cancel
Showing results for 
Search instead for 
Did you mean: 

Shell Credentials Problem

Jump to solution

HI

we are testing MVM7.5 in our enviornment and I have Problem with shell credentials.

I want to scan a Redhat V6 and in the the settings tab of scan properties I have added an individual shell

in the Shell Individual Host field I inserted the IP address of the linux server, in User ID tab I inserted the ROOT username of that linux system then in the security section I chose certificate and password to enable the password and confirm password fields then I have inserted the password of root user , in the shell options section I chose SSHv2 or SSHv1, Im sure that my Linux server accepts SSH and I tried to ssh to specified linux server from another Linux machine , I even tried different options of Privileged Access section but still when I look at the log messages in my linux server all the authentication attempts from the MVM serverhave been failed

I spent lots of time trying other options like default shell and Shell Domain but still I couldnt gain any results

by any result I mean there is no difference between a default scan with no credentials and with credentials

I have tested the Credentials for windows networks and it worked perfectly but in linux Im kinda loosing my hope

so I came here to ask for your help!

thanks in adavance

Arsalan.

1 Solution

Accepted Solutions

Re: Shell Credentials Problem

Jump to solution

thanks subhani

but im kinnda fixed it

today I tried to reconfigure my ssh settings on my linux machine but that didnt help with anything

I did all the things that u said before but you know there is a check box in the top of the screen and that tiny little thing was the cure!!

I forgot to enable the Trust unknown remote-shell targets and by checking that box my problem was solved .

now I can see a big difference in my results thanks to that checkbox!

and thank you for checking up on my problem.

so thats it we are vulnerable thanks to mvm we now know it

3 Replies

Re: Shell Credentials Problem

Jump to solution

Hello Arsalan , It should work the way you configured .By the way , are you enterring the credentials within the scan Or maintaining a Credentials set  .Let me summarize it below .

Account Type : Shell Individual Host

Shell Individual Host : Type IP Address

User ID : Specify user name

Password & confirm password : Enter password

Protocol : SSHV2 or SSHV1

Security : Certificate or Password

Privilege Access : First try with none ,else use Root .

Before trying with Foundstone ,use Putty and attempto Server yourself on port 22 and see if it works .Once connected , run some command such as whoami , uname -a etc.  Additionally ,look for this article (KB54752) on Mcafee KB and it will tell you exactly what commands are run by MVM on Linux .

Re: Shell Credentials Problem

Jump to solution

thanks subhani

but im kinnda fixed it

today I tried to reconfigure my ssh settings on my linux machine but that didnt help with anything

I did all the things that u said before but you know there is a check box in the top of the screen and that tiny little thing was the cure!!

I forgot to enable the Trust unknown remote-shell targets and by checking that box my problem was solved .

now I can see a big difference in my results thanks to that checkbox!

and thank you for checking up on my problem.

so thats it we are vulnerable thanks to mvm we now know it

Highlighted
cgrim
Level 13
Report Inappropriate Content
Message 4 of 4

Re: Shell Credentials Problem

Jump to solution

Hi arsalan,

For added security, you may want to leave that box unchecked.  To around the need to select that option in the scan you need to first run a scan to collect the Target SSH keys, then manually 'trust' the targets thru Manage  > Assets.

The following KB Article goes into the details a bit:

https://kc.mcafee.com/corporate/index?page=content&id=KB70687

I hope that helps!
Cathy

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community