[Openvas-discuss] Scanning Windows devices for vulns and/or missing patches

2017-02-19 Thread Oliver Marshall 
Hi


Is there a plugin or feed we can use to help identify vulns in Windows devices? 
Currently, despite having SMB credentials set up in OV, we seem to get very 
little information about the Windows patching aspect.


I've used the demo virtual appliance (v8) against a newly installed Win7 VM 
without any patches installed, and I was expecting a lot more information about 
missing patches, or vulns that can be fixed with XYZ KB/Patch, but really 
didn't see much.


I found another post in the archive from some years back saying the same, and 
suggesting that WMI functionality needs to be added to OV. Is this still the 
case?


Olly


___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] CVSS scanning and reporting in OpenVAS

2017-02-19 Thread Oliver Marshall 
Hi


I have a dozen Windows servers that I need to produce CVSS scoring for.


Can this be done with OpenVAS? We already run a monthly Full report in OpenVAS 
to help find any key issues that need to be dealt with but I can't see an 
obvious mention of CVSS scores in the reports.


Any advice welcome.


Olly


--


[1465904452611_logo_charcoal2_200.png]


Phone: 0333 344 2180

Email: oliver.marsh...@oakson.co.uk


Web: http://oakson.co.uk

Twitter: @oaksonltd

Facebook: /oaksonltd
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Scanning all ports for all vulnerabilities

2013-03-17 Thread Oliver Marshall 
What's the best way to go about running a scan for all vulnerabilities in
the OpenVAS feed against all ports on all machines in our network?

There's various profiles that can be used but they all appear to be
checking for different bits here and there.

Olly

-- 
Network Support
Online Backups
Server Management

Tel: 0845 307 3443
Web: http://www.g2support.com
Twitter: g2support http://twitter.com/home?status=@g2support
Google+: http://www.g2support.com/plus
Facebook: http://www.facebook.com/g2support
Mail: Unit H, Hove Technology Centre, Hove, Sussex, BN3 7ES

Have you said something nice about us to a friend or colleague ? Let us say 
thanks. Find out more at www.g2support.com/referral

G2 Support LLP is registered at Mill House, 103 Holmes Avenue, HOVE
BN3 7LE. Our registered company number is OC316341.

  
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Sanity check

2012-09-28 Thread Oliver Marshall 
Hi chaps

Can someone check my sanity for me?

We appear to be picking the worlds most secure servers as tests for our
Open-VAS implementation. Our web server for example seems to have 2
vulnerabilities, both very minor. Bespoke Tomcat based services that we
have running based on a really old version of apache appear to get away
with no vulnerabilities at all.

Can you check www.g2support.com for me, as an example?

Beat me with a stick if this isn't the done thing but I just want to make
sure we are getting decent results.

Olly

-- 
Network Support
Online Backups
Server Management

Tel: 0845 307 3443
Web: http://www.g2support.com
Twitter: g2support http://twitter.com/home?status=@g2support
Google+: http://www.g2support.com/plus
Facebook: http://www.facebook.com/g2support
Mail: Unit H, Hove Technology Centre, Hove, Sussex, BN3 7ES

Have you said something nice about us to a friend or colleague ? Let us say 
thanks. Find out more at www.g2support.com/referral

G2 Support LLP is registered at Mill House, 103 Holmes Avenue, HOVE
BN3 7LE. Our registered company number is OC316341.

 
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Range header DoS vulnerability Apache HTTPD 1.3/2.x

2012-09-20 Thread Oliver Marshall 
Out of curiosity, how can we find that out ourselves? I mean if we see a
published vulnerability is there a way to find out which NVT can be used to
perform that type of scan?

Olly

On 20 September 2012 08:14, Michael Meyer michael.me...@greenbone.netwrote:

 Hello,

 *** Xinhuan Zheng wrote:

  We use latest OpenVAS tool version 5 to do internal scan in our company.
  However, recently we found that there is one particular apache
  vulnerability not caught by this tool. This vulnerability is documented
 in
  this link:
 
 
 http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3C2011
  0824161640.122d38...@minotaur.apache.org%3E
 
  To make this tool more useful, can openvas community work on this issue
  and add appropriate plugin for this vulnerability?

 this is covered by 'secpod_apache_http_srv_range_header_dos_vuln.nasl'.

 If this NVT doesn't work for you, please let us know your apache version
 and what the response of the following request is:

 HEAD / HTTP/1.1
 Host: hostname
 User-Agent: Apache Range Header Agent
 Accept-Encoding: gzip
 Range:

 bytes=5-0,5-1,5-2,5-3,5-4,5-5,5-6,5-7,5-8,5-9,5-10,5-11,5-12,5-13,5-14,5-15,5-16,5-17,5-18,5-19,5-20,5-21,5-22,5-23,5-24,5-25,5-26,5-27,5-28,5-29
 Connection: close

 Micha

 --
 Michael MeyerOpenPGP Key: 52A6EFA6
 http://www.greenbone.net/
 Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
 Osnabrück, HR B 202460
 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


-- 
Network Support
Online Backups
Server Management

Tel: 0845 307 3443
Web: http://www.g2support.com
Twitter: g2support http://twitter.com/home?status=@g2support
Google+: http://www.g2support.com/plus
Facebook: http://www.facebook.com/g2support
Mail: Unit H, Hove Technology Centre, Hove, Sussex, BN3 7ES

Have you said something nice about us to a friend or colleague ? Let us say 
thanks. Find out more at www.g2support.com/referral

G2 Support LLP is registered at Mill House, 103 Holmes Avenue, HOVE
BN3 7LE. Our registered company number is OC316341.

 
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Showing hostname in reports

2012-08-13 Thread Oliver Marshall 
Is it possible to get the hostname shown in reports as well as the IP
address of the target machine?

When doing subnet scans we've found that the scan often takes longer than
the DHCP lease and as a result the IP addresses in use at the end of the
report aren't always the same as those in place at the start.

Showing the hostname would, lets face it, make it a lot easier to refer to
the target machines when trying to resolve the issues.

Olly

-- 
Network Support
Online Backups
Server Management

Tel: 0845 307 3443
Web: http://www.g2support.com
Twitter: g2support http://twitter.com/home?status=@g2support
Google+: http://www.g2support.com/plus
Facebook: http://www.facebook.com/g2support
Mail: Unit H, Hove Technology Centre, Hove, Sussex, BN3 7ES

Have you said something nice about us to a friend or colleague ? Let us say 
thanks. Find out more at www.g2support.com/referral

G2 Support LLP is registered at Mill House, 103 Holmes Avenue, HOVE
BN3 7LE. Our registered company number is OC316341.

 
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss