similar to: Results of nessus scan

Hi Ryan, I am not authenticating to any Windows server, I just have the samba server itself set up with 3 users who an login. ...Paul Ryan Frantz wrote: >Paul, > >Are you using a Windows PDC or ADS to authenticate your Samba shares? >If so, the problem would not be with Samba, but with the authenticating >server. > >Ryan > >-----Original Message----- >From:

We've been struggling with a problem for the past couple of days which to this point I've only gotten to be able to boil down to this: 1. Install nessus home edition (less pluggins I assume) 2. run all scans (sequentially or in parallel, doesn't seem to matter) 3. about 3 minutes in /var/log/messages will show segfaults on imap and/or pop3 imap-login[22185]: segfault at

I'm trying to get nessus setup for doing some internal security checking. I installed the ports for nessus and nessus-plugins, and everything worked as expected. I then registered for the full feed of plugins, which got me up to over 10,000 plugins. I restarted nessus, and it didn't work at all. I am running without X11, so I'm doing batch runs. I already have nmap installed, so I

Hi all, I think I've found a Bug in current rc2 (same occours with rc1 and 0.99.9.1). I'am running dovecot with imap, pop3 and the ssl equivalents, after a nessus scan of my host with Bruteforce checks on IMAP, imap-login eats up lots of cpu. Before the scan: dovecot 22342 0.0 0.1 2320 636 ? SN Jun18 0:00 imap-login dovecot 5841 0.0 0.1 2320 692 ? SN Jun21

Hi there, I'm unclear on this warning I got from NeWT when I scanned my Linux workstation. Could someone clarify for me if I should be worried? Thanks, ...Paul ------------------------ microsoft-ds (445/tcp) It was possible to log into the remote host using the following login/password combinations : 'administrator'/''

Paul, Are you using Samba to authenticate then? You've created user accounts on your Linux system that map to Windows accounts and built the Samba password database using 'smbpasswd'? ry -----Original Message----- From: samba-bounces+ryanfrantz=informed-llc.com@lists.samba.org [mailto:samba-bounces+ryanfrantz=informed-llc.com@lists.samba.org] On Behalf Of Paul Bradshaw Sent:

I'm trying to get get nessus 2.2.5 to install on my centos 3.5 system. It errors out with this error: Press ENTER to continue x - Compiling the libraries x -- Configuring the sources for your system configure: error: Could not find OpenSSL and OpenSSL headers on your system **** An error occured :/ Do you want to save the compilation log to analyze what went wrong ? [y] Where should I save

https://bugzilla.netfilter.org/show_bug.cgi?id=870 Summary: Iptables cannot block outbound packets sent by Nessus Product: iptables Version: 1.4.x Platform: x86_64 OS/Version: Ubuntu Status: NEW Severity: normal Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org

Hi, My name is Joseph Villa, I'm new to the message boards and I'm also new to Samba. I just got an e-mail back on our Nessus scans.. Here are the 2 that are relivant.. 1.) The remote host has accessible LOGS$ share. ScriptLogic creates this share to store the logs, but does not properly set the permissions on it. As a result, anyone can use it to read the remote logs. Solution:

hi gurus: tried to install nessus and it would not compile: ===> Configuring for nessus-libraries-2.2.9_1 ******************************************************** * W a r n i n g * * * * Nessus needs Berkeley Packet Filter (bpf). * * To use nessus, your kernel must be rebuilt with bpf, * *

Anyone know of a good vulnerability scanner they would recommend besides Nessus? Been googling, but a recommendation is preferred. Looking for another to run and compare the results I get with Nessus. Thanks, James

Recently, i scanned my samba4.1 server by Nessus (a vulnerability scanner tool - http://www.tenable.com/products/nessus) Nessus says that Samba4 is vulnerable to "LDAP NULL BASE Search Access" as "The remote LDAP server may disclose sensitive information." Further it says that - The remote LDAP server supports search requests with a null, or empty, base object. This allows

Hello all, I’m running Shorewall 2.2.1 on linux kernel 2.6.10 with iptables 1.2.11. I recently ran a nessus scan of my firewall from a machine outside of the firewall and the nessus report told me that there are some ports open that I did not specify to be open. The ports are 32772/udp, 123/udp, 111/tcp, 32772/udp, and 53/udp. Why are these ports open when I did NOT specify them to be open

Hey, I have slow access when I first open shares. If I reboot my XP box and then go to access a share, it takes a good 10 seconds for files to come up, even after I've typed in my username and password. Once accessed it runs fine and is fast. But, if I don't access it for 30 minutes, when I access it again it sits for like 10 good seconds before it does anything. This is very annoying.

I have dovecot running as a pop3s server on port 995 it works great with sendmail and I run nessus to check security issues nessus reports this The SSLv2 server offers 3 strong ciphers, but also 0 medium strength and 2 weak "export class" ciphers. The weak/medium ciphers may be chosen by an export-grade or badly configured client software. They only offer a limited protection against

Hi! Our computer center is currently examining registered servers (offering services passing the firewall) using Nessus. Yesterday I had a ssh-connection closing on one host. Today I have seen serv01 155: channel 0: istate 4 != open channel 0: ostate 64 != open popping up, the connection survived however... In both cases the client host was not scanned but the server host (one was Linux, one

Hello, Last week I have detected with Zabbix that a member of my Samba domain had been downloading at a rate of around 8 Mbps for two days and a half. When asking the person to whom belonged the machine, he didn't know he was downloading anything but he said he had observed his machine had slowed down since then. I took a tcpdump of the traffic before terminating his session on Windows

Good Day All Sorry if this is a repeated email, but I need some information about how to disable SSL on a Samba4.2.2 AD domain controller as the nessus scanner is reporting the POODLE vulnerability and we are not allowed to have any of that in our environment. the nessus scan reports poodle vulnerability on all these ports: 443, 636, 3269 I had a look at previous posts but couldn't find a

Would really appreciate it if someone could tell me why this is happening: I override ssn method of AR class so I can encrypt/decrypt to/from the db: class Person < ActiveRecord::Base def ssn=(value) write_attribute(:borrower_ssn, Crypto.encrypt(self.encryption_key, value)) write_attribute(:borrower_ssn_final_four, value[5,4]) end def ssn # this begin - rescue can be

Hi, I'm wondering if anybody could enlighten me about the effect of tracking RELENG? When the Openssh advisory came out (SA-03:12) I allowed a few days for all issues to get ironed out and then used CVSUP to rebuild my boxes with RELENG_4_7 or RELENG_4_8 (as appropriate). The advisory says that the problem with OpenSSH is fixed by 4.7-RELEASE-p16 and a 'uname -a' of one of my 4.7