1 Reply Latest reply: Nov 14, 2017 8:56 AM by RSS

Credential scan for VCSA 6.5 and network swtich

jameseiv Novice
Visibility: Open to anyone

Hello All,

 

Security Center 5.4.0

 

I have a couple questions when it comes to plugin output along with Virtual Center Server alliance and a model of  Dell switch.

 

For VCSA v6.5 I have created a separate policy and scan job with only certain VMWare vCenter specific plugins. I have provided the credentials within the vCenter SOPA API and the job runs and does pull information from the instance. I can see that it does connect via HTTPS and logs in with those credentials, but I still get the below for this job.

 

Authentication Failure - Local Checks Not Run (21745)
Additional failure information from ssh_get_info2.nas1 :
The remote host is not currently supported by this plugin.

 

Nessus Scan Information (19506)
Credential Checks : No
Credentialed_scan: false

 

Is this due to the fact that the certain commands are needed to put the VCSA in bash shell or application shell after logging into the appliance using SSH?

 

For the Dell switch, although we are inputting the correct credentials for the switch the credentialed checks are unsuccessful.

The following plugin ID gives us this information:

Plugin ID: 12634
Plugin Name: OS Name and Installed Package Enumeration

Plugin Output:
It was possible to log into the remote host using the supplied
password.

Note, though, that an attempt to elevate privileges using 'su' failed
for the following reason :

Nessus failed to open a new SSH channel. Received code was not SSH_MSG_CHANNEL_OPEN_CONFIRMATION (91). It was : 0

Further commands will be run as the user specified in the scan policy.

However, the execution of the command "uname -a" failed, so local security
checks have not been enabled.

Nessus returned the following error message :
Nessus failed to open a new SSH channel. Received code was not SSH_MSG_CHANNEL_OPEN_CONFIRMATION (91). It was : 0

 

The switch is also seen as a RICOH printer.

 

Any insight would be much appreciated.