[Openvas-commits] r1235 - trunk/openvas-compendium
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Thu Aug 28 16:05:31 CEST 2008
Author: mwiegand
Date: 2008-08-28 16:05:30 +0200 (Thu, 28 Aug 2008)
New Revision: 1235
Modified:
trunk/openvas-compendium/ChangeLog
trunk/openvas-compendium/openvas-compendium.tex
Log:
* openvas-compendium.tex: Last-minute fix for 0.2.0 release to make
hyperlatex generate static and human-readable URLs.
Modified: trunk/openvas-compendium/ChangeLog
===================================================================
--- trunk/openvas-compendium/ChangeLog 2008-08-28 12:45:24 UTC (rev 1234)
+++ trunk/openvas-compendium/ChangeLog 2008-08-28 14:05:30 UTC (rev 1235)
@@ -1,3 +1,8 @@
+2008-08-28 Michael Wiegand <michael.wiegand at intevation.de>
+
+ * openvas-compendium.tex: Last-minute fix for 0.2.0 release to make
+ hyperlatex generate static and human-readable URLs.
+
2008-08-28 Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>
Doing the 0.2.0 release.
Modified: trunk/openvas-compendium/openvas-compendium.tex
===================================================================
--- trunk/openvas-compendium/openvas-compendium.tex 2008-08-28 12:45:24 UTC (rev 1234)
+++ trunk/openvas-compendium/openvas-compendium.tex 2008-08-28 14:05:30 UTC (rev 1235)
@@ -90,7 +90,7 @@
\maketitle
-
+\xname{imprint}
\chapter*{Imprint}
\noindent
@@ -108,10 +108,13 @@
%XXX YYY for ZZZ (2008).\\
\clearpage
+\xname{contents}
\tableofcontents
\clearpage
+\xname{introduction}
\chapter{Introduction}
+\xname{about-this-compendium}
\section{About this Compendium}
\compendiumauthor{Jan-Oliver Wagner}
@@ -138,6 +141,7 @@
HTML output. The sources are available as module ,,openvas-compendium''
at the OpenVAS development platform\footnote{http://wald.intevation.org/projects/openvas}.
+\xname{about-the-openvas-project}
\section{About the OpenVAS Project}
\compendiumauthor{Michael Wiegand}
@@ -163,6 +167,7 @@
OpenVAS derives from the Nessus project which turned into a proprietary
product, but has progressed on its own since then.
+\xname{about-the-openvas-software}
\section{About the OpenVAS Software}
\compendiumauthor{Michael Wiegand}
@@ -206,9 +211,11 @@
\clearpage
+\xname{planning-openvas-based-network-auditing}
\chapter{Planning OpenVAS-based Network Auditing}
\compendiumauthor{Jan-Oliver Wagner}
+\xname{consider-coverage-of-available-vulnerability-tests}
\section{Consider Coverage of Available Vulnerability Tests}
\label{sec:NVT feed}
@@ -245,6 +252,7 @@
single shot: How sustainable is the feed service organized?
\end{itemize}
+\xname{choose-location-of-scan-server}
\section{Choose Location of Scan-Server}
If you are planning to use the OpenVAS security scanner in your network, the
@@ -281,10 +289,12 @@
\clearpage
+\xname{installing-and-configuring-openvas-server}
\chapter{Installing and Configuring OpenVAS-Server}
\label{chap:Install-And-Configure-Server}
\compendiumauthor{Tim Brown, Jan-Oliver Wagner and Michael Wiegand}
+\xname{installing-binary-packages-server}
\section{Installing Binary Packages}
Easily installable binary packages for OpenVAS-Client are available for
@@ -292,6 +302,7 @@
over time and thus the following descriptions might be slightly outdated;
please refer to the OpenVAS website for up-to-date information.
+\xname{installing-debian-server}
\subsection{Debian "Sid" (unstable) and "Lenny" (testing)}
OpenVAS server is currently being integrated into Debian. The following modules
@@ -311,6 +322,7 @@
ATTENTION: For the remaining modules you need to get the latest
source tar-balls and compile them on your own.
