Hello, I just installed Openvas v7 from sources on Debian Wheezy. When using task wizard against an old router, many SSL checks are not performed due to missing mandatory key (Transport/SSL for exemple for gb_poodel_sslv3_info_disc_vuln.nasl).
If I create a scan config with only gb_poodel_sslv3_info_disc_vuln.nasl, Nmap NASL wrapper and ping, and run it against the same host, it reports an alert. If I clone "Full and fast" scan config to enable log_whole_attack and run it, I can see "Not launching gb_poodel_sslv3_info_disc_vuln.nasl against 192.168.1.1 because a mandatory key is missing (this is not an error)" I saw it because before installing, I ran the same scan from a Virtual Machine with Kali linux to test the product and this one reported a lot more infos about the SSL ports (POODLE, Expired certificates, OpenSSL CCS Man in the middle). After 1 day of investigating and testing, just saw that the only difference was that Kali had only NVT's up to 11/19/2014. And yes, after updating NVT's, the only SSL report I can get is "Check for SSL weak ciphers". Can someone help me find what NVT between november 19 2014 and now can remove Transport/SSL from my hosts kbs (so I can deactivate it and validate my installation) or point me to a tarball with a snapshot at this date. Thanks. -- Landry MINOZA MGI Sud-Ouest Chef de projet technique Linux et réseaux E-mail : [email protected] Tél : 01 40 49 47 15 MGI France : 5 rue Sextius Michel - 75015 Paris | RCS: Paris B 382 770 584 | www.mgi.fr MGI SO : 281 route d'Espagne - 31100 Toulouse | RCS: Toulouse B 421 125 816 | www.mgi.fr MGI Suisse : 5 avenue de Rothorn - CH3960 Sierre | TVA 517-269 | www.mgiconsultants.ch _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
