Mailing List Archive: SMB Credentials

SMB Credentials

Dec 22, 2005, 12:58 AM

Post #1 of 4 (1391 views)

Hello,
In the company where i'm working , we are doing a trail with
different VA tools, to decide which of them (or how many of
them :) ) we'll go to use in the future to test the system's
company.

By know, we haven't got a linux server so we are using the
knoppix with the version 2.2.4 of nessus. This version isn't
updated with the last nasl but.....

I used previous versions of Nessus in other ocassions, with
knoppix too, and i hadn't got any problems with the credentials.
If i used a user wih administrative privileges in the scaned
system, i got some information like pach installed, registry
information, etc.

Now i'm trying to do the same but a i don't get the same
information :(((( I configure the username and password in the
credentials tab but nessus don't make any kind of conection or
validation with this credentials in the system (i tested the
event viewer of the system and i didn't found it).

What can be the problem?

If i don't use any credential, Does nessus a Null session in the
system to get the information? I proved that but i did'nt got any
kind of information in the event viewer.

Thank's in advance

Mara "Luna"

--
10 GB Mailbox, 100 FreeSMS/Monat http://www.gmx.net/de/go/topmail
+++ GMX - die erste Adresse für Mail, Message, More +++
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Re: SMB Credentials [ In reply to ]

theall at tenablesecurity

Dec 22, 2005, 2:17 PM

Post #2 of 4 (1356 views)

Permalink

On Thu, Dec 22, 2005 at 09:58:10AM +0100, Mara Fernandez wrote:

> In the company where i'm working , we are doing a trail with
> different VA tools, to decide which of them (or how many of
> them :) ) we'll go to use in the future to test the system's
> company.
>
> By know, we haven't got a linux server so we are using the
> knoppix with the version 2.2.4 of nessus. This version isn't
> updated with the last nasl but.....

I'd urge you to find a way to use Nessus in its current form. Realize
that one of Nessus's strengths is that plugins are being revised and
added on a daily basis. I don't know when the Knoppix build was put
together, but given that 2.2.4 was released back in March and 2.2.5 in
July, you're probably missing several months worth of new plugins as
well as corrections to existing plugins. And that likely means you're
not seeing our adoption of CVSS scoring for risk assessment or a general
move away from banners when detecting flaws.

Oh, and understand too that Nessus 3 offers significantly better
performance than Nessus 2.2.

> I used previous versions of Nessus in other ocassions, with
> knoppix too, and i hadn't got any problems with the credentials.
> If i used a user wih administrative privileges in the scaned
> system, i got some information like pach installed, registry
> information, etc.
>
> Now i'm trying to do the same but a i don't get the same
> information :(((( I configure the username and password in the
> credentials tab but nessus don't make any kind of conection or
> validation with this credentials in the system (i tested the
> event viewer of the system and i didn't found it).
>
> What can be the problem?

It's hard to say... What do you see in nessusd.messages and/or
nessusd.dump logfiles? Is this a general problem or only when scanning
specific hosts? Generally it's advisable to update to the latest plugins
when running into trouble like this... Can you burn another CD with the
latest plugins tarball?

> If i don't use any credential, Does nessus a Null session in the
> system to get the information? I proved that but i did'nt got any
> kind of information in the event viewer.

Nessus needs credentials to access the registry remotely.

George
--
theall@tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Re: smb credentials [ In reply to ]

theall at tenablesecurity

Aug 15, 2008, 8:49 AM

Post #3 of 4 (1319 views)

Permalink

On Aug 14, 2008, at 5:31 PM, peanut life wrote:

> When I run 3.0 client and server on a Windows Vista platform, Nessus
> was able to login into the Windows box with supplied credentials.
>
> However when I use the same plugins and run it from a linux server
> version 2.2.11, the scan fails and repors taht the given credentials
> do not have the privelege fo accessing the Windows host.
>
> I am puzzled, same plugin, rechecke dthe preferences--> Login config
> for smb user name.etc..

Is the target different from the host where you're running Nessus 3.0?

How do you know the preferences and plugins are the same?

George
--
theall@tenablesecurity.com

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

Re: smb credentials [ In reply to ]

theall at tenablesecurity

Aug 15, 2008, 12:22 PM

Post #4 of 4 (1316 views)

Permalink

On Aug 15, 2008, at 1:33 PM, peanut life wrote:

> The target is a seperate machine , its a Windows 2003 server and the
> 3.0 was being tested on a Windows Vista server.
> The Linux 2.2.11 Nessus version is on CentOS 5.1.

How do you know you're using the same plugins and configuration?

George
--
theall@tenablesecurity.com

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus