After scanning Linux servers, the commands entered by openvas appear in the history
607 /bin/sh -c ‘LANG=C; LC_ALL=C; echo “login test”’
608 /bin/sh -c ‘LANG=C; LC_ALL=C; uname -a’
609 cmxctl version
610 /bin/sh -c ‘LANG=C; LC_ALL=C; getserverinfo’
611 sudoedit -s '' perl -e 'print "A" x 65536'
Scanner:
Name OpenVAS Default
Type OpenVAS Scanner
Scan Config Full and fast
Credential:
Type Username + SSH Key
Version 22.5.1
How to configure openvas so that it does not leave anything in the history of scanned servers?
I would be very grateful for any help.
Maintaining such a history of all users is a functionality of the remote (Linux) host and not of the scanner (remember, during a scan only a “standard user” of the system is used).
If you want to stop your system from creating such history entries you can configure this in e.g. a ~/.bashrc or similar file.
Notes:
The configuration method highly depends on the used Linux / setup, please consult the manual of the used Linux or an adequate support forum for configuration help
In general it is also recommended to use a dedicated “scanning” user not used for something else to not cause conflicts with “productive” users or similar
It would be a useful scan task option to clear command from memory . When you run history -c , it clears the history list that is stored in the current shell’s memory. However, the commands that were previously stored in the .bash_history file are still present on disk in ~/.bash_history, but to my knowledge this filename is different per distribution.
You can check the file name of the configured Bash history cache file by examining the value of the HISTFILE environment variable. This variable specifies the file where Bash stores command history.
. When you run