[OWASP-Bangalore] Nessus scanner to check Password Policies

Prathap R mailprathap at gmail.com
Wed Aug 20 04:22:32 UTC 2014


Raju,
Nessus scanner will try to brute force crack the passwords of some of the
default usernames like root, guest, administrator etc This is over a
network connection.

It will not however be able to find out the password age or if it is
expired.

Hope this helps!

Best regards,
Prathap


On Wed, Aug 20, 2014 at 5:33 AM, N. V. R. K. RAJU <nvrkraju4 at gmail.com>
wrote:

> Hi All,
>
> Please let me know if Nessus is capable of doing password policy checks.
> Something like, if I have lets say I have 10 systems in my network, can I
> use it to scan through the network for all 10 systems to give me results of
> only password policy checks. Like, password expired, password changed / not
> changed / week password configuration etc....Both including Windows and
> Linux/Unix.
>
> Please help me with Nessus configurations if you have any
>
> --
> Regards,
> Raju
>
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> Twitter : @owaspbangalore
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20140820/612ed2d2/attachment.html>


More information about the OWASP-Bangalore mailing list