My apologies for bothering everyone with such a basic problem. PROBLEM: I cannot get OpenVAS v7 to scan a Windows 7 system properly and detect an insecure version of Firefox.
DETAILS: I have installed OpenVAS 7 on a CentOS 7 system. I have updated to the latest definitions. I have copied the “Full and very deep” Scan Configuration and made the following changes: 1. Added General Test Family 2. Enabled Aggressive OS detection AND Identify the remote OS under “Launch Nmap for Network Scanning” 3. Enabled Identify the remote OS under “Nmap (NASL wrapper)” I have a Windows 7 Ultimate VM that is not connected to a domain. I have installed Firefox v25 on this system. It has a local admin account enabled. I have added SMB credentials to my OpenVAS server. I did not preface this account with a \, but I have tried this also and it does not correct the issue. I have added the IP of the VM as a target, and then create a new task to scan with my modified config for that target with the appropriate credentials. When I run the scan, the host is found, but is identified by the default mechanism as an HP Jet Direct OS. After the scan has completed, there are 6 entries in the report: CPE Inventory, Host Summary, OS fingerprinting, arachnid (NASL wrapper), Traceroute, and Microsoft SMB Signing Disabled. All are considered (Log) severity. SPECULATION: I am assuming that since the OS fingerprinting process is not completing correctly, the Windows checks (and possibly the authentication) are not even being executed. Is there something that I can do to force the task to use the nmap checks instead of the incorrect one? Or perhaps something is not working properly with authentication? Should I change something there? If I execute this same scan against a target that is on the domain (Win2008 and Win2012) it appears to correctly identify the OS and scan the system properly, but I cannot install the outdated Firefox on these systems to check. Any help is greatly appreciated. Joey
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
