[Openvas-discuss] Which ports

2016-06-24 Thread Corti Matteo (ID BD)
Hi I would like to scan for default Tomcat users and passwords on machines running Tomcat on non-standard ports. When I look at the plugin "Apache Tomcat Default Accounts” (http://plugins.openvas.org/nasl.php?oid=11204) I see port = get_http_port(default:8080); if ( ! port ) exit(0); it seems

Re: [Openvas-discuss] openvassd hanging

2016-05-20 Thread Corti Matteo (ID BD)
Hi Disabled. $ sestatus SELinux status: disabled Matteo > On 20 May 2016, at 15:35, Eero Volotinen <eero.voloti...@iki.fi> wrote: > > Is the SELinux disabled or in the permissive mode? > > Eero > > 2016-05-20 15:31 GMT+03:00 Corti Matteo (ID BD) &

[Openvas-discuss] openvassd hanging

2016-05-20 Thread Corti Matteo (ID BD)
Hi, I have a problem with openvassd hanging while starting: connect(6, {sa_family=AF_LOCAL, sun_path="/tmp/redis.sock"}, 110) = 0 fcntl64(6, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK) fcntl64(6, F_SETFL, O_RDWR) = 0 write(6,

[Openvas-discuss] Running a script: how to specify a parameter

2016-05-25 Thread Corti Matteo (ID BD)
Hi I would like to run a single test on the command line, for example (http://plugins.openvas.org/nasl.php?oid=803477) openvas-nasl -X -t IP -i /var/lib/openvas/plugins /var/lib/openvas/plugins/2013/gb_miniweb_file_upload_n_dir_trav_vuln.nasl -T - Seems to work but I did not find out how to

Re: [Openvas-discuss] SMB Brute Force Logins With Default Credentials (OID: 1.3.6.1.4.1.25623.1.0.804449)

2016-08-08 Thread Corti Matteo (ID BD)
Server=[Samba 3.6.23-35.el6_8] tree connect failed: NT_STATUS_BAD_NETWORK_NAME It is not a problem with the smbclient syntax. I can also try to mount the share with an OS X or Windows machine. Same result. Matteo > > 2016-08-08 17:22 GMT+03:00 Corti Matteo (ID BD) <co...@ethz.ch

Re: [Openvas-discuss] SMB Brute Force Logins With Default Credentials (OID: 1.3.6.1.4.1.25623.1.0.804449)

2016-08-08 Thread Corti Matteo (ID BD)
o problem with NVT. > > Eero > > 2016-08-08 21:45 GMT+03:00 Corti Matteo (ID BD) <co...@ethz.ch > <mailto:co...@ethz.ch>>: > Hi > >> On 08 Aug 2016, at 16:42 , Eero Volotinen <eero.voloti...@iki.fi >> <mailto:eero.voloti...@iki.fi>> wrote: &

Re: [Openvas-discuss] SMB Brute Force Logins With Default Credentials (OID: 1.3.6.1.4.1.25623.1.0.804449)

2016-08-08 Thread Corti Matteo (ID BD)
Hi > On 08 Aug 2016, at 20:55 , Reindl Harald wrote: >> Well. exposing samba protocol to internet without ipsec is not wise >> thing to do. It might be also problem with NVT > > it's not unwise, it's just a *absolute* no-go having samba/nfs/netatalk on a > wan-interface

Re: [Openvas-discuss] SMB Brute Force Logins With Default Credentials (OID: 1.3.6.1.4.1.25623.1.0.804449)

2016-08-09 Thread Corti Matteo (ID BD)
ks like it's connecting to IPC$ share. > > -- > Eero > > 2016-08-08 22:01 GMT+03:00 Corti Matteo (ID BD) <co...@ethz.ch > <mailto:co...@ethz.ch>>: > Dear Eero > > I appreciate the help but the question is not how to secure/firewall the > server. The questi

[Openvas-discuss] SMB Brute Force Logins With Default Credentials (OID: 1.3.6.1.4.1.25623.1.0.804449)

