(Joergs mails didnt make it to openvas-discuss, I forward them) "Joerg Eckert" <[email protected]> wrote: Hello
> Could you turn off "Dependencies: Enable at runtime" in the plugin view > (where > 0 plugins are enabled)? Also switch off "Silent" if that was not yet the > case. Done for both (already done, only checked). > The SSH authorization script should indeed only be executed if you have > selected a script that depends on/includes it. ok, so we have to search for this problem. (remark: with my vmware-installation i have this problem too, and they are installed independently and not copied) > You can increase the verbosity of the openvasd.dump / openvasd.message > files > in your openvasd.conf (enable anything with "logging"). ok, there is not much of logging. openvasd.dump= SSH-DEBUG: Not setting login information for local check at x.x.x.x : No mapping found [16686]//usr/lib/openvas/plugins/hydra_options.nasl) script_get_preference_file_location: could not get local file name from preference Passwords file : openvasd.messages= [Mon May 4 15:44:19 2009][16671] user Eckert starts a new scan. Target(s) : 10.200.126.6, with max_hosts = 20 and max_checks = 6 [Mon May 4 15:44:19 2009][16671] user Eckert : testing (x.x.x.x) [16676] [Mon May 4 15:44:19 2009][16676] shared_socket: Secret/SSH/socket is unknown [Mon May 4 15:44:19 2009][16676] process_internal_msg for ssh_authorization.nasl returned -1 [Mon May 4 15:44:29 2009][16676] Finished testing x.x.x.x. Time : 10.22 secs [Mon May 4 15:44:29 2009][16671] user Eckert : test complete [Mon May 4 15:44:29 2009][16671] Total time to scan all hosts : 10 seconds [Mon May 4 15:44:29 2009][16671] user Eckert : Kept alive connection i used the newest client and server i can get from atomic. Running CentOS here. Client runs on the same machine (dont have a win client). Is there any other config i can check? some debug i can configure? (yes, server and client always restarted after config changes) regards Joerg -- Neu: ------------------------------------EMAIL2---------------------------------------- Von: "Joerg Eckert" <[email protected]> An: [email protected] Betreff: Re: RE: [Openvas-discuss] ssh-check is always on Datum: Mon, 04. May 2009 13:51:48 +0200 Hello I wrote (unfortunately) directly to Felix (sorry for that): If i open the report there is a light bulp and if i click on it there is the following information: ------- Reported by NVT "SSH Authorization" (1.3.6.1.4.1.25623.1.0.90022): It was not possible to login using the SSH credentials supplied. Hence local security checks is not enabled. ------- But, i dont want to check for SSH. And i couldnt find any hint where i implemented such a check. -> The plugins are all disabled (double checked now). 0 enabled. Target = 1 target, nothing special On general tab there is: Optimize test and Safe checks on. I scan for port range: 445,8081,9593, 9595 I tried portscanning with different portscanners (nmap, openvas etcpp). I also have a task for conficker only. But everytime it want to check for SSH and i can see this in the report. Its everytime the same result. regards Joerg Ive checked with and without selected silent - no difference. -------- Original-Nachricht -------- > Datum: Mon, 4 May 2009 16:45:58 +0530 > Von: "Chandrashekhar B" <[email protected]> > An: "\'Felix Wolfsteller\'" <[email protected]>, [email protected] > CC: "\'Joerg Eckert\'" <[email protected]> > Betreff: RE: [Openvas-discuss] ssh-check is always on > Joerg, > > By default, OpenVAS identifies all open ports and the corresponding > services > attached (plugin find_service.nes). In case you want these messages not to > appear, select "Silent" in "Plugins" section. > > Thanks, > Chandra. > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Felix > Wolfsteller > Sent: Monday, May 04, 2009 4:12 PM > To: [email protected] > Cc: Joerg Eckert > Subject: Re: [Openvas-discuss] ssh-check is always on > > Hi Joerg > Might have to do with the selected port scanner (in the Options/General > tab). > Eventually it ignores the selection you provided. > Is there a message displayed if you select the 'ssh (22/tcp) ' item in the > report? > > -- felix > > On Monday 04 May 2009 11:12:06 Joerg Eckert wrote: > > Hello to all of you > > > > I have installed the newest openvas version and use the new linux > client. > > If i want to check a target i always receive in the report included a > ssh > > check. I dont want this, but i dont know where i could switch this off. > > > > Its not important if i only scan for explicit ports (all other stuff > > switched off (general, plugins, prefs) or if i do for example a > conficker > > scan. > > > > I receive a report but always with additional ssh (22/tcp) included > line. > > > > Please can you help me? > > > > If you need more information please tell me what you need. > > > > regards > > > > Joerg > > > > ps.: sorry for my english (my german is better :-) > -- Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
