Re: Nessus doesn't detect F-Secure SSH correctly

From: Michael Boman (michael.bomanat_private)
Date: Fri Jun 13 2003 - 19:35:40 PDT

  • Next message: Renaud Deraison: "Re: Nessus doesn't detect F-Secure SSH correctly"

    On Wed, 2003-06-11 at 09:13, Renaud Deraison wrote:
    > On Wed, Jun 11, 2003 at 08:46:39AM +0800, Michael Boman wrote:
    > > The later one should according to my research be somewhat vulnerable to:
    > > 
    > > http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html
    > > http://www.kb.cert.org/vuls/id/AAMN-5G62MC
    > > http://www.iss.net/security_center/static/10868.php
    > > 
    > > It was also never detected as a SSH server
    > 
    > Does the report at least show the SSH banner somewhere ? Don't you have
    > DNS issues which would prevent nessusd from receiving the banner
    > (ie: what happens when you connect to the tested host, on port 22 ? Do
    > you receive a banner right away ?)
    
    Yes, the SSH banner is detected and reported in Nessus. But because the
    port/service is never recognised as a SSH server you get quite a few
    false positives on the port.
    
    Best regards
     Michael Boman
    
    -- 
    Michael Boman
    Security Architect, SecureCiRT Pte Ltd
    http://www.securecirt.com
    
    
    



    This archive was generated by hypermail 2b30 : Fri Jun 13 2003 - 19:36:47 PDT