[Openvas-commits] r1124 - in trunk/openvas-server: . doc/ntp doc/otp
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Sun Aug 10 00:35:12 CEST 2008
Author: jan
Date: 2008-08-10 00:35:10 +0200 (Sun, 10 Aug 2008)
New Revision: 1124
Removed:
trunk/openvas-server/doc/ntp/ntp_white_paper.txt
Modified:
trunk/openvas-server/ChangeLog
trunk/openvas-server/MANIFEST
trunk/openvas-server/doc/ntp/ntp_white_paper_11.txt
trunk/openvas-server/doc/otp/otp_specification_10.txt
Log:
* doc/ntp/ntp_white_paper.txt: Removed. It does not contain
any information not covered by otp_specification_10.txt.
* doc/ntp/ntp_white_paper_11.txt: Removed those elements
which are documented cleanly in otp_specification_10.txt
* doc/otp/otp_specification_10.txt: Extended with various
protocol command documentation.
* MANIFEST: Updated.
Modified: trunk/openvas-server/ChangeLog
===================================================================
--- trunk/openvas-server/ChangeLog 2008-08-08 22:58:24 UTC (rev 1123)
+++ trunk/openvas-server/ChangeLog 2008-08-09 22:35:10 UTC (rev 1124)
@@ -1,3 +1,16 @@
+2008-08-10 Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>
+
+ * doc/ntp/ntp_white_paper.txt: Removed. It does not contain
+ any information not covered by otp_specification_10.txt.
+
+ * doc/ntp/ntp_white_paper_11.txt: Removed those elements
+ which are documented cleanly in otp_specification_10.txt
+
+ * doc/otp/otp_specification_10.txt: Extended with various
+ protocol command documentation.
+
+ * MANIFEST: Updated.
+
2008-08-08 Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>
Started clean documentation of OTP.
Modified: trunk/openvas-server/MANIFEST
===================================================================
--- trunk/openvas-server/MANIFEST 2008-08-08 22:58:24 UTC (rev 1123)
+++ trunk/openvas-server/MANIFEST 2008-08-09 22:35:10 UTC (rev 1124)
@@ -12,7 +12,6 @@
doc/nsr_file_format.txt
doc/ntp/ntp_extensions.txt
doc/ntp/ntp_white_paper_11.txt
-doc/ntp/ntp_white_paper.txt
doc/ntp/plugin_prefs.txt
doc/ntp/README
doc/openvas-adduser.8
Deleted: trunk/openvas-server/doc/ntp/ntp_white_paper.txt
===================================================================
--- trunk/openvas-server/doc/ntp/ntp_white_paper.txt 2008-08-08 22:58:24 UTC (rev 1123)
+++ trunk/openvas-server/doc/ntp/ntp_white_paper.txt 2008-08-09 22:35:10 UTC (rev 1124)
@@ -1,126 +0,0 @@
-
-ATTENTION:
- Currently the specification document for OTP 1.0
- is established. Any feature clearified and added to
- ../otp/otp_specification_10.txt is removed here.
- The new specification for OTP is finished once the ntp
- documentation files are empty.
-
- Nessus Transfer Protocol White Paper
- version 1.0
-
-
-
-
-
-1. What is the Nessus Transfer Protocol (NTP) ?
-
- The NTP is the protocol that is used for the communication between
- openvasd (also known as the server) and a nessus client.
-
- This protocol is widely explained in order to facilitate the development
- of other clients than the 'standard' Nessus client.
-
- The NTP protocol is TCP based but has nothing to do with the Network
- Time Protocol (sorry, this is confusing)
-
-
-2. NTP typical message
-
- A NTP message is a suite of ASCII printable characters, which does not
- contain any line feed ('\n').
-
- Every NTP message is made up of 'fields' that are delimited by the string ' <|> '
- (note the spaces).
-
- The first field always contain the name of the entity that sends it (SERVER or
- CLIENT), and the second field always send the type of message.
- The content of the other fields depends of the message type.
- The last field of the message must be the same as the first field.
-
- eg : SERVER <|> ERROR <|> An error occurred ! <|> SERVER
-
-3. NTP messages types
-
- The Nessus Transfer Protocol currently recognizes the following messages types :
-
- ERROR
- PORT
- NEW_ATTACK
-
- 31. The "ERROR" type
-
- A NTP message declared as "ERROR" contains the description of an error that
- occurred. Once more, there must be NO line feed ('\n') character in this
- description.
- The syntax for this type is :
- entity <|> ERROR <|> error description <|> entity
-
- If the error is important, the server will send a 'BYE BYE' message
- (see the end of the document)
-
- 33. The "PORT" type
-
- A NTP message declared as "PORT" reports that a given port is open
- on a given host.
- The syntax for this type is :
-
- entity <|> PORT <|> hostname <|> portnumber <|> entity
-
-
- 34. The "NEW_ATTACK" type
-
- A NTP message of type "NEW_ATTACK" launches a new attack again a given
- host.
-
- The syntax of this type is :
-
- entity <|> NEW_ATTACK <|> pluginlist <|> maxhosts <|> recursive \
- <|> portrange <|> hostname <|> entity
-
- where :
-
- pluginlist : is the list of plugins to use. Each plugin is designated by a number
- (see #35 : The "PLUGIN_LIST" type), so the plugin list is a list of numbers separated
- by a semi-column ';' (eg : "1;39;11;3")
- If pluginlist equals to "-1", then all the plugins will be used
- If pluginlist equals to "0", then no plugin will be used (a simple portscanning will
- be performed)
-
- maxhosts : is the maximal number of hosts to test. "-1" means 'no maximum'
-
- recursive : should the hostloop system be used against _every_ host ? (0:no)
-
- portrange : range of ports to scan (default : "1-8000")
-
-4. A typical NTP session
-
- A typical NTP session has a real simple scheme :
-
- the server sends : the client answers :
-
- "< NTP/1.0 >"
- "User :"
- a user name
- "Password :"
- a valid password
- The server then sends
- its plugin list (see 35)
- the client sends a new attack
- message (see 34)
- the server sends various
- messages about the status
- of the attack (see 31,32,33)
-
- At any moment, the client can send the 'attack_stop' command (see 37)
-
- "SERVER <|> BYE <|> BYE"
- "anything\n" and
- closes the connection
-
-
-
-
-
-
-EOF
Modified: trunk/openvas-server/doc/ntp/ntp_white_paper_11.txt
===================================================================
--- trunk/openvas-server/doc/ntp/ntp_white_paper_11.txt 2008-08-08 22:58:24 UTC (rev 1123)
+++ trunk/openvas-server/doc/ntp/ntp_white_paper_11.txt 2008-08-09 22:35:10 UTC (rev 1124)
@@ -1,3 +1,9 @@
+ATTENTION:
+ Currently the specification document for OTP 1.0
+ is established. Any feature clearified and added to
+ ../otp/otp_specification_10.txt is removed here.
+ The new specification for OTP is finished once the ntp
+ documentation files are empty.
Nessus Transfer Protocol White Paper
version 1.1 and 1.2
@@ -153,25 +159,7 @@
Last but not least, the server can send plugins preferences. Please read the
'plugin_prefs' paper which is distributed with Nessus-980903 and the newest
versions.
