it just logs server via ssh and runs local commands. -- Eero
2017-03-05 17:06 GMT+02:00 Vito Logrillo <[email protected]>: > Thanks for your reply, > but i'm trying to figure out how an authenticated scan works: Should i > download and install a software? Or a bash script?Or something else? > Thanks > > 2017-03-05 12:42 GMT+01:00 Eero Volotinen <[email protected]>: > >> autheticated scan requires usually supported platform. at this moment >> only major linux distributions are supported. >> >> Eero >> >> 5.3.2017 1.33 ip. "Reindl Harald" <[email protected]> kirjoitti: >> >>> >>> >>> Am 05.03.2017 um 11:58 schrieb Vito Logrillo: >>> >>>> Hi All, >>>> sorry for my noob question, but i'm trying to understand how security >>>> scans work. My target is a custom linux distribution on an IoT system: i >>>> can set-up an SSH connection but i can't download any package in a >>>> simple way. >>>> 1. To perform an authenticated scan, an agent or a software should be >>>> downloaded on the target machine? Or a shell script? >>>> 2. Which are the benefits? It can check all installed packages? Even if >>>> they are not active? >>>> >>> >>> the benefit is that it can also check services where the ports are not >>> reachable from the network >>> >>> depending on what service and the complete setup a vunerability on >>> whatever is running can become very quickly a remote exploit - simple >>> example: you allow users to upload php-scripts on your webserver - from >>> that moment on your services on 127.0.0.1 are no longer isloated until you >>> disable a lot of php functionality >>> _______________________________________________ >>> Openvas-discuss mailing list >>> [email protected] >>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/o >>> penvas-discuss >>> >> >> _______________________________________________ >> Openvas-discuss mailing list >> [email protected] >> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/o >> penvas-discuss >> > > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
