On Thursday 13 September 2012 00:02:45 Thomas Reinke wrote:
> We're running into a hiccup with openvassd (rls 5) that I wouldn't
> mind getting some feedback on.
>
> After upgrading both scanner and scripts, and removing find_service.nes
> from the plugins directory so that there was no possibility of confusion
> with find_service.nasl and the built in find_service plugin, a look at
> the openvassd.messages log is showing that find_service.nasl is being
> launched BEFORE nmap.nasl.
>
> My understanding is that nmap.nasl, with a category of ACT_SCANNER,
> should ALWAYS execute before something like find_service.nasl, with
> a category of ACT_GATHER_INFO.
>
> Is there something I'm missing? Shouldn't all ACT_SCANNER class
> scripts be COMPLETELY finished, regardless of user config, before
> other categories start firing up? This is preventing find_service.nasl
> from working correctly.
The source of the problem is ssh_authorization.
This ACT_SETTINGS script should not do anything else than care about
settings. It should _not_ do tests on a certain port.
My proposal is to have a "ssh_check.nasl" in ACT_GATHER_INFO
and replace a couple of dependencies to ssh_authorization to ssh_check
(or even remove the dependency as we actually only need the
login/SSH/success KB entry - no?).
ssh_check.nasl would do the port check and set the KB entry accordingly.
Would this be a adequate solution?
One problem would probably arise from this: netstat_portscan.nasl.
This NVT is ACT_SCANNER but logs into target using SSH.
Which is heavily in conflice with the ACT_ sequence.
It could not use ' script_mandatory_keys("login/SSH/success"); '
anymore.
Would that be a problem?
Best
Jan
--
Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B
202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-devel mailing list
[email protected]
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-devel
