Plugins Question

Discussion:

Plugins Question

Turner, Jonas

2014-09-19 14:22:48 UTC

Do the plugins scan for outdated versions of 3rd party software and missing OS patches? I would assume the credentialed scans would detect those missing and I would see results. Reason why I ask is because this is why I assume my credentialed scans don't work. I am not seeing any of this information and my non-credentialed and credentialed scans report back the same results.

Jonas Turner Security Analyst II
Ph: 419.254.4890Fax: 419.252.5557
E-mail: ***@hcr-manorcare.com<mailto:***@hcr-manorcare.com>

Antu Sanadi

2014-09-22 08:33:18 UTC

Permalink

Hello,

Yes, OpenVAS will detect for the outdated versions of 3rd party softwares.
May be you are scan-config for credential scans in not proper.

are you able to login to the target machine?

Thanks,
Antu Sanadi

Do the plugins scan for outdated versions of 3^rd party software and
missing OS patches? I would assume the credentialed scans would
detect those missing and I would see results. Reason why I ask is
because this is why I assume my credentialed scans donât work. I am
not seeing any of this information and my non-credentialed and
credentialed scans report back the same results.
*Jonas Turner â Security Analyst II*
*Ph: 419.254.4890âFax: 419.252.5557*
CONFIDENTIALITY NOTICE The information contained in this transmission
is intended only for the person or entity to which it is addressed and
may contain confidential and/or privileged material. If you are not
the intended recipient of this information, do not review, retransmit,
disclose, disseminate, use, or take any action in reliance upon, this
information. If you received this transmission in error, please
contact the sender, destroy all printed copies, and delete the
material from all computers. ÂÂ
_______________________________________________
Openvas-discuss mailing list
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

--
Saner Personal
A free vulnerability mitigation
software. Build strong defense.
http://www.secpod.com/saner-personal.html

Turner, Jonas

2014-09-22 12:26:34 UTC

Permalink

I have tried four different credentials on MANY different machines and even a local laptop with a VERY generic password. Results are always the same and never do anything differently. I do see a 2014 and 2013 folder in the plugins folder. Do those get used? Are those for the 3rd party and windows updates?

From: Openvas-discuss [mailto:openvas-discuss-***@wald.intevation.org] On Behalf Of Antu Sanadi
Sent: Monday, September 22, 2014 4:33 AM
To: openvas-***@wald.intevation.org
Subject: Re: [Openvas-discuss] Plugins Question

Hello,

Yes, OpenVAS will detect for the outdated versions of 3rd party softwares.
May be you are scan-config for credential scans in not proper.

are you able to login to the target machine?

Thanks,
Antu Sanadi

On Friday 19 September 2014 07:52 PM, Turner, Jonas wrote:
Do the plugins scan for outdated versions of 3rd party software and missing OS patches? I would assume the credentialed scans would detect those missing and I would see results. Reason why I ask is because this is why I assume my credentialed scans donât work. I am not seeing any of this information and my non-credentialed and credentialed scans report back the same results.

Jonas Turner â Security Analyst II
Ph: 419.254.4890âFax: 419.252.5557
E-mail: ***@hcr-manorcare.com<mailto:***@hcr-manorcare.com>

CONFIDENTIALITY NOTICE The information contained in this transmission is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the intended recipient of this information, do not review, retransmit, disclose, disseminate, use, or take any action in reliance upon, this information. If you received this transmission in error, please contact the sender, destroy all printed copies, and delete the material from all computers. ÂÂ

_______________________________________________

Openvas-discuss mailing list

Openvas-***@wald.intevation.org<mailto:Openvas-***@wald.intevation.org>

https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

--
Saner Personal

A free vulnerability mitigation

software. Build strong defense.

http://www.secpod.com/saner-personal.html

Antu Sanadi

2014-09-22 13:00:55 UTC

Permalink

I think its not able login to the target machine, If its able to login
then sure it will
detect all new and outdated vulnerable versions.

Please have a look at,
http://www.greenbone.net/learningcenter/auth_scans.html

Whatever sub directories are present in plugins directory those will be
get used,
These are the only conventions to plugins which are developed in
respective year.

Your report should have the following(if login success)

WINDOWS:
Summary
This script attempts to logon into the remote host using login/password
credentials.
Vulnerability Detection Result
It was possible to log into the remote host using the SMB protocol.
Log Method
Details: SMB log in (OID: 1.3.6.1.4.1.25623.1.0.10394)

LINUX:
Summary
This script tries to login with provided credentials.
If the login was successful, it marks this port as available for any
authenticated tests.
Vulnerability Detection Result
It was possible to login using the provided SSH credentials.
Hence authenticated checks are enabled.
Log Method
Details: SSH Authorization Check (OID: 1.3.6.1.4.1.25623.1.0.90022)

Please let me if it not works.