+\xname{installing-etch-server}
\subsection{Debian 4.0 ``Etch''(stable)}
The OpenVAS-Server modules are not official packages for the Debian 4.0 release
@@ -337,6 +349,7 @@
Note: If you know of further sources of backports, let the
OpenVAS team know and they will be added to this list.
+\xname{installing-gentoo-server}
\subsection{Gentoo}
\label{sec:gentoo-server}
@@ -386,6 +399,7 @@
# ACCEPT_KEYWORDS="~x86" USE="prelude -debug" emerge openvas
\end{verbatim}
+\xname{installing-suse-server}
\subsection{OpenSUSE 10.2}
In the download area you will find the files
@@ -428,6 +442,7 @@
simply running the OpenVAS server, it is not necessary to install the -devel-
packages.
+\xname{installing-fedora-server}
\subsection{Fedora 8}
In the download area you will find the files
@@ -484,8 +499,10 @@
simply running the OpenVAS server, it is not necessary to install the -devel-
packages.
+\xname{compiling-openvas-server-from-source}
\section{Compiling OpenVAS-Server from Source Packages}
+\xname{latest-source-code-release-server}
\subsection{Latest source code release}
The download link for the latest source code release can be found in the
@@ -508,6 +525,7 @@
Repeat for each module and read the corresponding INSTALL or README files.
+\xname{most-current-state-server}
\subsection{Most current state of development (directly from the source code
management
system)}
@@ -532,10 +550,12 @@
please be aware that you are using a development state that may be incomplete
and unstable and should not be used in production environments.
+\xname{configuring-openvas-server}
\section{Configuring OpenVAS-Server}
\label{sec:Configuring OpenVAS-Server}
\compendiumauthor{Michael Wiegand}
+\xname{generating-a-server-certificate}
\subsection{Generating a Server Certificate}
For security reasons, communication between server and client is only possible
@@ -554,6 +574,7 @@
you may of course use a certificate signed by the respective CA, which is e.g. done
by your trust center.
+\xname{adding-new-users}
\subsection{Adding New Users}
In order to use an OpenVAS server, a client needs to have a user account on the
@@ -606,6 +627,7 @@
default deny
\end{verbatim}
+\xname{advanced-configuration-server}
\subsection{Advanced Configuration}
If you need to make changes to the default OpenVAS-Server configuration, you can
@@ -744,6 +766,7 @@
\textit{(default value: yes)}
\end{description}
+\xname{configuring-nvt-feeds}
\section{Configuring NVT Feeds}
This section explains how NVT Feed Services work in general and how you can use
@@ -757,6 +780,7 @@
RSYNC technology. The signatures are only relevant for you if you configure
your OpenVAS server to execute only trusted NVTs.
+\xname{prerequisites-server}
\subsection{Prerequisites}
Apart from openvas-plugins (version 0.9.1 or higher), which contains the
@@ -766,6 +790,7 @@
management of your distribution should have taken care to meet these
dependencies already.
+\xname{synchronizing-with-openvas-nvt-feed}
\subsection{Performing a synchronization with an OpenVAS NVT Feed}
To synchronize your NVT repository with an OpenVAS NVT Feed, you need to follow
@@ -804,6 +829,7 @@
know what this means.
\end{enumerate}
+\xname{available-nvt-feed-services}
\subsection{Available NVT Feed Services}
For demonstration purposes, the OpenVAS project offers a simple NVT feed at
@@ -812,6 +838,7 @@
However, the NVTs are signed with the OpenVAS Transfer Integrity certificate.
+\xname{managing-nvt-signatures}
\section{Managing NVT signatures}
\compendiumauthor{Jan-Oliver Wagner}
@@ -823,6 +850,7 @@
The signatures correspond to the certificate "OpenVAS Transfer Integrity"
available on the OpenVAS website.
+\xname{what-is-a-signature}
\subsection{What is a Signature?}
A clever method is applied to compute a unique checksum for a file. If only a
@@ -837,6 +865,7 @@
the key. If you decided to do so (and there any many ways and supporting
technologies to manage this), you can accept the file as trustworthy.
