Yeah there is a tool that allows you to convert an GPO's .inf security template to a nessus .audit file to create a s a gold base security to compare other servers with. The results will provide the delta and pass/fail compared to the gold base security that was used.. Know of any alternative? Deepak J. Mathew Systems Manager - Administrative Systems Rice University (t) 713-348-4328 From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Pietrzak Sent: Tuesday, April 15, 2008 11:06 AM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Re: Nessus Compliance Checks for GPO ? I use the free nessus scanner for windows and as far as I know, it does not provide that functionality. It only checks for well known vulnerabilities that are identified by orgs like SANS, CVE etc etc. Michael Pietrzak San Diego State University From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Deepak J. Mathew Sent: Tuesday, April 15, 2008 6:41 AM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Nessus Compliance Checks for GPO ? Does anyone here use Nessus Vulnerbility scanner to check current GPOs of various windows servers? I'm wanting to see which servers are in compliance with our password policy from a remote location? Any ideas? A final report of the results is what I'm looking for. Thanks! Dee Deepak J. Mathew Systems Manager - Administrative Systems Rice University (t) 713-348-4328