[prev in list] [next in list] [prev in thread] [next in thread]
List: nessus-plugins-writers
Subject: Re: [Plugins-writers] Check for an application
From: "George A. Theall" <theall () tenablesecurity ! com>
Date: 2006-06-13 19:46:05
Message-ID: 448F15FD.1050204 () tenablesecurity ! com
[Download RAW message or body]
On Tue, Jun 13, 2006 at 11:24:35AM -0400, Ryan Petti wrote:
> I’m wondering if it’s possible to do ANY ONE of the
> following tasks without having admin rights to a client machine:
...
> 1) Check for the presence of a service and if possible whether it is
> active or not
Generally no, unless the service listens remotely and offers some way to
detect it.
> 2) Check for the presence of a specific file on the client system
No, not generally.
> 3) Check for the presence of an active connection on the client machine
> using a dynamic source address to a another specific server on a
> specific static destination port. For example, using netstat -a (in
> windows), this is the type of connection I would need to detect:
No, but in this case you might consider a different tool. Tenable's
Passive Vulnerability Scanner, formerly known as NeVO, would let you do
this and complement Nessus nicely. Or you could write a special rule in,
say, Snort.
George
--
theall@tenablesecurity.com
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic