Giter Club home page Giter Club logo

Comments (3)

TatusGepetto avatar TatusGepetto commented on June 16, 2024 1

Finally after reinstallation from scratch it seems it works. Maybe something was wrong with sources during time of my installation, as it didn't provide any error messages when installed.

Anyway, I believe we can simply close it.

from libellux-up-and-running.

libellux avatar libellux commented on June 16, 2024

Hello @TatusGepetto so I just installed a fresh source build from my guide. Unfortuntely I do not get the same log message as you. I get the results for both "SSH Server type and version" with other port and protocol scans when I ran vulnerability check against a test host intrusion detection server (ossec) for example:

2021 Dec 22 04:13:40 localhost->/var/log/secure
Rule: 5701 (level 8) -> 'Possible attack on the ssh server (or version gathering).'
Dec 22 04:13:39 localhost sshd[13923]: error: Protocol major versions differ: 2 vs. 1

If you want to probe your external host make sure that your target host default firewall doesn't block the port scanner - as explained here: https://explainshell.com/explain?cmd=nmap+-PE

I hope you'll resolve it and that I've been to some help at least.

from libellux-up-and-running.

TatusGepetto avatar TatusGepetto commented on June 16, 2024

Hello @libellux , thank you very much for your answer. I made another approach and change recognition option to "Consider alive", as I'm fully sure that such IPs and ports are responsive:
obraz

But it didn't change too much, Of course I don't see this problem with nmap execution, but I can see only LOG responses, no other issues(which would be fine IF my system is fully bulletproof):
obraz

But if I will compare it to one of the last scans from operational 20.08 system, I was able to get there:
obraz

I know that for this example host I still should be able to get LOW and MEDIUM alerts about:
obraz
obraz

As I didn't fix it, but it seems that newer version of system doesn't provide such response. So I'm wondering if installation method is somehow corrupted or something else is wrong.

I added additionally such options to sudoers file:

# allow users of the gvm group run nmap and arping
%gvm ALL = NOPASSWD: /usr/bin/nmap
%gvm ALL = NOPASSWD: /usr/sbin/arping

But it didn't change anything.

So I'm wondering if you have any advices, cause it seems that my system is somehow partially OK.

from libellux-up-and-running.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.