Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
707 Views 1 Reply Latest reply: Dec 2, 2013 4:19 PM by craig.carrigan RSS
arfelix Newcomer 10 posts since
Jul 19, 2013
Currently Being Moderated

Sep 6, 2013 12:18 PM

Vulnerability Manager credential non-windows "Shell"

Hello,

 

I have makes a questions

 

1Q) When I try to do a scan in Vulnerability Manager with a credential on a Non-Windows operating system, do not know what information to place in "Domain Shell", "Shell Single Host" or "Shell Default". This happens to scan computers Unix, Routers, Switchs, Firewall and any other.

 

Please someone can tell me what information I write in "Shell"

 

VA.jpg

2Q) What is the different between "Domain/Workgruop", "Individual Host", "Default" and "Application".  How do I know which should I choose?

 

Thanks,

 

Arfelix

  • craig.carrigan Newcomer 11 posts since
    Jan 10, 2011

    Good Afternoon Arfelix,

     

    I have messed with this in the past and this is the way I do it.

     

    First in the default shell line you have to tell the scanner what shell it needs to use during the session. You can also find in the Knowledge Base the commands the scanner needs to be able to run so it can scan successfully.

     

    https://kc.mcafee.com/corporate/index?page=content&id=KB54752&actp=search&viewlo cale=en_US&searchid=1360272419418

     

    Depending on the level of access the account you use for the scanner has,you do not really need to provide root access

     

    I check the password box and leave Certificate checked, MVM does not like it if it is unchecked, and it’s default behavior is to use certs, which it may not have, there is a KB article on it; if it locks out your account on the target server here.

     

    https://kc.mcafee.com/corporate/index?page=content&id=KB67689&actp=search&viewlo cale=en_US&searchid=1352321054440

     

    I have not quite figured out the whole Sudo with a certificate yet, so I do not mess with it.

     

    Be sure to check the boxes for SSH key collection and Trust remote shells orthe SSH session will fail.

    SSH.PNGCreds.PNGOptimize.PNG

     

     

    As for the windows options; Domain is for a server using creds in ActiveDirectory. Workgroup I do not have any good explanation for. Servers that are stand alone, I use Windows Individual Host and whatever creds are local to the server and they work fine.

     

    Application is for web app scanning as I understand it. I could be wrong

     

    I hope that helps

     

    Message was edited by: craig.carrigan on 12/2/13 4:22:39 PM CST

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points