+\xname{the-signature-format}
\subsection{The Signature Format}
The signatures for OpenVAS NVTs and associated files (.nasl, .inc and .nes) are
@@ -861,6 +890,7 @@
that OpenVAS no longer supports Nessus signatures and will consider plugins
unsigned even if the have a valid Nessus signature.
+\xname{the-signature-verification-process}
\subsection{The Signature Verification Process}
The signature verification of the OpenVAS server is activated by setting
@@ -895,6 +925,7 @@
functions that were regarded critical could be executed. OpenVAS explicitly only
distinguishes between fully trusted and untrusted files.
+\xname{how-to-add-a-certificate}
\subsection{How to Add a Certificate}
To add a certificate to the OpenVAS Server keyring, use this command:
@@ -905,6 +936,7 @@
See the OpenVAS website for available certificate files.
+\xname{how-to-set-trust}
\subsection{How to Set Trust}
To express trust into keys that signed NVTs (see "How to set trust" below) you
@@ -938,12 +970,14 @@
Before signing you should be absolutely sure that you are signing correct
certificate. You may use its fingerprint and other methods to convince yourself.
+\xname{how-to-remove-a-certificate}
\subsection{How to Remove a Certificate}
\begin{verbatim}
# gpg --homedir=/etc/openvas/gnupg --delete-keys KEY_ID
\end{verbatim}
+\xname{manual-signature-verification}
\subsection{Manual Signature Verification}
In case you want to manually verify the validity of a .nasl file, you can
@@ -966,15 +1000,18 @@
trace file.
\clearpage
+\xname{installing-and-configuring-openvas-client}
\chapter{Installing and Configuring OpenVAS-Client}
\compendiumauthor{Tim Brown, Jan-Oliver Wagner and Michael Wiegand}
+\xname{installing-binary-packages-client}
\section{Installing Binary Packages}
Easily installable binary packages for OpenVAS-Client are available for
download on the OpenVAS website. The availability of these packages may change
over time; please refer to the OpenVAS website for up-to-date information.
+\xname{installing-debian-client}
\subsection{Debian "Sid" (unstable) and "Lenny" (testing)}
OpenVAS-Client is an official Debian package for the distribution "unstable"
@@ -989,6 +1026,7 @@
# apt-get install openvas-client
\end{verbatim}
+\xname{installing-etch-client}
\subsection{Debian "Etch" 4.0 (stable)}
OpenVAS-Client is not an official package for the Debian 4.0 release ("Etch").
@@ -1009,6 +1047,7 @@
# apt-get install openvas-client
\end{verbatim}
+\xname{installing-ubuntu-client}
\subsection{Ubuntu 8.10 "Intrepid Ibex"}
OpenVAS-Client has been added to the upcoming Ubuntu 8.10 release
@@ -1028,11 +1067,13 @@
Heron"). To install OpenVAS-Client on Ubuntu 8.04 LTS, simply follow the
instructions for Debian 4.0 "Etch" as described above.
+\xname{installing-gentoo-client}
\subsection{Gentoo}
Please see the installation description for OpenVAS-Server on Gentoo in
section \ref{sec:gentoo-server}.
+\xname{installing-suse-client}
\subsection{OpenSUSE 10.2}
In the download area you will find the file
@@ -1044,7 +1085,7 @@
You will need these files only if you plan to rebuild the actual installation
package.
-
+\xname{installing-fedora-client}
\subsection{Fedora 8}
In the download area you will find the file
@@ -1057,14 +1098,17 @@
You will need these files only if you plan to rebuild
the actual installation package.
+\xname{installing-windows-client}
\subsection{Windows XP SP2}
In the download area you will find the file OpenVAS-Client-N.N.N-M-LL-setup.exe
where N.N.N stands for the version of OpenVAS-Client, M for the package release
number and LL for the language (e.g. en=English, de=German, sv=Swedish).
+\xname{compiling-openvas-client-from-source}
\section{Compiling OpenVAS-Client from Source Packages}
+\xname{latest-source-code-release-client}
\subsection{Latest source code release}
Download the ".tar.gz" source code archive from the download section of the
@@ -1074,6 +1118,7 @@
Now read the README file inside the new directory for further instructions.
+\xname{most-current-state-client}
\subsection{Most current state of development (directly from the source code
management system)}
@@ -1093,6 +1138,7 @@
\clearpage
+\xname{using-openvas-client}
\chapter{Using OpenVAS-Client}
\compendiumauthor{Jan-Oliver Wagner}
@@ -1104,6 +1150,7 @@
might offer additional or changed functionality. In case, please refer to the website
for information or support.
+\xname{the-main-window}
\section{The Main Window}
\label{sec:MainWindow}
@@ -1123,7 +1170,7 @@
required to make a plugin selection. You can establish a connection with a
server and then specify a global default plugin selection for later use.
-
+\xname{tasks}
\subsection{Tasks}
Tasks are intended to cover all activities of a major topic. A task could be
@@ -1157,7 +1204,7 @@
This means the removal of all scopes associated with this task and thus the
removal action prompts for a confirmation.
-
+\xname{scopes}
\subsection{Scopes}
A scope can be seen as a sub-task. It defines a certain security scan.
@@ -1243,7 +1290,7 @@
that only the parameter sets are stored but not the reports. See above
the description of {}``Open'' for more hints.
-
+\xname{reports}
\subsection{Reports}
\label{sec:Reports}
@@ -1295,7 +1342,7 @@
system and this menu item does not work, please check if the executable file for
your PDF viewer is available in your system path.
-
+\xname{authentication-client}
\section{Authentication}
OpenVAS-Client needs to connect to an OpenVAS server in order to retrieve
@@ -1374,12 +1421,13 @@
of the CA certificate and set the location of the certificate file
manually.
-
+\xname{scan-options}
\section{Scan Options}
This section explains the most important configuration options for
a security scan.
+\xname{scan-options-general}
\subsection{General}
This page covers all the general scan options. See the screenshot
@@ -1470,7 +1518,7 @@
Clicking on an entry shows the details for the respective scanner
plugin.
-
+\xname{scan-options-plugins}
\subsection{Plugins}
The plugins are stored on the OpenVAS server. Thus, to make a selection
@@ -1560,7 +1608,7 @@
information on whether the dependencies are currently
enabled or disabled.
-
+\xname{scan-options-credentials}
\subsection{Credentials}
Some of the plugins allow to enter credentials to test certain applications,
@@ -1570,7 +1618,7 @@
\IncludeImage[width=10cm]{images/mainwindow-credentials-en}
-
+\xname{scan-options-target-selection}
\subsection{Target Selection}
\IncludeImage[width=12cm]{images/mainwindow-targetselection-en}
@@ -1601,6 +1649,7 @@
to the target name server and will attempt to obtain the list of the
hosts in the target domain. Then, it will test each host.
+\xname{scan-options-plugin-preferences}
\subsection{Plugin Preferences}
Some of the plugins allow to refine with specific parameters. All
@@ -1611,8 +1660,10 @@
Only a comparably small number of plugins offer a configuration.
+\xname{scan-options-access-rules}
\subsection{Access Rules}
+\xname{scan-options-knowledge-base}
\subsection{Knowledge Base}
The configuration section for the Knowledge Base (KB) allows you to control
@@ -1677,10 +1728,10 @@
KB (in seconds). A KB older than this value is automatically discarded.
\end{description}
-
+\xname{reports-client}
\section{Reports}
-
+\xname{report-page}
\subsection{Report Page of OpenVAS-Client}
The report page consists of three elements. On the left hand a tree list
@@ -1692,6 +1743,7 @@
\IncludeImage[width=13cm]{images/mainwindow-report-en}
+\xname{report-formats}
\subsection{Report Formats}
The scan results can be exported into a number of formats. Basically
@@ -1704,6 +1756,7 @@
For further information see the section \ref{sec:Reports} about the menu command
{}``Report->Export''.
