli.html

The audit policies are for XP Pro and 2003, not MS SQL. We have not
published any .audit files for MS SQL server auditing yet. NIST has not
published any guidence on hardenign MS SQL through their SCAP program
yet which is listed here:

http://nvd.nist.gov/scap/content.cfm

Ron Gula, CTO
Tenable Network Security

_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus

jfvanmeter at comcast

May 3, 2007, 8:21 AM

Post #3 of 6 (1563 views)
Permalink

Re: .Audit file question [In reply to]

Thank You, I just wanted to check, I've been very busy lately and I was afraid I might have missed them

Thank You
Take Care and Have Fun --John

-------------- Original message ----------------------
From: Ron Gula <rgula [at] tenablesecurity>
> jfvanmeter [at] comcast wrote:
> > Hello everyone, my client has a direct feed and I was wondering if there are
> any preconfiguration audit files, to run a NIST check against a SQL server? if
> there are, are they downloaded with the plug in feed? or do they need to be
> downloaded seperately
> >
>
> The current NIST .audit files are available under the Tenable support
> portal. There is a blog entry about it here:
>
> http://blog.tenablesecurity.com/2007/04/nist_audit_poli.html
>
> The audit policies are for XP Pro and 2003, not MS SQL. We have not
> published any .audit files for MS SQL server auditing yet. NIST has not
> published any guidence on hardenign MS SQL through their SCAP program
> yet which is listed here:
>
> http://nvd.nist.gov/scap/content.cfm
>
> Ron Gula, CTO
> Tenable Network Security
>

_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus

pdavis at tenablesecurity

Oct 6, 2008, 8:16 AM

Post #4 of 6 (1438 views)
Permalink

Re: .audit file question [In reply to]

John,

We don't support registry.pol files with the i2a tool (or any other tool). Depending upon your Windows versions, you may want to look at using
i2a with Security templates or possibly some of our support site audit files as guides..

jfvanmeter [at] comcast wrote:
> Hello every,
>
> I was hoping to use Nessus, and a .audit file to verify wither settings contained in a GPO are being applied.
>
> Most of the settings are contained in the registry.pol file, is there a utility like i2a that will convert the settings in the *.pol file into a .audit file?
>
> --
> "When the legend becomes fact, print the legend."
> _______________________________________________
> Nessus mailing list
> Nessus [at] list
> http://mail.nessus.org/mailman/listinfo/nessus
>

--
Best Regards,

Paul Davis
Research Engineer
Tenable Network Security Inc
Phone: 410.872.0555 x245
www.tenablesecurity.com

Is your network TENABLE?
_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus

jfvanmeter at comcast

Oct 6, 2008, 9:05 AM

Post #5 of 6 (1440 views)
Permalink

Re: .audit file question [In reply to]

THanks Paul, I

--
"When the legend becomes fact, print the legend."

-------------- Original message ----------------------
From: Paul Davis <pdavis [at] tenablesecurity>
> John,
>
> We don't support registry.pol files with the i2a tool (or any other tool).
> Depending upon your Windows versions, you may want to look at using
> i2a with Security templates or possibly some of our support site audit files as
> guides..
>
> jfvanmeter [at] comcast wrote:
> > Hello every,
> >
> > I was hoping to use Nessus, and a .audit file to verify wither settings
> contained in a GPO are being applied.
> >
> > Most of the settings are contained in the registry.pol file, is there a
> utility like i2a that will convert the settings in the *.pol file into a .audit
> file?
> >
> > --
> > "When the legend becomes fact, print the legend."
> > _______________________________________________
> > Nessus mailing list
> > Nessus [at] list
> > http://mail.nessus.org/mailman/listinfo/nessus
> >
>
> --
> Best Regards,
>
> Paul Davis
> Research Engineer
> Tenable Network Security Inc
> Phone: 410.872.0555 x245
> www.tenablesecurity.com
>
> Is your network TENABLE?

_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus

JScherff at 24hourfit

Oct 6, 2008, 10:41 AM

Post #6 of 6 (1432 views)
Permalink

RE: .audit file question [In reply to]

Has the method of checking for patches/updates changed for Linux
(specifically Red Hat)? Starting in August, our monthly patch scans
showed a ridiculously low number of vulnerabilities: 1 missing patch
(total) across 140 Linux servers. Our most recent patch scan ran this
past Saturday with the same results, yet running 'up2date --dry-run' on
4 randomly-chosen servers showed between 10 and 12 missing patches on
all four hosts. Most of the patches were released slightly less than
one month ago (since our last maintenance window, which is when we patch
our production systems).

I can send the nessusrc file and/or KB for the sample hosts privately.

John Scherff
24 Hour Fitness

-----Original Message-----
From: nessus-bounces [at] list
[mailto:nessus-bounces [at] list] On Behalf Of
jfvanmeter [at] comcast
Sent: Monday, October 06, 2008 9:06 AM
To: Paul Davis
Cc: Nessus
Subject: Re: .audit file question

THanks Paul, I

--
"When the legend becomes fact, print the legend."

-------------- Original message ----------------------
From: Paul Davis <pdavis [at] tenablesecurity>
> John,
>
> We don't support registry.pol files with the i2a tool (or any other
tool).
> Depending upon your Windows versions, you may want to look at using
> i2a with Security templates or possibly some of our support site audit

> files as guides..
>
> jfvanmeter [at] comcast wrote:
> > Hello every,
> >
> > I was hoping to use Nessus, and a .audit file to verify wither
> > settings
> contained in a GPO are being applied.
> >
> > Most of the settings are contained in the registry.pol file, is
> > there a
> utility like i2a that will convert the settings in the *.pol file into

> a .audit file?
> >
> > --
> > "When the legend becomes fact, print the legend."
> > _______________________________________________
> > Nessus mailing list
> > Nessus [at] list
> > http://mail.nessus.org/mailman/listinfo/nessus
> >
>
> --
> Best Regards,
>
> Paul Davis
> Research Engineer
> Tenable Network Security Inc
> Phone: 410.872.0555 x245
> www.tenablesecurity.com
>
> Is your network TENABLE?

_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads