HTTP classy Probe - Why do we need it ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-15-2020 09:23 AM
Th eHTTP classy probe seems to be causing issues as i dont have a basic auth ID for it. I am confused why we would need to use this HTTP probe or what it is for . I woudl like to turn it off form discovery all together . Any helpo at this opint will help. 🙂 How do i disable it .... and what is it even for ?
thnaks
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-15-2020 09:43 AM
I did a bit on this here on this post. However, to shut it off you can just disable the HTTP port probe. (discovery definition > port probes)..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-15-2020 11:23 AM
thank you very much . So i would say at this point i dont need it. What is the name of the port probe to discontinue ? i see 3 for windows ... http winrm ssl and winrm ??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-15-2020 11:32 AM
I disabled the HTTP port probe. All i get now in the discovery logs is the following
- Skipping deactivated port probes: http (abotu 70 times)
then
Target is blacklisted. No valid credential found for types [SSH Password,SSH Private Key]
shoudl i disable the HTTP Classify probe also ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-15-2020 11:36 AM
You dont have to disable the one HTTP classifier we have OOB ,with the HTTP port probe disabled you should be fine. The SSH error is just that, the IP also has port 22 open so we would want to try to discover it with available ssh credentials.