Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Unknown function

from [Devitto, Dom] Network Security [Permanent Link]
Subject: RE: Unknown function
Date: Sun, 10 Jun 2007 09:01:51 +0100 
Two follow-ups to this:
1) Any plans to support SSHv1?
(or can I this be hack this in easily with unsupported botches? :-) )

2) The Nessus_credial_checks.pdf says, under "What else can go wrong with my
host checks?" ...
"On UNIX systems, administrators that move SSH to ports other than 22"

But it appears that (now) Nessus can login whatever the SSH port used, as
long at detects (scans) the port that SSH is running on - correct?


Dom
Dom De Vitto  | Security Consultant
Virgin Media,  Crawley Court, Crawley, Winchester, Hants, SO21 2QA
M: 07855 805 271   D: 01483 87 5500   E: Dom.DeVitto@VirginMedia.co.uk
-----Original Message-----
From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org]
On Behalf Of Renaud Deraison
Sent: 07 June 2007 12:17
To: Nessus List
Subject: Re: Unknown function



Hi Roch,

On Jun 7, 2007, at 12:14 PM, Roch wrote:


Hi,

When verifying ssh login credentials to a Redhat ES 4.0 system I am  
getting:


Unknown function 'aes_cbc_encrypt' (ssh_test.nasl, line 576)
Unknown function 'tripledes_cbc_encrypt' (ssh_test.nasl, line 578)
Unknown function 'aes_cbc_encrypt' (ssh_test.nasl, line 576)
Unknown function 'tripledes_cbc_encrypt' (ssh_test.nasl, line 578)
Unknown function 'aes_cbc_decrypt' (ssh_test.nasl, line 596)
Unknown function 'tripledes_cbc_decrypt' (ssh_test.nasl, line 598)
Unknown function 'aes_cbc_decrypt' (ssh_test.nasl, line 596)
Unknown function 'tripledes_cbc_decrypt' (ssh_test.nasl, line 598)

After running nasl -X -t ip.of.host. ssh_test.nasl

Turns out it is trying to log in using  blowfish-cbc encryption as it
doesn't recognise the others. Has something changed in ssh_func.inc?


These warnings are harmless and only occur when in command-line mode.  
Currently, Nessus 2.x and 3.0 only support blowfish-cbc encryption.  
In Nessus 3.1.x we've added support for AES and 3DES and we modified  
ssh_func.inc to account for that.

Given how the script is written, it still works well with Nessus 2.x  
and 3.0.x and in Nessus 3.1.x it has the ability to also negotiate  
AES and 3DES.


                                -- Renaud

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

------------------------------------------------------------------------------

Save Paper - Do you really need to print this e-mail?

Visit www.virginmedia.com for more information, and more fun.

This email and any attachments are or may be confidential and legally 
privileged and are sent solely for the attention of the addressee(s). If you 
have received this email in error, please delete it from your system: its use, 
disclosure or copying is unauthorised. Statements and opinions expressed in 
this email may not represent those of Virgin Media. Any representations or 
commitments in this email are subject to contract. Please note that we are 
migrating our email addresses to a company wide address of 
"@virginmedia.co.uk". If you are sending to a Telewest or ntl email address 
your email will be re-directed. 

Registered office: 160 Great Portland Street, London W1W 5QA. Registered in 
England and Wales with number 2591237


==============================================================================

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Inability to Run updateplugins.pl Script, George A. Theall
Next by Date:  Re: Unknown function, Renaud Deraison
Previous by Thread:  Re: Unknown function, F. Riphagen
Next by Thread:  Re: Unknown function, Renaud Deraison
Indexes:  [Date] [Thread] [Top] [All Lists]