Hello,
we are using the Greenbone TRIAL right now (and did have access to the Enterprise Feed with a Trial Enterprise Key for some time).
When doing test-scans on some internal servers, we did experience some behaviour, the cause of which we do not understand - but perhaps someone can clarify this issue.
There are two Linux-servers (RHEL 7.9):
- web-04
- web-05
Both servers offer FTP as a service, using the vsftp-package (vsftpd-3.0.2-29.el7_9.x86_64).
The configurations are completely identical:
[root@web-04 vsftpd]# pwd
/etc/vsftpd
[root@web-04 vsftpd]# md5sum *
6377960551b81b27240486a0e2680ef8 dhparam.pem
149b77995fa47ecb699c8a8a04ce29fd ftpusers
5e84df7fd67451f5e49ceb02d5806622 hosting.conf
df7e4b09ecd3f5e4a5a03f87ef449f68 user_list
5ad8d37fc1b2bd9d8e8c8a7036d78930 vsftpd.conf
acbe21b7e4f1fa895a788f1d15df19a2 vsftpd_conf_migrate.sh
and
[root@web-05 vsftpd]# pwd
/etc/vsftpd
[root@web-05 vsftpd]# md5sum *
6377960551b81b27240486a0e2680ef8 dhparam.pem
149b77995fa47ecb699c8a8a04ce29fd ftpusers
5e84df7fd67451f5e49ceb02d5806622 hosting.conf
df7e4b09ecd3f5e4a5a03f87ef449f68 user_list
5ad8d37fc1b2bd9d8e8c8a7036d78930 vsftpd.conf
acbe21b7e4f1fa895a788f1d15df19a2 vsftpd_conf_migrate.sh
Anyway, the scan of the servers brought up different results for the servers:
- the result for web-04 shows: Medium (CVSS: 4.8) NVT: FTP Unencrypted Cleartext Login
- the result for web-05 does not show this issue
We have rerun the scans but it’s always the same. We did the scan with and without the Enterprise Feed in place, nothing changed.
We wonder how the different scan results can occur, since at this point it looks to us as the results cannot be trusted.
We would appreciate some help with this, since we are considering buying an actual Enterprise-License, but it depents on whether we find the results comprehensible and trustworthy.
Thank you very much &
best regards!