2016-08-08 Thread Corti Matteo (ID BD)
Hi a recent scan shows a lot of hosts with SMB Brute Force Logins With Default Credentials (OID: 1.3.6.1.4.1.25623.1.0.804449) with the following result

[Openvas-discuss] Problem starting gsa

2017-01-31 Thread Corti Matteo (ID BD)
Hi Since a couple of days I am no more able to start gsa. For example $ /usr/sbin/gsad --port=9392 --mport=9390 --mlisten=127.0.0.1 --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0 -vvv give no output with the following entries in the log file

Re: [Openvas-discuss] Problem starting gsa

2017-01-31 Thread Corti Matteo (ID BD)
ne.net> > wrote: > > Hi, > > On 31.01.2017 11:56, Corti Matteo (ID BD) wrote: >> Why is gsad trying to use port 80? > > i think because of the following: > >> gsad main: DEBUG:2017-01-31 10h49.22 utc:24067: Forking for redirect... >> gsad main:WARNING:2017

Re: [Openvas-discuss] Problem starting gsa

2017-01-31 Thread Corti Matteo (ID BD)
> next time mention your operating system and package versions > https://bugzilla.redhat.com/show_bug.cgi?id=1416034 > > a new build is in testing and and then 0.9.52 should work too > > Am 31.01.2017 um 11:56 schrieb Corti Matteo (ID BD): >> give no output with t

[Openvas-discuss] False positives by pfile Multiple Cross Site Scripting and SQL Injection Vulnerabilities

2016-09-20 Thread Corti Matteo (ID BD)
Hi I get a warning for "pfile Multiple Cross Site Scripting and SQL Injection Vulnerabilities” (http://plugins.openvas.org/nasl.php?oid=103435) The tested server hosts MailCleaner (http://www.mailcleaner.net), an mail filter which does *not* use pfile The plugin tries to access

Re: [Openvas-discuss] Scans go letargic after a while

2016-10-17 Thread Corti Matteo (ID BD)
Hi > On 17.10.2016 13:53, Corti Matteo (ID BD) wrote: >> I have to stop redis, delete /var/lib/redis/dump.rdb and restart redis. > > this sounds like the known redis issues which where discussed here at > the ML in the past. See the following ML post for a possible work

[Openvas-discuss] Scans go letargic after a while

2016-10-17 Thread Corti Matteo (ID BD)
Hi When I start a scan it goes well for a short while (3%-4%) and then OpenVAS stops doing anything. Load of the machine sinks to almost 0 and ps shows root 881 0.0 0.2 186268 47860 ?SN Oct16 0:00 openvassd: testing 129.132.202.80 root 1006 0.1 0.2 162792 38284 ?

[Openvas-discuss] Process XY (OID: XY) seems to have died too early

2017-11-20 Thread Corti Matteo (ID BD)
Hi I am using Openvas 9 and I often (every couple of days) see the following error in the log Process 3457 (OID: 1.3.6.1.4.1.25623.1.0.100871) seems to have died too early After the sudden stop, I am not able to start any scan. I have to: kill the scanner kill the manager stop redis

Re: [Openvas-discuss] Creating new alerts hangs

2018-05-15 Thread Corti Matteo (ID BD)
Hi I just noticed that I can create a task when adding the IPs with a file. But I have the same problem (“Creating…” forever) when creating an email alert Matteo > On 9 May 2018, at 12:14 , Corti Matteo (ID BD) <co...@ethz.ch> wrote: > > Hi > > When trying to create

[Openvas-discuss] Forcing a deep scan

2018-05-15 Thread Corti Matteo (ID BD)
Hi I have a target configured with a "Full and fast ultimate” config. We now installed a lot of new stuff on the targeted machines but I am not able to tell OpenVAS to *temporarily* ignore the last scans and perform a “very deep” scan. Is there a quick way or creating a new Task is the only

Re: [Openvas-discuss] Creating new alerts hangs

2018-06-13 Thread Corti Matteo (ID BD)
Hi If anyone is interested: it seems related to Safari on macOS. With Chrome it works … Matteo -- ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich Tel +41 44 63 27944, http://www.id.ethz.ch > On 15 May 2018, at 09:08, Corti Matteo (ID