ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    openvas test results

    IT Discussion
    10
    34
    2.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • momurdaM
      momurda
      last edited by

      Actually doing some work while ranting in another thread.
      All the linux servers i have been scanning with openvas show basically the same vulnerabilities.
      0_1498587409964_e51944e6-d4e1-4ef5-a844-84b07bb0106a-image.png
      I think i know how to mitigate teh SSH weak encryption/MAC algorightms ones. Where can i find a list of good ciphers? the ssh_config and sshd_config show mostly these older ones listed as weak.
      The TCP timestamp one can possibly allow someone to see my server uptime? Why is that bad?
      Sorry for the basic questions.

      stacksofplatesS 1 Reply Last reply Reply Quote 1
      • DustinB3403D
        DustinB3403
        last edited by

        Server up time could be indicative of an out of date system, so while a minor risk. It could lead to that system being a bigger target.

        1 Reply Last reply Reply Quote 1
        • GreyG
          Grey
          last edited by

          I thought this was going to be a sarcastic thread about an OpenVas(ectomy) service and how you were disappointed to find that they required you to bring your own tools and a library of books before they were able to start shaving or something.

          momurdaM 1 Reply Last reply Reply Quote 0
          • momurdaM
            momurda @Grey
            last edited by

            @Grey Hopefully a service like that doesnt exist.

            1 Reply Last reply Reply Quote 0
            • dafyreD
              dafyre
              last edited by

              I did a scan of my test lab from the inside... it ain't pretty, lol.
              0_1498591931704_7d5d6365-3416-4f7c-8411-85a0458fe88d-image.png

              1 Reply Last reply Reply Quote 1
              • stacksofplatesS
                stacksofplates @momurda
                last edited by

                @momurda said in openvas test results:

                Actually doing some work while ranting in another thread.
                All the linux servers i have been scanning with openvas show basically the same vulnerabilities.
                0_1498587409964_e51944e6-d4e1-4ef5-a844-84b07bb0106a-image.png
                I think i know how to mitigate teh SSH weak encryption/MAC algorightms ones. Where can i find a list of good ciphers? the ssh_config and sshd_config show mostly these older ones listed as weak.
                The TCP timestamp one can possibly allow someone to see my server uptime? Why is that bad?
                Sorry for the basic questions.

                Here's some hardened SSH stuff

                https://mangolassi.it/topic/10391/fairly-hardened-jump-box

                Also if you run SCAP on a machine it will give you a report with mitigation information.

                1 Reply Last reply Reply Quote 1
                • stacksofplatesS
                  stacksofplates
                  last edited by

                  Nessus has stuff like the time stamp thing too. It's mostly just informational. The only thing I could think of with the time stamp is someone could find machines with a high load and DoS them, so not really a big issue.

                  1 Reply Last reply Reply Quote 2
                  • IRJI
                    IRJ
                    last edited by

                    Openvas isn't as an informative as some other tools. Once you get the cve you can research it better using Google.

                    1 Reply Last reply Reply Quote 1
                    • matteo nunziatiM
                      matteo nunziati
                      last edited by

                      slightly off topic: did anyone manage to get the OVA working in VirtualBox? I just tryed and it crashed without any real backtrace. Now downloading the iso...

                      IRJI 1 Reply Last reply Reply Quote 0
                      • IRJI
                        IRJ @matteo nunziati
                        last edited by

                        @matteo-nunziati said in openvas test results:

                        slightly off topic: did anyone manage to get the OVA working in VirtualBox? I just tryed and it crashed without any real backtrace. Now downloading the iso...

                        Just install Ubuntu or CentOS and run it from there. I think it''s very simple with pre-built packages. The VM is not recommended for anything but testing anyway.

                        http://www.openvas.org/install-packages-v7.html

                        1 Reply Last reply Reply Quote 0
                        • M
                          marcinozga
                          last edited by

                          https://forums.atomicorp.com/viewtopic.php?f=31&t=8539#p44057 - this is step by step guide for Centos 7.

                          1 Reply Last reply Reply Quote 1
                          • matteo nunziatiM
                            matteo nunziati
                            last edited by

                            just configured an ubuntu VM. web interface was still waiting for seeding when I leaved the office

                            1 Reply Last reply Reply Quote 0
                            • momurdaM
                              momurda
                              last edited by

                              Yesterday afternoon I started a scan on the workstation network. Previously I was just using it for servers.
                              Later, in the evening, I logged in to my Webroot admin console and saw that about 25% of the endpoints were reporting an infection. I just about lost my mind. Luckily, I soon found out that openvas uses winexecsvc.exe to do its thing on Windows machines. Just FYI if anybody else is using this and quite green like me.

                              IRJI 1 Reply Last reply Reply Quote 2
                              • IRJI
                                IRJ @momurda
                                last edited by

                                @momurda said in openvas test results:

                                Yesterday afternoon I started a scan on the workstation network. Previously I was just using it for servers.
                                Later, in the evening, I logged in to my Webroot admin console and saw that about 25% of the endpoints were reporting an infection. I just about lost my mind. Luckily, I soon found out that openvas uses winexecsvc.exe to do its thing on Windows machines. Just FYI if anybody else is using this and quite green like me.

                                I am really surprised webroot hasn't run into OpenVAS before.

                                momurdaM 1 Reply Last reply Reply Quote 0
                                • momurdaM
                                  momurda @IRJ
                                  last edited by

                                  @irj Yes. There are a couple forum posts about it, but they apparently haven't changed the default detection of it as bad.

                                  1 Reply Last reply Reply Quote 0
                                  • momurdaM
                                    momurda
                                    last edited by

                                    Today i scanned an IIS server.
                                    It showed these results, which seem quite frightening. I am only interesested in the two i marked.
                                    0_1513810425793_15773e2d-2c28-4498-910c-4bdb001b3866-image.png
                                    Now, these two items score above 9 on openvas scanner, which means openvas thinks they are very bad.
                                    Then i log into the server, check for updates from Microsoft Update. Server says it is fully uptodate.
                                    Then i try to actually navigate the links from openvas on technet/ms catalog/ms docs/etc. to download these single updates. What a nightmare those sites are.
                                    I finally get the standalone update downloaded, install it, and "This update is not applicable to your computer." So i guess that means it is installed? If so why is openvas saying it isnt, and being so confident(80%) that it is.

                                    travisdh1T 1 Reply Last reply Reply Quote 0
                                    • travisdh1T
                                      travisdh1 @momurda
                                      last edited by

                                      @momurda said in openvas test results:

                                      Today i scanned an IIS server.
                                      It showed these results, which seem quite frightening. I am only interesested in the two i marked.
                                      0_1513810425793_15773e2d-2c28-4498-910c-4bdb001b3866-image.png
                                      Now, these two items score above 9 on openvas scanner, which means openvas thinks they are very bad.
                                      Then i log into the server, check for updates from Microsoft Update. Server says it is fully uptodate.
                                      Then i try to actually navigate the links from openvas on technet/ms catalog/ms docs/etc. to download these single updates. What a nightmare those sites are.
                                      I finally get the standalone update downloaded, install it, and "This update is not applicable to your computer." So i guess that means it is installed? If so why is openvas saying it isnt, and being so confident(80%) that it is.

                                      Obviously something isn't right. Which server version is that IIS running on?

                                      1 Reply Last reply Reply Quote 0
                                      • momurdaM
                                        momurda
                                        last edited by momurda

                                        IIS 8 on Server 2012.
                                        I suppose it is possible that even at 80% this is a false positive detection.
                                        Windows update screen
                                        0_1513881247443_4575deac-8dae-478f-9b77-78590231e488-image.png
                                        The optional update is for SilverLight

                                        travisdh1T 1 Reply Last reply Reply Quote 0
                                        • travisdh1T
                                          travisdh1 @momurda
                                          last edited by travisdh1

                                          @momurda said in openvas test results:

                                          IIS 8 on Server 2012.
                                          I suppose it is possible that even at 80% this is a false positive detection.
                                          Windows update screen
                                          0_1513881247443_4575deac-8dae-478f-9b77-78590231e488-image.png
                                          The optional update is for SilverLight

                                          It could be that Microsoft hasn't released those updates for 2012. Isn't 2012 only covered under extended support now?

                                          Edit: Answering my own question, normal support for 2012/2012R2 ends in 2018.

                                          Accordingly, you should be able to apply those updates.

                                          1 Reply Last reply Reply Quote 1
                                          • momurdaM
                                            momurda
                                            last edited by

                                            I think they are applied and that openvas is being dumb.

                                            1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 1 / 2
                                            • First post
                                              Last post