OpenVAS support also OpenSSH v2. Maybe you should install centos 7 and openvas 8.
I don't know anything about version on kali linux, it might be buggy. -- Eero 2015-09-18 5:50 GMT+03:00 Walter York <[email protected]>: > Given the logs below, seems like OpenVAS only supports v1.x SSH protocol? > Is this only with Kali2 version of OpenVAS? > > Sep 15 17:16:01 bh01 sshd[10035]: Protocol major versions differ for > 75.*.*.*: SSH-2.0-OpenSSH_6.6.1 vs. SSH-1.33-OpenVASSSH_1.0 > Sep 15 17:16:01 bh01 sshd[10036]: Protocol major versions differ for > 75.*.*.*: SSH-2.0-OpenSSH_6.6.1 vs. SSH-1.5-OpenVASSSH_1.0 > Sep 15 17:16:50 bh01 sshd[10080]: Did not receive identification string > from 75.*.*.* > Sep 15 17:22:02 bh01 sshd[10381]: Did not receive identification string > from 75.*.*.* > Thursday, 17 September 2015, 05:53PM -04:00 from Eero Volotinen < > [email protected]>: > > > You should study your os a bit, to at least get ssh login information to > logs. > > If I remember correctly, it's located in /var/log/secure (centos) and at > least is should be default on many os versions. > > -- > Eero > > 2015-09-17 23:57 GMT+03:00 Walter York <[email protected] > <https://e-aj.my.com/compose/?mailto=mailto%[email protected]>>: > > Apologies for my ignorance... > > I have updated /etc/ssh/sshd_config > SyslogFacility AUTHPRIV > LogLevel VERBOSE > > service sshd restart > > > I don't have: /var/log/auth.log > > the following do not appear to contain any extra detail than before... > /var/log/messages > /var/log/audit.log > > How and where do I enable the type of auditing you are looking for... > please assume that I am an imbecile with your instructions... > > > > ------------------------------ > Date: Thu, 17 Sep 2015 23:20:28 +0300 > > Subject: Re: [Openvas-discuss] Setting up SSH connection to WHM (CPanel) > Centos Box > From: [email protected] > <https://e-aj.my.com/compose/?mailto=mailto%[email protected]> > To: [email protected] > <https://e-aj.my.com/compose/?mailto=mailto%[email protected]> > CC: [email protected] > <https://e-aj.my.com/compose/?mailto=mailto%3aopenvas%[email protected]> > > Hard to say, as you are not showing any relevant logs of this issue. > > You should enable enought log level of scanned box on sshd and provide > relevant output .. > > Eero > > 2015-09-17 23:17 GMT+03:00 Walter York <[email protected] > <https://e-aj.my.com/compose/?mailto=mailto%[email protected]>>: > > I "could" go through the time to create a centos 7 OpenVAS box but that > would take away from the ease of having a single VM (Kali 2) to perform all > of my testing activities. Is there some known issue that openvas 7 won't > authenticate to certain servers via SSH that would necessitate a version > upgrade? > > Something of interest in the target log is: op=login acct="(unknown)". > Yet I have properly entered the root account as the login within OpenVAS. > I must stress that I am able to use Putty on the same openvas box to > successfully connect. > > > > > ------------------------------ > Date: Thu, 17 Sep 2015 23:05:08 +0300 > > Subject: Re: [Openvas-discuss] Setting up SSH connection to WHM (CPanel) > Centos Box > From: [email protected] > <https://e-aj.my.com/compose/?mailto=mailto%[email protected]> > To: [email protected] > <https://e-aj.my.com/compose/?mailto=mailto%[email protected]> > CC: [email protected] > <https://e-aj.my.com/compose/?mailto=mailto%3aopenvas%[email protected]> > > well, so it's using openvas 7. You should try centos 7 for scanning box > and install openvas 8 from atomic corp repo. > > -- > Eero > > 2015-09-17 22:57 GMT+03:00 Walter York <[email protected] > <https://e-aj.my.com/compose/?mailto=mailto%[email protected]>>: > > selinux does not appear to be installed on the openvas box... this is Kali > v2 > > root@test02:~# getenforce > bash: getenforce: command not found > root@test02:~# cat /etc/sysconfig/selinux > cat: /etc/sysconfig/selinux: No such file or directory > root@test02:~# > > dpkg -l > > ii sctpscan 0.1-1kali1 amd64 SCTP network scanner for > discover > ii sed 4.2.2-4+b1 amd64 The GNU sed stream editor > ii sendemail 1.56-5 all lightweight, command line > SMTP em > > > > ------------------------------ > Date: Thu, 17 Sep 2015 22:37:57 +0300 > Subject: Re: [Openvas-discuss] Setting up SSH connection to WHM (CPanel) > Centos Box > From: [email protected] > <https://e-aj.my.com/compose/?mailto=mailto%[email protected]> > To: [email protected] > <https://e-aj.my.com/compose/?mailto=mailto%[email protected]> > CC: [email protected] > <https://e-aj.my.com/compose/?mailto=mailto%3aopenvas%[email protected]> > > Is selinux disabled on openvas box? > > Eero > 17.9.2015 10.27 ip. "Walter York" <[email protected] > <https://e-aj.my.com/compose/?mailto=mailto%[email protected]>> > kirjoitti: > > I am trying to use OpenVAS to perform a vulnerability scan against a WHM > (CPanel) VPS box. I am unable to get OpenVAS to connect to it either by > username/password or certificate/password. However, on the same OpenVAS > box, I can use putty to connect either way. I have disabled ConfigServer > Security & Firewall and ModSEC. > > Here is output from /var/log/audit/audit.log on the target box... > type=USER_LOGIN msg=audit(1442515160.849:6594): pid=31916 uid=0 > auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 > msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? > addr=75.*.*.* terminal=ssh res=failed' > > I can use Putty on the same OpenVAS box and connect to my target using the > same credential and password or certificate and password with no problems. > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > <https://e-aj.my.com/compose/?mailto=mailto%3aopenvas%[email protected]> > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > > > >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