-
-
-22. The "NEW_ATTACK" message
- Since the client can now send more informations for a test to the server,
- the "NEW_ATTACK" message is now much simpler :
-
- It used to be :
- entity <|> NEW_ATTACK <|> pluginlist <|> maxhosts <|> recursive \
- <|> portrange <|> hostname <|> entity
-
- It's now :
-
- entity <|> NEW_ATTACK <|> hostname <|> entity
-
- where 'hostname' can be an IP, a FQDN or a list of them
- (ie: "www.a.com,www.b.com,www.c.com" or "host1,host2,192.68.2.1"
- or whatever)
-
23. The "RULES" message
Modified: trunk/openvas-server/doc/otp/otp_specification_10.txt
===================================================================
--- trunk/openvas-server/doc/otp/otp_specification_10.txt 2008-08-08 22:58:24 UTC (rev 1123)
+++ trunk/openvas-server/doc/otp/otp_specification_10.txt 2008-08-09 22:35:10 UTC (rev 1124)
@@ -4,17 +4,17 @@
Michael Wiegand <michael.wiegand at intevation.de>
Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>
-PURPOSE
+ABOUT THIS DOCUMENT
This document describes OTP, the protocol used for communication between the
server and client modules of the Open Vulnerability Assessment System
(OpenVAS).
STATUS
This document is currently a draft; it does not describe the complete protocol
- yet, but only the changes between the Nessus Transport Protocol, version 1.2
- and the OpenVAS Transport Protocol, version 1.0. For more information on NTP
- please refer to the NTP specification for the time being.
+ yet but is still close to the Nessus Transport Protocol, version 1.2.
+ Apart from this the documentation itself is not complete yet.
+
INTRODUCTION
The OpenVAS project is a fork of the Nessus project. Because of this, the
initial protocol used for client-server communication was the Nessus
@@ -29,9 +29,7 @@
GENERAL CONSIDERATIONS
The initial specification of the OpenVAS Transport Protocol (OTP) is very
close to the NTP implementation in the last versions available under the GNU
- General Public License (GPL). The changes between NTP 1.2 -- the last NTP
- version used by OpenVAS -- and OTP 1.0 are explained in the CHANGES section
- below.
+ General Public License (GPL).
CHANGES
This section describes the changes between NTP 1.2 and OTP 1.0.
@@ -54,7 +52,21 @@
clients more control about the verbosity of the messages they receive from the
server.
+ Detached scans:
+ This functionality has been dropped due to design decisions.
+ This means the following commands have been removed
+ from the protocol: DETACHED_SESSIONS_LIST and DETACHED_STOP.
+ The following preferences have been removed from the protocol as
+ well: detached_scan, continuous_scan, delay_between_scan_loops,
+ detached_scan_email_address.
+GENERAL ASPECTS OF PROTOCOL
+
+ The OTP protocol is text-based, human readable and line-oriented.
+
+ Each line is made of fields separated by "<|>. The first fields indicates
+ whether it is a command send by client or by server ("CLIENT" vs. "SERVER").
+
PROTOCOL INITIALIZER AND PROTOCOL FEATURES
Description:
@@ -72,6 +84,8 @@
Syntax:
< OTP/1.0 >< protocol_feature1 protocol_feature2 ... >
+ User : user_name
+ Password : user_password
PROTOCOL COMMANDS
@@ -98,6 +112,18 @@
file_length: the number of bytes that will follow after the newline
file_content: the actual file as byte stream.
+ ERROR
+
+ Description:
+
+ In case of problems the server sends an error message with this
+ command. In case of unrecoverable problems, the server will then
+ close connection with BYE command.
+
+ Syntax:
+
+ SERVER <|> ERROR <|> error description <|> SERVER
+
HOLE
Description:
@@ -138,6 +164,17 @@
replaced by semicolons.
oid: the OID of the NVT that identified the problem.
+ NEW_ATTACK
+
+ Description:
+
+ With this command the client requests the server to attack target
+ system(s) "host". "host" is one or many (comma-separated) IP or FQDN.
+
+ Syntax:
+
+ CLIENT <|> NEW_ATTACK <|> host <|> CLIENT
+
NOTE
Description:
@@ -226,6 +263,17 @@
Additional information might be apended according to some procotol features.
Please refer to the description of the PLUGIN_INFO command for details.
+ PORT
+
+ Description:
+
+ With this command the server reports on open port
+ "port_number" on target system "host".
+
+ Syntax:
+
+ SERVER <|> PORT <|> host <|> port_number <|> SERVER
+
STAT
Description:
More information about the Openvas-commits
mailing list