On Mittwoch, 30. April 2008, Carsten Koch-Mauthe wrote:
> Another question for me are the credentials to be used with smbcl_api.
> The "main" creds are given on the crdentials page in openvasclient. But today
> i've found some additional smb creds on the prefs. page. Is it useful to use
> more then one user/pw pair for smb ? If so how to decide which pair for which
> host(s). I've found no dependency between user/pw and host. Probably adding a
> new smb_host_credentials field ? Or trying all creds on every host if login
> fails ?
there is indeed a larger design question which does not only
apply to smb but to all credentials. Thie quesiton is about
wtether to have same credentials for multiple targets or
whether to have individual credentials for each target.
In the latter case I see two options to handle it, either
with a clever OpenVAS/NASL-script or by defining that
for each different credentials a scope of its own is to
be created in OpenVAS-Client.
However, for the time being I'd propose we just use
a "smb_authorization.nasl" analogous to "ssh_authorization.nasl",
ie. have only a single set of credentials for each type (ssh/smb/...)
Best
Jan
--
Dr. Jan-Oliver Wagner Intevation GmbH, Osnabrück
Amtsgericht Osnabrück, HR B 18998 http://www.intevation.de/
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-plugins mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
