[Openvas-discuss] local account used for scans

Brandon Perry bperry.volatile at gmail.com
Wed Jul 1 16:23:29 CEST 2015


They are just regular local users added with useradd, no special groups at
all.

On Wed, Jul 1, 2015 at 9:22 AM, Brian Thompson <bthompson at wyetechllc.com>
wrote:

>  No problem.  Hopefully someone else will have other ideas.  For your
> local accounts, are they members of any special groups (wheel, root, adm,
> sys, etc)?
>
>
> On July 1, 2015 at 10:17 AM Brandon Perry <bperry.volatile at gmail.com>
> wrote:
>
> Ah, I misread your original post. Not sure then. :/
>
> On Wed, Jul 1, 2015 at 9:15 AM, Brian Thompson <bthompson at wyetechllc.com>
> wrote:
>
> I'm not running the scans as root, I created a user (openvas) that is a
> member of root's group.
>
>
> ssh openvas @ localhost
>
> <banner.......>
>
> openvas @ localhost's password: <password entered>
>
> [openvas @ localhost ~]$ rpm -qa
>
> yum-utils-1.1.30-14.el6.noarch
>
> <100's more rpm's reported>
>
> [openvas @ localhost ~]$
>
>
>
> On July 1, 2015 at 10:05 AM Brandon Perry <bperry.volatile at gmail.com>
> wrote:
>
> I actually don't recommend running scans as root if you can get away with
> it. I use local accounts, can you SSH into the machine yourself? What
> happens when you run rpm -qa/dpkg -l if you can SSH into the box?
>
> On Wed, Jul 1, 2015 at 9:02 AM, Brian Thompson <bthompson at wyetechllc.com>
> wrote:
>
> Question about account permissions....
>
>
> I'd like to use a local account for my scans instead of my personal LDAP
> entry but I can't seem to get the scans to work when I do.  If I use my
> personal credentials (in LDAP with Public/Private key authentication) a
> scan results in about 200 detections.  If I do the same scan but use a
> local account (useradd --create-home --uid=432 --gid=432 --groups=root
> openvas) I get only 50 detections.  I've confirmed the user/pass I provided
> for the credential is correct (I was able to ssh to localhost and log in as
> openvas).  So I'm thinking something else is missing?  As you can see, I've
> created the account as a member of root's group.
>
>
> Are there other groups it needs?
>
>
> Is it not "seeing" the user because it's not in LDAP?  I'd rather not put
> the account in LDAP, is there a way to get OpenVAS to recognize a local
> account?
>
>
> Brian
>
> _______________________________________________
> Openvas-discuss mailing list
> Openvas-discuss at wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
>
>
>
> --
> http://volatile-minds.blogspot.com -- blog
> http://www.volatileminds.net -- website
>
>
>
>
>
>
>
> --
> http://volatile-minds.blogspot.com -- blog
> http://www.volatileminds.net -- website
>
>
>
>



-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20150701/7807b031/attachment.html>


More information about the Openvas-discuss mailing list