Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Default Unix Accounts and SSH

from [Renaud Deraison] Network Security [Permanent Link]
Subject: Re: Default Unix Accounts and SSH
Date: Wed, 20 Oct 2004 08:52:33 -0400 
On Tue, Oct 19, 2004 at 07:01:20PM -0700, Nick Strecker wrote:

I'm unable to get Nessus to report default UNIX accounts over SSH. 
Detection works fine over telnet.  The error message I get in auth.log 
(under debian linux) or system.log (under Mac OS X) is:

sshd[442]: Did not receive identification string from 172.16.200.15
sshd[443]: Bad protocol version identification 'GET / HTTP/1.0' from 
172.16.200.15

Do I have something misconfigured?  Any thoughts/suggestions?


Are you sure you compiled your nessusd with OpenSSL support ?
(this is indicated if you do a nessusd -d)


Also, I'm curious as to why Nessus has so few (35) of these 
unpassworded/default unix account checks?  A search on google turned up 
the following link (http://bsrf.org.uk/tutorials/defaultpasswords.html) 
which, even if I narrow in on just Generic UNIX accounts, includes an 
additional 125+ default user names/passwords that aren't currently 
covered by Nessus.


Because checking for such accounts by telnet is very slow :( Until now,
we had to get a balance between completeness and speed. Now that Michel
introduced the "thorough checks" options we could definitely increase
the number of checks by a great deal.



                                -- Renaud
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Printer problems, c . houle
Next by Date:  nessusd uses obselete (PF_INET,SOCK_PACKET), Stuart Kendrick
Previous by Thread:  Default Unix Accounts and SSH, Nick Strecker
Next by Thread:  Re: Default Unix Accounts and SSH, Javier Fernandez-Sanguino
Indexes:  [Date] [Thread] [Top] [All Lists]