HTTP classy Probe - Why do we need it ?

scottnichol · ‎07-15-2020

Th eHTTP classy probe seems to be causing issues as i dont have a basic auth ID for it. I am confused why we would need to use this HTTP probe or what it is for . I woudl like to turn it off form discovery all together . Any helpo at this opint will help. 🙂 How do i disable it .... and what is it even for ?

thnaks

doug_schulze · ‎07-15-2020

I did a bit on this here on this post. However, to shut it off you can just disable the HTTP port probe. (discovery definition > port probes)..

scottnichol · ‎07-15-2020

thank you very much . So i would say at this point i dont need it. What is the name of the port probe to discontinue ? i see 3 for windows ... http winrm ssl and winrm ??

scottnichol · ‎07-15-2020

I disabled the HTTP port probe. All i get now in the discovery logs is the following

- Skipping deactivated port probes: http (abotu 70 times)

then

Target is blacklisted. No valid credential found for types [SSH Password,SSH Private Key]

shoudl i disable the HTTP Classify probe also ?

doug_schulze · ‎07-15-2020

You dont have to disable the one HTTP classifier we have OOB ,with the HTTP port probe disabled you should be fine. The SSH error is just that, the IP also has port 22 open so we would want to try to discover it with available ssh credentials.