Re: [Openvas-discuss] Setting up SSH connection to WHM (CPanel) Centos Box

[Walter York]

I "could" go through the time to create a centos 7 OpenVAS box but that would 
take away from the ease of having a single VM (Kali 2) to perform all of my 
testing activities.  Is there some known issue that openvas 7 won't 
authenticate to certain servers via SSH that would necessitate a version 
upgrade?
Something of interest in the target log is: op=login acct="(unknown)".  Yet I 
have properly entered the root account as the login within OpenVAS.  I must 
stress that I am able to use Putty on the same openvas box to successfully 
connect.



Date: Thu, 17 Sep 2015 23:05:08 +0300
Subject: Re: [Openvas-discuss] Setting up SSH connection to WHM (CPanel) Centos 
Box
From: eero.voloti...@iki.fi
To: waltery...@hotmail.com
CC: openvas-discuss@wald.intevation.org

well, so it's using openvas 7. You should try centos 7 for scanning box and 
install openvas 8 from atomic corp repo.
--Eero
2015-09-17 22:57 GMT+03:00 Walter York <waltery...@hotmail.com>:



selinux does not appear to be installed on the openvas box... this is Kali v2
root@test02:~# getenforcebash: getenforce: command not foundroot@test02:~# cat 
/etc/sysconfig/selinuxcat: /etc/sysconfig/selinux: No such file or 
directoryroot@test02:~# 
dpkg -lii  sctpscan       0.1-1kali1   amd64        SCTP network scanner for 
discoverii  sed            4.2.2-4+b1   amd64        The GNU sed stream 
editorii  sendemail      1.56-5       all          lightweight, command line 
SMTP em


Date: Thu, 17 Sep 2015 22:37:57 +0300
Subject: Re: [Openvas-discuss] Setting up SSH connection to WHM (CPanel) Centos 
Box
From: eero.voloti...@iki.fi
To: waltery...@hotmail.com
CC: openvas-discuss@wald.intevation.org

Is selinux disabled on openvas box?
Eero
17.9.2015 10.27 ip. "Walter York" <waltery...@hotmail.com> kirjoitti:



I am trying to use OpenVAS to perform a vulnerability scan against a WHM 
(CPanel) VPS box.  I am unable to get OpenVAS to connect to it either by 
username/password or certificate/password.  However, on the same OpenVAS box, I 
can use putty to connect either way.  I have disabled ConfigServer Security & 
Firewall and ModSEC.
Here is output from /var/log/audit/audit.log on the target 
box...type=USER_LOGIN msg=audit(1442515160.849:6594): pid=31916 uid=0 
auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 
msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=75.*.*.* 
terminal=ssh res=failed'
I can use Putty on the same OpenVAS box and connect to my target using the same 
credential and password or certificate and password with no problems.           
                          

_______________________________________________

Openvas-discuss mailing list

Openvas-discuss@wald.intevation.org

https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
                                          

                                          
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss