Hi everyone! I have a fresh OpenVAS 21.04 install, where I would like to exclude the default ssh credentials check from scans.
In the scan config, I have the following settings:
Under Edit Network Vulnerability Test Families (58) :
Brute force attacks: 0 of 14 Default Accounts: 0 of 287
Under Network Vulnerability Test Preferences (1108) :
Options for Brute Force NVTs Disable brute force checks: yes Options for Brute Force NVTs Disable default account checks: yes IT-Grundschutz: SSH and Telnet BruteForce attack \ BruteForce Attacke with Default-Usern and -Passwords: no
Nevertheless, when I run a task with this scan config and
log_whole_attack = yes , openvas.log contains:
Launching default_ssh_credentials.nasl (126.96.36.199.4.1.256188.8.131.52013) against <ip>
How can I find out which piece of configuration is still causing this check to be executed?
I know that in this topic the answer was to not weaken your scan, but in this case I would like to do this, because we’re making a “light” scan config that we can run more often.
Thanks for any hints!