On Tue, Jun 13, 2006 at 11:24:35AM -0400, Ryan Petti wrote: > I’m wondering if it’s possible to do ANY ONE of the > following tasks without having admin rights to a client machine: ... > 1) Check for the presence of a service and if possible whether it is > active or not Generally no, unless the service listens remotely and offers some way to detect it. > 2) Check for the presence of a specific file on the client system No, not generally. > 3) Check for the presence of an active connection on the client machine > using a dynamic source address to a another specific server on a > specific static destination port. For example, using netstat -a (in > windows), this is the type of connection I would need to detect: No, but in this case you might consider a different tool. Tenable's Passive Vulnerability Scanner, formerly known as NeVO, would let you do this and complement Nessus nicely. Or you could write a special rule in, say, Snort. George -- theall@private _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Tue Jun 13 2006 - 12:46:39 PDT