CPE Inventory

Support for security such as Firewalls and securing linux
Post Reply
vcba79
Posts: 31
Joined: 2015/12/21 09:36:06

CPE Inventory

Post by vcba79 » 2017/11/21 13:56:48

Hi, All

Recently, I use openvas to scan my host and I got the following result

<host ip>|cpe:/a:apache:http_server
<host ip>|cpe:/a:isc:bind:9.9.4.RedHat.9.9.4.51.el7
<host ip>|cpe:/a:joomla:joomla:3.8.1
<host ip>|cpe:/a:mariadb:mariadb:5.5.56
<host ip>|cpe:/a:openbsd:openssh:7.4
<host ip>|cpe:/a:php:php:5.4.16
<host ip>|cpe:/o:redhat:linux:7

It's good for inventory but not so good for security. I wonder how openvas gather those information.
through specified protocol? through each service daemon or information come from centos?
Is it possible to show or hide cpe inventory information?

Thanks,

aks
Posts: 3073
Joined: 2014/09/20 11:22:14

Re: CPE Inventory

Post by aks » 2017/12/28 21:29:03

OIpenVAS (like a lot of security scanners) does banner grabbing. If the system says it's (say) httpd-2.4.1 then all vulnerabilities associated (with the open source ... i.e.: upstream) version are applicable.
Not necessarily the case.
You need to provide more detail about what you are c0oncerned about.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CPE Inventory

Post by TrevorH » 2017/12/28 21:39:14

Please see https://access.redhat.com/security/updates/backporting/ for information on backporting of security fixes and features in CentOS and RHEL
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply