Re: [Openvas-discuss] Noob question on authenticated scans

Sun, 05 Mar 2017 07:41:26 -0800 


Am 05.03.2017 um 16:38 schrieb Vito Logrillo:

So an SSH connection is enough?No download on a target machine?
If it runs locals commands and they are supported by target machine, it
is enough?
Where can i find the commands used?
Last question: on web interface in "Target->Credentials->New Credential"
i can't setup the SSH port...it works only on port 22?



a security scanner is supposed to find the ssh port itself since it's 
scanning for vulnerable versions based on the server greeting anyways



2017-03-05 16:10 GMT+01:00 Eero Volotinen <[email protected]
<mailto:[email protected]>>:

    it just logs server via ssh and runs local commands.

    --
    Eero

    2017-03-05 17:06 GMT+02:00 Vito Logrillo <[email protected]
    <mailto:[email protected]>>:

        Thanks for your reply,
        but i'm trying to figure out how an authenticated scan works:
        Should i download and install a software? Or a bash script?Or
        something else?
        Thanks

        2017-03-05 12:42 GMT+01:00 Eero Volotinen <[email protected]
        <mailto:[email protected]>>:

            autheticated scan requires usually supported platform. at
            this moment only major linux distributions are supported.

            Eero

            5.3.2017 1.33 ip. "Reindl Harald" <[email protected]
            <mailto:[email protected]>> kirjoitti:



                Am 05.03.2017 <tel:05.03.2017> um 11:58 schrieb Vito
                Logrillo:

                    Hi All,
                    sorry for my noob question, but i'm trying to
                    understand how security
                    scans work. My target is a custom linux distribution
                    on an IoT system: i
                    can set-up an SSH connection but i can't download
                    any package in a
                    simple way.
                    1. To perform an authenticated scan, an agent or a
                    software should be
                    downloaded on the target machine? Or a shell script?
                    2. Which are the benefits? It can check all
                    installed packages? Even if
                    they are not active?


                the benefit is that it can also check services where the
                ports are not reachable from the network

                depending on what service and the complete setup a
                vunerability on whatever is running can become very
                quickly a remote exploit - simple example: you allow
                users to upload php-scripts on your webserver - from
                that moment on your services on 127.0.0.1 are no longer
                isloated until you disable a lot of php functionality

_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss






















					Reply via email to