Detection of checkmk

Scanning / scan configuration
1

Hello,

we are using the Greenbone Community Containers.

I’ve got an inquiry about the product detection of checkmk.

In the NVTs I see:
Checkmk Server Detection (HTTP)
Checkmk Agent Detection

Both are using the remote_banner as a detection method. This turned out to be unreliable because of firewall rules and reverse proxies in front of the checkmk server.

Since checkmk is an package the scanner could use the output of apt to detect checkmk.

Package names are for example:
check-mk-agent
check-mk-raw
check-mk-enterprise

More examples can be seen on Download-Archiv für veraltete Checkmk-Versionen

Can this be implemented in the Greenbone scanner?

Thank you

2

Checkmk coverage is only part of the commercial enterprise feed since quite some years and the same like mentioned for some compliance checks below should apply here as well.

2 Likes
3

This topic was automatically closed after 90 days. New replies are no longer allowed.