+\xname{openvas-client-preferences}
\section{OpenVAS-Client Preferences}
OpenVAS-Client allows you to specify some individual preferences that
@@ -1714,7 +1767,7 @@
The following selection are available:
-
+\xname{user-interface}
\subsection{User Interface}
@@ -1735,6 +1788,7 @@
a quick overview over which hosts are running a service on a certain port than
in which ports are open on a certain host.
+\xname{connecting-to-the-openvas-server}
\subsection{Connection to the OpenVAS server}
@@ -1755,6 +1809,7 @@
OpenVAS Transport Protocol). Please be aware that the server will close the
connection if the client asks for an unsupported protocol.
+\xname{plugin-cache-client}
\subsection{Plugin Cache}
@@ -1809,7 +1864,7 @@
when connecting'' for the benefit of avoiding to load possibly huge
caches once clicking on a scope entry.
-
+\xname{report-settings}
\subsection{Report}
@@ -1831,6 +1886,7 @@
this option is enabled, these reports will contain the name and the OID of the
NVT that reported the issue.
+\xname{external-links-in-reports}
\subsection{External Links in HTML/PDF}
These settings determine the URLs for linking more information on
@@ -1854,19 +1910,23 @@
\clearpage
+\xname{performing-local-security-checks}
\chapter{Performing Local Security Checks}
\compendiumauthor{Jan-Oliver Wagner}
+\xname{debian-local-security-checks}
\section{Debian Local Security Checks}
This section explains how to run local security checks with OpenVAS. So far,
this procedure has been tested only with Debian local security checks.
+\xname{prerequisites-dlsc}
\subsection{Prerequisites}
To perform local security checks, you need a working OpenVAS-Server
installation. Information on setting up and configuring OpenVAS-Server is
available in chapter \ref{chap:Install-And-Configure-Server}.
+\xname{create-users-for-local-security-checks}
\subsection{Create users for local security checks}
First, you need a key with certificate:
@@ -1892,6 +1952,7 @@
$ chmod 400 .ssh/authorized_keys
\end{verbatim}
+\xname{configure-the-local-security-checks-in-openvas-client}
\subsection{Configure the local security checks in OpenVAS-Client}
In Preferences, configure SSH Authorization:
@@ -1916,6 +1977,7 @@
or ensure dependencies are resolved at runtime (see checkboxes) if you select
only some local security checks.
+\xname{windows-local-security-checks}
\section{Windows Local Security Checks}
In order to provide - analogous to the Linux Local Security Check - a framework
@@ -1934,6 +1996,7 @@
The advantage of this smbclient integration is to act more flexible on protocol
changes on the SAMBA/CEFIS protocol side.
+\xname{preparing-the-openvas-server-wlsc}
\subsection{Preparing the OpenVAS Server}
To install the WLSC, a few steps are required to be taken on the server that
@@ -1956,6 +2019,7 @@
\end{enumerate}
+\xname{preparing-the-microsoft-windows-target}
\subsection{Preparing the Microsoft Windows target}
The WLSC implementation has been tested on the following Microsoft Windows
@@ -1997,6 +2061,7 @@
\IncludeImage[width=10cm]{images/wlsc-windows-en}
+\xname{executing-the-checks-via-openvas-client-wlsc}
\subsection{Executing the checks via OpenVAS-Client}
Using the OpenVAS-Client you specify the credentials and the target host
@@ -2008,10 +2073,13 @@
\clearpage
+\xname{using-integrated-tools}
\chapter{Using Integrated Tools}
+\xname{security-local-auditing-daemon}
\section{Security Local Auditing Daemon (SLAD)}
\compendiumauthor{Jan-Oliver Wagner}
+\xname{how-to-use-slad-with-openvas}
\subsection{How to use Security Local Auditing Daemon (SLAD) with OpenVAS}
Homepage: \hyperurl{http://www.dn-systems.org/slad.shtml}
@@ -2085,6 +2153,7 @@
John-the-ripper could take very long).
\end{enumerate}
+\xname{nikto}
\section{Nikto}
\compendiumauthor{Michael Wiegand}
@@ -2097,6 +2166,7 @@
OpenVAS is able to recognize an installed version of Nikto and can integrate
the results of a Nikto scan in the scan results.
+\xname{prerequisites-nikto}
\subsection{Prerequisites}
In order to be able to perform a Nikto scan from within OpenVAS, the following
@@ -2110,12 +2180,14 @@
abuses} in the plugin section of your client.
\end{itemize}
+\xname{starting-a-nikto-scan}
\subsection{Starting a Nikto scan}
If the Nikto plugin is present and enabled, it will be executed with your next
scan. The results returned by Nikto will be available together with the rest of
the scan results.
+\xname{understanding-nikto-results}
\subsection{Understanding Nikto results}
Some web servers are (intentionally or unintentionally) configured to respond
@@ -2142,6 +2214,7 @@
\clearpage
+\xname{developers-guide-for-nasl-scripts}
\chapter{Developers Guide for NASL scripts}
The Network Vulnerability Tests (NVTs) used by OpenVAS to check for existing
@@ -2166,6 +2239,7 @@
programming languages should be able to pick up the basics of NASL development
in a relatively short amount of time.
+\xname{basic-structure-of-nasl-scripts}
\section{Basic Structure of NASL Scripts}
All NASL scripts have to contain a set of information about themselves by which
@@ -2220,8 +2294,10 @@
description, please refer to the section \ref{sec:NASL-desc} of the NASL API
documentation.
+\xname{basic-nasl-syntax}
\section{Basic NASL Syntax}
+\xname{nasl-comments}
\subsection{Comments}
Comments in NASL start with the \verb|#| character. If a \verb|#| character is
@@ -2233,6 +2309,7 @@
a = b + c; # This is a comment as well.
\end{verbatim}
+\xname{nasl-variables-and-declarations}
\subsection{Variables and Declarations}
Variables are implicitly declared in NASL; this means that it is not necessary
@@ -2247,6 +2324,7 @@
first time the variable is assigned. Memory allocation is automatically handled
by the interpreter as well.
+\xname{nasl-data-types}
\subsection{Data Types}
\begin{itemize}
@@ -2256,10 +2334,13 @@
\item Booleans
\end{itemize}
+\xname{nasl-numbers-and-strings}
\subsection{Numbers and Strings}
+\xname{nasl-function-arguments}
\subsection{Function Arguments}
+\xname{nasl-loops}
\subsection{Loops}
\begin{itemize}
@@ -2272,9 +2353,10 @@
\item return
\end{itemize}
-
+\xname{nasl-user-defined-functions}
\subsection{User-defined Functions}
+\xname{nasl-operators}
\subsection{Operators}
\begin{itemize}
@@ -2317,14 +2399,19 @@
\item >>>
\end{itemize}
+\xname{nasl-operator-precedence}
\subsubsection{Operator Precedence}
+\xname{nasl-api-documentation}
\section{NASL API Documentation}
+\xname{nasl-pre-defined-constants}
\subsection{Pre-defined Constants}
+\xname{nasl-built-in-functions}
\subsection{Built-In Functions}
+\xname{nasl-socket-manipulation}
\subsubsection{Socket Manipulation}
\begin{itemize}
@@ -2339,6 +2426,7 @@
\item \verb!send()!
\end{itemize}
+\xname{nasl-network-operations}
\subsubsection{Network Operations}
\begin{itemize}
@@ -2357,6 +2445,7 @@
\item \verb!this_host_name()!
\end{itemize}
+\xname{nasl-ftp-operations}
\subsubsection{FTP Operations}
\begin{itemize}
@@ -2364,6 +2453,7 @@
\item \verb!ftp_get_pasv_port()!
\end{itemize}
+\xname{nasl-http-operations}
\subsubsection{HTTP Operations}
\begin{itemize}
@@ -2379,6 +2469,7 @@
\item \verb!http_put()!
\end{itemize}
+\xname{nasl-packet-manipulation}
\subsubsection{Packet Manipulation}
\begin{itemize}
@@ -2402,6 +2493,7 @@
\item \verb!dump_udp_packet()!
\end{itemize}
+\xname{nasl-utilities}
\subsubsection{Utilities}
\begin{itemize}
@@ -2415,6 +2507,7 @@
\item \verb!getrpcport()!
\end{itemize}
+\xname{nasl-string-manipulation}
\subsubsection{String Manipulation}
\begin{itemize}
@@ -2444,6 +2537,7 @@
\item \verb!toupper()!
\end{itemize}
+\xname{nasl-knowledge-base}
\subsubsection{Knowledge Base}
\begin{itemize}
@@ -2454,6 +2548,7 @@
\item \verb!replace_or_set_kb_item()!
\end{itemize}
+\xname{nasl-plugin-description}
\subsubsection{Plugin Description}
\begin{itemize}
@@ -2526,6 +2621,7 @@
\item \verb!script_timeout()!
\end{itemize}
+\xname{nasl-report-functions}
\subsubsection{Report Functions}
\begin{itemize}
@@ -2535,6 +2631,7 @@
\item \verb!security_note()!
\end{itemize}
+\xname{nasl-crypto-functions}
\subsubsection{Crypto Functions}
\begin{itemize}
@@ -2553,6 +2650,7 @@
\item \verb!SHA1()!
\end{itemize}
+\xname{nasl-misc-functions}
\subsubsection{Miscellaneous Functions}
\begin{itemize}
@@ -2577,6 +2675,7 @@
\item \verb!get_preference()!
\end{itemize}
+\xname{nasl-unsafe-functions}
\subsubsection{``Unsafe'' Functions}
\begin{itemize}
@@ -2594,6 +2693,7 @@
\item \verb!pread()!
\end{itemize}
+\xname{nasl-library-functions}
\subsection{Functions from the NASL Library}
Apart from the built-in functions provided by NASL itself it is also possible
@@ -2693,7 +2793,7 @@
version\_test()
\end{description}
-
+\xname{knowledge-base}
\subsection{Knowledge Base}
\label{sec:NASL-KB}
@@ -3023,6 +3123,7 @@
\item[zonealarm/version] zone\_alarm\_local\_dos.nasl
\end{description}
+\xname{test-and-debugging-procedures}
\section{Test and debugging procedures}
There are different approaches to test your OpenVAS NVTs; for example, the
@@ -3032,6 +3133,7 @@
An excellent start is using the \verb|openvas-nasl| tool to execute your script
on the target environment to see if any error messages come up.
+\xname{testing-a-local-vulnerability}
\subsection{Testing a local vulnerability}
Here is an example of using the \verb|openvas-nasl| tool to perform a test:
@@ -3124,6 +3226,7 @@
The last line tells us that an incorrect syntax for the qpkg tool was given to
the LVT.
+\xname{testing-a-network-vulnerability}
\subsection{Testing a network vulnerability}
Here is an example using the openvas-nasl tool to perform a test:
@@ -3267,6 +3370,7 @@
To detect this, compile OpenVAS NASL with debug symbols and use GDB. More
information on GBD can be found at: http://www.gnu.org/software/gdb/gdb.html.
+\xname{writing-smbclient-based-wlsc-nasl-scripts}
\section{Writing SMBclient-based WLSC NASL Scripts}
\compendiumauthor{Carsten Koch Mauthe}
@@ -3274,6 +3378,7 @@
The SMB-Client API is made available as \verb!smbcl_func.inc!. This file has to
be included in any WLSC Script.
+\xname{smbclient-smbclientavail}
\subsubsection{smbclientavail()}
This function returns TRUE if smbclient can be used from within openvasd.
@@ -3299,13 +3404,14 @@
}
\end{verbatim}
+\xname{smbclient-smbversion}
\subsubsection{smbversion()}
This function returns TRUE if successful and writes the DOMAIN, OS Version and
SMB Server version to the knowledge base as items "SMB/DOMAIN", "SMB/OS" and
"SMB/SERVER".
-
+\xname{smbclient-smbgetfile}
\subsubsection{smbgetfile(share, filename, tmp\_filename)}
Use this function to get a file from the target host and save this file locally
@@ -3317,6 +3423,7 @@
smbgetfile(share: "C$", filename: orig_filename, tmp_filename: tmp_filename)
\end{verbatim}
+\xname{smbclient-smbgetdir}
\subsubsection{smbgetdir(share, dir, typ)}
Use this function to get directory entries from the SMB source.
@@ -3334,6 +3441,7 @@
r = smbgetdir(share: "C$", dir: "C:\Windows\systems32\*.dll", typ: 1);
\end{verbatim}
+\xname{smbclient-getpefileversion}
\subsubsection{GetPEFileVersion (tmp\_filename, orig\_filename)}
This function returns the Version of Windows PE/32 executables like .exe or
@@ -3354,11 +3462,13 @@
...
\end{verbatim}
+\xname{smbclient-get-windir}
\subsubsection{get\_windir()}
This function returns the standard Windows folder WINNT or WINDOWS, depending on
the OS found by "smbversion".
+\xname{smbclient-example}
\subsection{Example}
This is a complete NASL test for a Windows Local Security Check. It can be found
@@ -3502,8 +3612,10 @@
\clearpage
+\xname{developers-guide-for-openvas-server-and-client}
\chapter{Developers Guide for OpenVAS Server and Client}
\compendiumauthor{Jan-Oliver Wagner}
+\xname{the-openvas-source-code-map}
\section{The OpenVAS Source Code Map}
A large chunk of the OpenVAS codebase was inherited from Nessus. As with
@@ -3521,6 +3633,7 @@
\IncludeImage[width=14cm]{images/OpenVAS-Module-Internals}
+\xname{source-code-branches}
\section{Source Code Branches for Stable and In-Development}
If you look at the OpenVAS source code for the first time, you might wonder what
@@ -3565,6 +3678,7 @@
series (1.1.6, 1.1.7) will come from this branch, while the trunk undergoes
major changes that will ultimately lead to the release of 1.2.0.
+\xname{code-quality-and-code-security}
\section{Code Quality and Code Security}
Especially as an IT security product, the OpenVAS project is committed to a high
@@ -3588,6 +3702,7 @@
the issues reported do not have a significant impact on code quality and
security.
+\xname{management-of-openvas-change-requests}
\section{Management of OpenVAS Change Requests}
OpenVAS change requests describe proposed changes to one of the OpenVAS
@@ -3638,6 +3753,7 @@
The voting process itself is not yet fully formalized and subject to change;
ideas and suggestions are welcome.
+\xname{submitting-patches}
\section{Submitting Patches}
If you have found (and fixed) a bug in the OpenVAS source code, implemented a
@@ -3670,6 +3786,7 @@
openvas-devel at wald.intevation.org with a short explanation as to what you did
and why you did it.
+\xname{write-access-to-source-code-repository}
\section{Write-Access to Source Code Repository}
Write access to the source code repository is granted by the project
@@ -3684,6 +3801,7 @@
developers. Low quality changes or uncoordinated high-impact-changes
might get reverted immediately.
+\xname{maintaining-changelog}
\section{Maintaining ChangeLog}
Any main module of OpenVAS maintains a ``ChangeLog'' file in its
@@ -3709,6 +3827,7 @@
The developer's ChangeLog is the base for writing the user's CHANGES when a new
release is prepared.
+\xname{source-code-style-guide}
\section{Source Code Style Guide}
Currently there is no complete definition of a style guide
@@ -3732,10 +3851,12 @@
\end{itemize}
+\xname{openvas-transfer-protocol}
\chapter{OpenVAS Transfer Protocol (OTP)}
\clearpage
+\xname{document-license}
\chapter{Document License: CC by SA}
\begin{latexonly}
@@ -3770,5 +3891,5 @@
\end{latexonly}
\W \hyperurl{http://creativecommons.org/licenses/by-sa/3.0/}
-
+\W \xname{footnotes}
\end{document}
More information about the Openvas-commits
mailing list