1 Reply Latest reply on May 30, 2012 10:37 AM by cgrim

    Scanning MAC OSX

    phoenix

      I am trying to scan some MAC OSx hosts using the shell credential sets, but somehow this seems to not work. All these MAC's are running 10.7 and are AD integrated, the scan seems to run the general Vulnerability checks but none of the Shell checks.

       

      Is there anyway to see what is happening, and if the auth is perhaps failing

        • 1. Re: Scanning MAC OSX

          Hi Phoenix,

           

          Check the following KB article to be sure the user you've defined in the Scan Credentials has the ability to run the commands specified:

           

          https://kc.mcafee.com/corporate/index?page=content&id=KB54752

           

          Once you confirm that, and if you're still having issues, then enable shell module debug:

          1) Run Regedit

          2) Navigate to:

          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Foundstone\FoundScan\Tweaks (Win2K8)

          or

          HKEY_LOCAL_MACHINE\SOFTWARE\Foundstone\FoundScan\Tweaks (Win2K3)

          3) Create the following DWORD value

          LogShell

          DWORD value 'ff'

          4) Re-run the scan

           

          Check the daily log for any errors... if you can't solve it, open a Service Request and attach the daily log.

           

          Be sure to turn off the tweak after you're done.  You can rename it to "__LogShell", that way it's there if you need it again.

           

          I hope that helps!
          Cathy