Am Montag, 13. Oktober 2014, 19:24:43 schrieb Barkley, Joey: > PROBLEM: I cannot get OpenVAS v7 to scan a Windows 7 system properly and > detect an insecure version of Firefox.
it is hard to guess what might be going wrong. I would simplify the scenario you are running. A standard F&F should be sufficient in combination with a credential. I only can offer some general notes, perhaps you already checked these. Check whether the scanner uses the newest feed. There should be a log message that tells you whether the authentication with the credential worked properly or not. Have you checked the "Error" section of the Report View for any error messages? > DETAILS: > I have installed OpenVAS 7 on a CentOS 7 system. I have updated to the > latest definitions. I have copied the “Full and very deep” Scan > Configuration and made the following changes: 1. Added General Test Family > 2. Enabled Aggressive OS detection AND Identify the remote OS under “Launch > Nmap for Network Scanning” 3. Enabled Identify the remote OS under “Nmap > (NASL wrapper)” > > I have a Windows 7 Ultimate VM that is not connected to a domain. I have > installed Firefox v25 on this system. It has a local admin account > enabled. > > I have added SMB credentials to my OpenVAS server. I did not preface this > account with a \, but I have tried this also and it does not correct the > issue. I have added the IP of the VM as a target, and then create a new > task to scan with my modified config for that target with the appropriate > credentials. > > When I run the scan, the host is found, but is identified by the default > mechanism as an HP Jet Direct OS. After the scan has completed, there are > 6 entries in the report: CPE Inventory, Host Summary, OS fingerprinting, > arachnid (NASL wrapper), Traceroute, and Microsoft SMB Signing Disabled. > All are considered (Log) severity. > > SPECULATION: > I am assuming that since the OS fingerprinting process is not completing > correctly, the Windows checks (and possibly the authentication) are not > even being executed. Is there something that I can do to force the task to > use the nmap checks instead of the incorrect one? Or perhaps something is > not working properly with authentication? Should I change something there? > If I execute this same scan against a target that is on the domain > (Win2008 and Win2012) it appears to correctly identify the OS and scan the > system properly, but I cannot install the outdated Firefox on these > systems to check. > > Any help is greatly appreciated. -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