Thanks,
Antu Sanadi

*From:*Openvas-discuss
*Antu Sanadi
*Sent:* Monday, September 22, 2014 4:33 AM
*Subject:* Re: [Openvas-discuss] Plugins Question
Hello,
Yes, OpenVAS will detect for the outdated versions of 3rd party softwares.
May be you are scan-config for credential scans in not proper.
are you able to login to the target machine?
Thanks,
Antu Sanadi
Do the plugins scan for outdated versions of 3^rd party software
and missing OS patches? I would assume the credentialed scans
would detect those missing and I would see results. Reason why I
ask is because this is why I assume my credentialed scans donât
work. I am not seeing any of this information and my
non-credentialed and credentialed scans report back the same results.
*Jonas Turner â Security Analyst II*
*Ph: 419.254.4890âFax: 419.252.5557*
CONFIDENTIALITY NOTICE The information contained in this
transmission is intended only for the person or entity to which it
is addressed and may contain confidential and/or privileged
material. If you are not the intended recipient of this
information, do not review, retransmit, disclose, disseminate,
use, or take any action in reliance upon, this information. If you
received this transmission in error, please contact the sender,
destroy all printed copies, and delete the material from all
computers. ÂÂ
_______________________________________________
Openvas-discuss mailing list
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
--
Saner Personal
A free vulnerability mitigation
software. Build strong defense.
http://www.secpod.com/saner-personal.html
CONFIDENTIALITY NOTICE The information contained in this transmission
is intended only for the person or entity to which it is addressed and
may contain confidential and/or privileged material. If you are not
the intended recipient of this information, do not review, retransmit,
disclose, disseminate, use, or take any action in reliance upon, this
information. If you received this transmission in error, please
contact the sender, destroy all printed copies, and delete the
material from all computers. ÂÂ

--
Saner Personal
A free vulnerability mitigation
software. Build strong defense.
http://www.secpod.com/saner-personal.html

Turner, Jonas

2014-09-22 13:15:43 UTC

Permalink

Is there a .log file I can check to see because I KNOW my credentials work. I have tested them with another system and verified they work remotely. I also already did everything on that website as well as a test, and still getting same results. â¹ I need to see or have a debug option turned on so I can see whatâs going on.

From: Antu Sanadi [mailto:***@secpod.com]
Sent: Monday, September 22, 2014 9:01 AM
To: Turner, Jonas; openvas-***@wald.intevation.org
Subject: Re: [Openvas-discuss] Plugins Question

On Monday 22 September 2014 05:56 PM, Turner, Jonas wrote:
I have tried four different credentials on MANY different machines and even a local laptop with a VERY generic password. Results are always the same and never do anything differently. I do see a 2014 and 2013 folder in the plugins folder. Do those get used? Are those for the 3rd party and windows updates?

I think its not able login to the target machine, If its able to login then sure it will
detect all new and outdated vulnerable versions.

Please have a look at, http://www.greenbone.net/learningcenter/auth_scans.html

Whatever sub directories are present in plugins directory those will be get used,
These are the only conventions to plugins which are developed in respective year.

Your report should have the following(if login success)

WINDOWS:
Summary
This script attempts to logon into the remote host using login/password credentials.
Vulnerability Detection Result
It was possible to log into the remote host using the SMB protocol.
Log Method
Details: SMB log in (OID: 1.3.6.1.4.1.25623.1.0.10394)

LINUX:
Summary
This script tries to login with provided credentials.
If the login was successful, it marks this port as available for any authenticated tests.
Vulnerability Detection Result
It was possible to login using the provided SSH credentials.
Hence authenticated checks are enabled.
Log Method
Details: SSH Authorization Check (OID: 1.3.6.1.4.1.25623.1.0.90022)

Please let me if it not works.

Thanks,
Antu Sanadi

From: Openvas-discuss [mailto:openvas-discuss-***@wald.intevation.org] On Behalf Of Antu Sanadi
Sent: Monday, September 22, 2014 4:33 AM
To: openvas-***@wald.intevation.org<mailto:openvas-***@wald.intevation.org>
Subject: Re: [Openvas-discuss] Plugins Question

Hello,

Yes, OpenVAS will detect for the outdated versions of 3rd party softwares.
May be you are scan-config for credential scans in not proper.

are you able to login to the target machine?

Thanks,
Antu Sanadi

On Friday 19 September 2014 07:52 PM, Turner, Jonas wrote:
Do the plugins scan for outdated versions of 3rd party software and missing OS patches? I would assume the credentialed scans would detect those missing and I would see results. Reason why I ask is because this is why I assume my credentialed scans donât work. I am not seeing any of this information and my non-credentialed and credentialed scans report back the same results.

Jonas Turner â Security Analyst II
Ph: 419.254.4890âFax: 419.252.5557
E-mail: ***@hcr-manorcare.com<mailto:***@hcr-manorcare.com>

CONFIDENTIALITY NOTICE The information contained in this transmission is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the intended recipient of this information, do not review, retransmit, disclose, disseminate, use, or take any action in reliance upon, this information. If you received this transmission in error, please contact the sender, destroy all printed copies, and delete the material from all computers. ÂÂ

_______________________________________________

Openvas-discuss mailing list

Openvas-***@wald.intevation.org<mailto:Openvas-***@wald.intevation.org>

https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
--
Saner Personal

A free vulnerability mitigation

software. Build strong defense.

http://www.secpod.com/saner-personal.html

CONFIDENTIALITY NOTICE The information contained in this transmission is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the intended recipient of this information, do not review, retransmit, disclose, disseminate, use, or take any action in reliance upon, this information. If you received this transmission in error, please contact the sender, destroy all printed copies, and delete the material from all computers. ÂÂ

--
Saner Personal

A free vulnerability mitigation

software. Build strong defense.

http://www.secpod.com/saner-personal.html