Talking IPX (or other non-ip eth.types) with OpenVAS NASL?

Are there facilities in OpenVAS to talk IPX on the network?

In a network I attend to there are Powerline Adapters which form a bridge for the IP network and which chat via IPX frames with each other and with another device controlling them.

Can this be done with OpenVAS nasl, or what would you recommend to start talking to them?

The link they constitute isn’t exactly reliable, and I’d like to start troubleshooting this by getting some time series about their individual up/down-ness, e.g. the hops on the line to another sensor the IP LAN is trying to talk with via this bridge.

Hm, I noticed that I confounded something. There were IPX frames in my pcap, but the Powerline Adapters speak some “homeplug” protocol, eth.type 0x88e1.

But anyway, it seems I’d need to forge ethernet frames (MAC layer) all the same.
I found many useful packet forge functions with:

plugins# grep -r -i forge_ | less

(e.g. for ip, tcp, udp, icmp), but nothing which forges “eth” or “mac”.

I guess I might find out something digging deeper, but maybe someone has a hint for some “ready-to-use” NASL (Network Appreciation Scripting Language) function.

Even The Source doesn’t give a very different result, you can try it with
openvas$ grep -r -i forge_
(it only adds some “_v6” to said result).

So I guess with current OpenVAS there is nothing in NASL which can do this.

Network related functionality (opening sockets and similar) needs to be provided by the Scanner so i have moved this thread into the GSE category.

As you have already found out the scanner currently doesn’t provide the functionality to forge eth/mac you’re looking for. Basically you can have a look at the following file to see which NASL functions the scanner is providing (including your mentioned forge_* functions):

1 Like