Browsed by
Category: vulnerability scanning

All Cybersecurity Is Not Created Equal

All Cybersecurity Is Not Created Equal

I love telling stories about some of the things I’ve seen or done because it helps align mere talking points (or theory) to reality. This is a story I’ve told and presented on several times. It always resonates with the audience and businesses so I figured I would share it here. I was approached by a friend who works in the healthcare space. He asked me to perform a security assessment and light penetration test of his business. My immediate…

Read More Read More

Installing OpenVAS (GVM) on CentOS 7

Installing OpenVAS (GVM) on CentOS 7

This is a walkthough for installing and configuring OpenVAS (GVM) on CentOS 7. OpenVAS (Open Vulnerability Assessment System) is an opensource vulnerability scanner. Update 20April2019: Greenbone is deprecating OpenVAS version 9 and version 10 is now known as Greenbone Vulnerability Manager (GVM). Likewise, the new rpms are called ‘greenbone-vulnerability-manager’ and ‘gvm-libs’ which replace the ‘openvas’ and ‘openvas-libraries’ rpms. If you are upgrading from 9 to the latest version, you may lose your previous tasks and reports so beware! Also, if…

Read More Read More

SSHGuard settings on pfSense

SSHGuard settings on pfSense

Something that always annoyed me when performing a vulnerability scan on a pfSense system was the alerts it triggered. Basically, the vulnerability scanner would attempt to bruteforce SSH logins, which would trigger the sshguard protections, placing the IP address in the sshguard table (Diagnostics -> Tables), producing 100’s of firewall block messages, etc. Dec 3 16:22:37 – Int: em0 Type: block Prot: tcp Src: 192.168.1.8:38553 Dest: 192.168.1.1:22 Tracker: 1000000301 – block drop in log quick proto tcp from <sshguard:1> to…

Read More Read More