[Openvas-discuss] Credentialed scanning problem

2015-03-25 Thread Michael Pacheco 
Hi, New OpenVAS 7 install from Packages onto CentOS 6.6 - no problems or errors 
during the install.

Configured a new single stored Credential with domain\user and password
Configured a new single IP target with the new named stored Credential
Configured a new Scan with Default Accounts, Policy,Service 
Detection,Settings,Windows and Windows: Microsoft Bulletins as the only NVT's 
selected

Ran the Scan with ICMP\TCP SYN

Ran Wireshark on my target host to see what was thrown at it.  Just got some 
icmp and tcp syn scans and nothing else.

Scan finished and the report just showed what you would expect from just an 
icmp ping and scan - 3 entries.  No authentication attempts against the target, 
nothing from the actual Scan that was set up.

I deleted the whole scan\credential\target setup on OpenVAS and reran the same 
setup making sure I saved at each step and went back to view and double check 
my work, same results.

Looked at /var/log/openvas/openvasmd.log and openvassd.log

Openvassd.log

[Wed Mar 25 12:53:29 2015][10196] Starts a new scan. Target(s) : xx.xx.xx.xx, 
with max_hosts = 20 and max_checks = 4
[Wed Mar 25 12:53:29 2015][10196] Testing xx.xx.xx.xx (:::xx.xx.xx.xx) 
[10213]
[Wed Mar 25 12:53:38 2015][10213] Finished testing xx.xx.xx.xx. Time : 8.30 secs
[Wed Mar 25 12:53:38 2015][10196] Test complete
[Wed Mar 25 12:53:38 2015][10196] Total time to scan all hosts : 13 seconds

Openvasmd.log

event task:MESSAGE:2015-03-25 12h53.24 UTC:10195: Status of task mike_PC 
(3cf2dd64-ebce-406e-821c-3ea442b7ba36) has changed to Requested
event task:MESSAGE:2015-03-25 12h53.24 UTC:10195: Task 
3cf2dd64-ebce-406e-821c-3ea442b7ba36 has been requested to start by admin
lib  serv:WARNING:2015-03-25 12h53.24 UTC:10195:Failed to gnutls_bye: Error 
in the push function.
base gpgme:MESSAGE:2015-03-25 12h53.25 UTC:10197: Setting GnuPG homedir to 
'/var/lib/openvas/gnupg'
base gpgme:MESSAGE:2015-03-25 12h53.25 UTC:10197: Using OpenPGP engine version 
'2.0.14'
event task:MESSAGE:2015-03-25 12h53.25 UTC:10197: Status of task mike_PC 
(3cf2dd64-ebce-406e-821c-3ea442b7ba36) has changed to Running
event task:MESSAGE:2015-03-25 12h53.38 UTC:10197: Status of task mike_PC 
(3cf2dd64-ebce-406e-821c-3ea442b7ba36) has changed to Done


In openvassd.dump I do see

SSH-DEBUG: Host xx.xx.xx.xx: no extended credentials configuration.
SSH-DEBUG: Host xx.xx.xx.xx: no extended credentials configuration.

Not sure where to go from here, questioning myself as to how to make the config 
under stand the difference between windows credentials for a windows box as I 
only see SSH credential attempt in this last log.

Any help is greatly appreciated.

Thanks, Mike






CONFIDENTIALITY NOTICE:
This e-mail and any files transmitted with it are confidential and may contain 
health information protected by law.  Any unauthorized use or disclosure is 
strictly prohibited.  If you are not the intended recipient, please notify the 
sender by return email, delete this email, and destroy any copies.  Please note 
that any views or opinions presented in this e-mail are solely those of the 
author and do not necessarily represent those of Southcoast.  The recipient 
should check this e-mail and any attachments for the presence of viruses. 
Southcoast accepts no liability for any damage caused by any virus transmitted 
by this e-mail.



___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Empty vulnerability titles in report

2015-03-25 Thread Andy Robinson 
 OpenVAS scans produce reports displaying multiple vulnerabilities with CVSS 
 values and associated risk levels, but no vulnerability title.
 
 Scans using both stock and customized scan configurations produce results 
 with no vulnerability title, which cannot be expanded within the GSA report 
 display. XML report format has mostly empty nvt section. One example plugin 
 oid is 1.3.6.1.4.1.25623.1.0.103440:
 
 result 
 id=2635fad3-c1a2-461b-9f9c-205343c89c8cuser_tagscount0/count/user_tagshost10.0.0.14/hostport443/tcp/portnvt
  
 oid=1.3.6.1.4.1.25623.1.0.103440name/family/cvss_base/cve/bid/tags/cert/xref//nvtscan_nvt_version$Revision:
  733 
 $/scan_nvt_versionthreatMedium/threatseverity4.3/severitydescriptionWeak
  ciphers offered by this service:
   SSL3_RSA_RC4_128_MD5
   SSL3_RSA_RC4_128_SHA
   SSL3_RSA_WITH_SEED_SHA
   SSL3_ECDHE_RSA_WITH_RC4_128_SHA
   TLS1_RSA_RC4_128_MD5
   TLS1_RSA_RC4_128_SHA
   
 TLS1_ECDHE_RSA_WITH_RC4_128_SHA/descriptionoriginal_threatMedium/original_threatoriginal_severity4.3/original_severitynotes/overrides//result
 
 Environment is 
 CentOS 6.5 32-bit with selinux disabled
 VirtualBox virtual machine (boot from USB with raw VMDK link; also tested on 
 bare metal hardware booting from same USB device)
 OpenVAS installed from Atomic repo (openvas-cli-1.3.1-6.el6.art.i686, 
 openvas-1.0-15.el6.art.noarch, openvas-scanner-4.0.6-19.el6.art.i686, 
 openvas-manager-5.0.9-28.el6.art.i686, 
 openvas-libraries-7.0.9-18.el6.art.i686)
 All software up to date (recent yum -y update)
 Plugins fully up to date and synchronized using 
 [services down]
 openvasad --sync-feed
 openvas-scapdata-sync
 openvasmd --update
 [services up]
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Credentialed scanning problem

2015-03-25 Thread Matthew Mundell 
Do you have a port scanner selected in your Config?  Usually it's nmap
(nasl wrapper) and Ping Host, from family Port Scanners.

--
Greenbone Networks GmbH
Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Empty vulnerability titles in report

2015-03-25 Thread Chris 
Hi,

 OpenVAS scans produce reports displaying multiple vulnerabilities with CVSS 
 values and associated risk levels, but no vulnerability title.

not quite sure if this is related but something similar was reported
some days ago at:

http://lists.wald.intevation.org/pipermail/openvas-discuss/2015-March/007548.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss