Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SCANNING PREVENTED BY CSA

When I scan Windows XP machine with Foundstone(Mcafee) scanner,CSA is preventing the scanning attempt and logging the following message:

9/21/2005 5:03:24 PM: The process '<remote application>' (as user PC1\Admin) attempted to access the registry key '\REGISTRY\MACHINE', value ''. The attempted access was an open (operation = OPEN/KEY). The operation was denied.

When scanner tries to access registry to find out windows missing patches,CSA is blocking the attempt immediately.

We would like to modify the rule in CSA and also want to make sure it does not create any loopholes.

Please help me solve this.

Thanks.

1 REPLY
Blue

Re: SCANNING PREVENTED BY CSA

You could create a rule that allows remote applications to access the registry from that IP address or create a dynamic app class for the scanner that adds it to applications allowed remote registry access if you have multiple machines running it.

I've had to do similar things to run nmap, nsbatch, etc...

Tom S

166
Views
0
Helpful
1
Replies