Hi Jan, Christian, I didn't know that Backtrack was discontinued. However, yesterday I also tried to perform local security checks using OpenVAS 5 and GSD from a Ubuntu 12.10 machine. To my surprise I could not find the Credentials NVT familiy nor the SSH Authorization plug-in settings.
Afterwards, I created a username-password pair using the Credentials tab/feature and assigned it to a new target in the SSH Credentials drop-down list. Apparently local security checks did work this way as I could see in my report and in my Wireshark log. I am a bit confused to why this worked and why the SSH Authorization plug-in was not visible in GSD version 1.2.2. This same plug-in is visible in GSD 1.2.1 which is pre-installed on Backtrack 5 r3. Therefore, I asked another question on the mailing list about SSH credentials. Please let me know if you know the answer. Kind regards, J Date: Wed, 13 Mar 2013 12:50:59 +0100 From: "Jan-Oliver Wagner" <[email protected]> To: [email protected] Subject: Re: [Openvas-plugins] Performing local security checks with OpenVAS 5 from Backtrack 5 r3 Message-ID: <[email protected]> Content-Type: Text/Plain; charset="iso-8859-1" Hi Jeff, I saw a couple of user questions already about OpenVAS on Backtrack. But it seems, no developer or other active OpenVAS contributor uses Backtrack at the moment. At least my respective question on OpenVAS-devel mailing list remained unanswered. I do not even know which version of OpenVAS is currently supported by Backtrack ... Have you tried the Backtrack community about using OpenVAS-on-Backtrack? Best Jan On Dienstag, 12. M?rz 2013, Jeff Wilson wrote: > I'm trying to perform local security checks using OpenVAS on a remote > machine, from my Backtrack5r3 machine. I have followed the official OpenVAS > guide "Howto: Perform local security > checks<http://www.openvas.org/performing_lsc.html>" > and I have checked that connecting via SSH both with and without a password > to the remote machine from my Backtrack machine works. However, when I > start a Task in OpenVAS and monitor the network traffic using Wireshark, I > see that there is absolutely NO packet captured, which uses the SSH > protocol. I mean that OpenVAS does not even attempt to connect to the > remote machine via SSH. > > The OpenVAS report is empty which leads me to believe there are some > missing dependencies and/or configuration issues. However, I was expecting > Backtrack to be able to do OpenVAS local security checks out-of-the-box. > > *Note* that if I run a "Full and fast" scan on the same machine the OpenVAS > report does contain threats and logs, which are normal for a remote scan. > However, I want to perform a local security check which requires my machine > to log-into the remote machine via SSH. > > Does anyone have an idea about how I can fix this problem? There isn't too > much out there on OpenVAS local security checks. > -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner ------------------------------ _______________________________________________ Openvas-plugins mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
