Hi, New OpenVAS 7 install from Packages onto CentOS 6.6 - no problems or errors
during the install.
Configured a new single stored Credential with domain\user and password
Configured a new single IP target with the new named stored Credential
Configured a new Scan with Default Accounts, Policy,Service
Detection,Settings,Windows and Windows: Microsoft Bulletins as the only NVT's
selected
Ran the Scan with ICMP\TCP SYN
Ran Wireshark on my target host to see what was thrown at it. Just got some
icmp and tcp syn scans and nothing else.
Scan finished and the report just showed what you would expect from just an
icmp ping and scan - 3 entries. No authentication attempts against the target,
nothing from the actual Scan that was set up.
I deleted the whole scan\credential\target setup on OpenVAS and reran the same
setup making sure I saved at each step and went back to view and double check
my work, same results.
Looked at /var/log/openvas/openvasmd.log and openvassd.log
Openvassd.log
[Wed Mar 25 12:53:29 2015][10196] Starts a new scan. Target(s) : xx.xx.xx.xx,
with max_hosts = 20 and max_checks = 4
[Wed Mar 25 12:53:29 2015][10196] Testing xx.xx.xx.xx (:::xx.xx.xx.xx)
[10213]
[Wed Mar 25 12:53:38 2015][10213] Finished testing xx.xx.xx.xx. Time : 8.30 secs
[Wed Mar 25 12:53:38 2015][10196] Test complete
[Wed Mar 25 12:53:38 2015][10196] Total time to scan all hosts : 13 seconds
Openvasmd.log
event task:MESSAGE:2015-03-25 12h53.24 UTC:10195: Status of task mike_PC
(3cf2dd64-ebce-406e-821c-3ea442b7ba36) has changed to Requested
event task:MESSAGE:2015-03-25 12h53.24 UTC:10195: Task
3cf2dd64-ebce-406e-821c-3ea442b7ba36 has been requested to start by admin
lib serv:WARNING:2015-03-25 12h53.24 UTC:10195:Failed to gnutls_bye: Error
in the push function.
base gpgme:MESSAGE:2015-03-25 12h53.25 UTC:10197: Setting GnuPG homedir to
'/var/lib/openvas/gnupg'
base gpgme:MESSAGE:2015-03-25 12h53.25 UTC:10197: Using OpenPGP engine version
'2.0.14'
event task:MESSAGE:2015-03-25 12h53.25 UTC:10197: Status of task mike_PC
(3cf2dd64-ebce-406e-821c-3ea442b7ba36) has changed to Running
event task:MESSAGE:2015-03-25 12h53.38 UTC:10197: Status of task mike_PC
(3cf2dd64-ebce-406e-821c-3ea442b7ba36) has changed to Done
In openvassd.dump I do see
SSH-DEBUG: Host xx.xx.xx.xx: no extended credentials configuration.
SSH-DEBUG: Host xx.xx.xx.xx: no extended credentials configuration.
Not sure where to go from here, questioning myself as to how to make the config
under stand the difference between windows credentials for a windows box as I
only see SSH credential attempt in this last log.
Any help is greatly appreciated.
Thanks, Mike
CONFIDENTIALITY NOTICE:
This e-mail and any files transmitted with it are confidential and may contain
health information protected by law. Any unauthorized use or disclosure is
strictly prohibited. If you are not the intended recipient, please notify the
sender by return email, delete this email, and destroy any copies. Please note
that any views or opinions presented in this e-mail are solely those of the
author and do not necessarily represent those of Southcoast. The recipient
should check this e-mail and any attachments for the presence of viruses.
Southcoast accepts no liability for any damage caused by any virus transmitted
by this e-mail.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss