Hint: Verify target configuration / access for authenticated (LSC) scans

windows
linux
authentication
hint
scan-config

#1

Note: If you have any questions on this topic please start a new thread for each question and link back to this topic so that it can be updated accordingly.

When doing Authenticated Scans specific requirements on target systems with Linux/UNIX or Windows needs to be fulfilled.

If the requirements are not fulfilled the detection of installed software and possible existing vulnerabilities might fail. To help with such situations (if the Credentials are configured) a “Log” entry of the one of the following two NVTs (depending on the target) will provide various information within a report:

SSH: SSH Authenticated Scan Info Consolidation (OID: 1.3.6.1.4.1.25623.1.0.108162)

SMB/Windows: Windows LSC Authenticated Scan Info Consolidation (OID: 1.3.6.1.4.1.25623.1.0.108442)


Issue with Credentialed Scan on Domain
Testing individual vulnerability tests
OpenVAS/GVM not detecting missing Windows patches
No way to get any result/report from target host
Inconsistent results when scanning Windows
#2