TOC & Recently Viewed

Recently Viewed Topics

Windows Example Audit Items

Nessus can test for any setting that can be configured as a “policy” under the Microsoft Windows framework. There are several hundred registry settings that can be audited and the permissions of files, directories, and objects can also be analyzed. A partial list of example audits includes testing the settings of the following:

  • Account lockout duration
  • Retain security log
  • Allow log on locally
  • Enforce Password History

Windows Example 1

The following example audit looks for the setting "Minimum password length" on a Windows server and generates an alert if the value is not equal to seven characters.

<item>

name: "Minimum password length"

value: 7

</item>

Windows Example 2

Nessus can also search Windows computers for sensitive data. The following is an example that searches for Visa credit card numbers in Excel, Adobe, and text files.

<item>

type: FILE_CONTENT_CHECK

description: "Determine if a file contains a valid VISA Credit Card Number"

file_extension: "xls" | "xlsx" | "pdf" | "txt"

regex: "([^0-9-]|^)(4[0-9]{3}( |-|)([0-9]{4})( |-|)([0-9]{4})( |-|)([0-9 {4}))([^0-9-]|$)"

expect: "VISA" | "credit" | "Visa" | "CCN"

max_size: "50K"

only_show: "4"

</item>

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.