OpenVAS: Windows Local Security Checks

Basis of the procedure

OpenVAS uses the SMB protocol for local security checks on Windows operating systems.

For this reason, smbclient must be installed on the OpenVAS server.

Debian:

apt-get install smbclient

The smbclient file, which must be located in the system path, is used.

Smbclient must be executable with the rights of the OpenVAS scanner.

A user with administrative rights is required to access Windows systems.
This user and his password are stored in the graphical interface of OpenVAS as SMB credentials. A domain user can also be used within a domain.

credentials

The credentials must be used in a target.

target-with-credentials

Troubleshooting

There are various NVTs that can help identify problems:

smb-nvts

For example, a missing smbclient:

smb-client-fail1

Wrong log in credentials:

wrong-login

Successful log in:

successful-login

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s