# [Openvas-commits] r1645 - trunk/openvas-compendium

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Tue Oct 28 16:06:50 CET 2008

Author: mwiegand
Date: 2008-10-28 16:06:50 +0100 (Tue, 28 Oct 2008)
New Revision: 1645

Modified:
trunk/openvas-compendium/ChangeLog
trunk/openvas-compendium/openvas-compendium.tex
Log:
Applied patch for numerous typos found by Matthew Mundell.

* openvas-compendium.tex: Fixed typos.

Modified: trunk/openvas-compendium/ChangeLog
===================================================================
--- trunk/openvas-compendium/ChangeLog	2008-10-28 10:29:07 UTC (rev 1644)
+++ trunk/openvas-compendium/ChangeLog	2008-10-28 15:06:50 UTC (rev 1645)
@@ -1,3 +1,9 @@
+2008-10-28  Michael Wiegand <michael.wiegand at intevation.de>
+
+	Applied patch for numerous typos found by Matthew Mundell.
+
+	* openvas-compendium.tex: Fixed typos.
+
2008-10-27  Felix Wolfsteller <felix.wolfsteller at intevation.de>

Created new macro for displaying images with smthg. like captions in a

Modified: trunk/openvas-compendium/openvas-compendium.tex
===================================================================
--- trunk/openvas-compendium/openvas-compendium.tex	2008-10-28 10:29:07 UTC (rev 1644)
+++ trunk/openvas-compendium/openvas-compendium.tex	2008-10-28 15:06:50 UTC (rev 1645)
@@ -159,7 +159,7 @@
interface, run specific test methods and write NASL vulnerability tests up to
details on the internal architecture of the actual scan server software.

-This compendium is permanently improved and extended.
+This compendium is permanently being improved and extended.
You may find some sections not comprehensive enough and you
may miss some topics entirely.

@@ -190,12 +190,12 @@
The majority of the team members has a long professional record
in security consulting and/or software development.

-The OpenVAS project is open for new members.
+The OpenVAS project is open to new members.
Formal processes exist only where helpful, e.g. getting
a team member just means to take part in the processes
(design, development, tests, reviews, packaging, support).

-All OpenVAS products are Free Software under GNU General Public License (GNU GPL).
+All OpenVAS products are Free Software under the GNU General Public License (GNU GPL).

OpenVAS derives from the Nessus project which turned into a proprietary
product, but has progressed on its own since then.
@@ -333,11 +333,11 @@
\subsection{Hardware}

OpenVAS usually does not need outstanding hardware performance nor
-consumes considerable disk space.
+does it consume considerable disk space.
A standard server configuration will be sufficient in most cases.

Most users use OpenVAS with a IA32 architecture. 64bit and PowerPC architectures
-are also supported, but not tested to the same extend.
+are also supported, but not tested to the same extent.

\xname{choose-type-of-server-os}
\subsection{Operating System}
@@ -637,7 +637,7 @@
\item[logfile] The file used to log activity. If this value is set to 'syslog',
OpenVAS-Server will use syslogd for logging.
\textit{(default value: /var/log/openvas/openvasd.messages)}
- \item[log\_whole\_attack] This setting controls how detailed should be logged. If
+ \item[log\_whole\_attack] This setting controls how detailed the log should be. If
this option is set to 'no', only the start and end time of the scan is logged.
If set to 'yes', OpenVAS-Server will log more information, including the time
each plugin took to execute. Be aware that this may cause OpenVAS-Server to use
@@ -692,7 +692,7 @@
\textit{(default value: yes)}

\item[auto\_enable\_dependencies] If this option is set to 'yes', OpenVAS-Server
-will automatically enable plugins which are need by the plugins selected by the
+will automatically enable plugins which are needed by the plugins selected by the
user. \textit{(default value: yes)}

\item[silent\_dependencies] If this option is set to 'yes', output from plugins
@@ -877,7 +877,7 @@
single character in the file changes, the checksum will change as well. This
checksum is digitally signed in a way that you can test with a public
certificate whether a certain key was used to create the signature. Such a key
-and certificate do always form a pair that is related to each other. If the
+and certificate do always form a pair that relates them to each other. If the
signed file has been modified by a third party, the signature will be broken. In
this case you should not trust the file.

@@ -1065,9 +1065,9 @@

\begin{itemize}
\item \verb|openvasd.conf|: the main server configuration.
-\item \verb|openvasd.rules|: rules to restrict set of target systems for OpenVAS users.
+\item \verb|openvasd.rules|: rules to restrict sets of target systems for OpenVAS users.
\item \verb|gnupg|: the keyring and trust levels for defining which NVTs are allowed for
-  execution
+  execution.
\end{itemize}

\xname{usr-local-include-openvas}
@@ -1116,7 +1116,7 @@
\xname{usr-local-var-lib-openvas}
\section{Server installation specific data (PREFIX/var/lib/openvas)}

-This directory contains data which are specific for each OpenVAS installation:
+This directory contains data which is specific to each OpenVAS installation:

\begin{itemize}

@@ -1464,15 +1464,15 @@
menu command. Note that here only the parameter sets are covered but
not the reports which are represented by files of their own. So, opening
-and saving (see below) scopes is a method to transfer you settings
+and saving (see below) scopes is a method to transfer your settings
to someone else or to create a copy of the current scope for yourself.

\paragraph{Save As}

Saves the current scope to a file (which is of openvasrc type). Note
-that only the parameter sets are stored but not the reports. See above
-the description of {}Open'' for more hints.
+that only the parameter sets are stored but not the reports. See
+the description of {}Open'' above for more hints.

\xname{reports}
\subsection{Reports}
@@ -1501,7 +1501,7 @@

Allows to import a report from a file. The standard exchange format
is NBE (files suffixed {}.nbe''). The file selection dialog allows
-to select the desired report file. A error hint will be displayed
+to select the desired report file. An error hint will be displayed
if the file format was not NBE. Else, the report is added to the currently
selected scope. Neither comments nor options will be there for a report
imported from a NBE file.
@@ -1514,7 +1514,7 @@
(XML, HTML, HTML with Pies and Graphs, \LaTeX{}, ASCII Text and PDF).
It is recommended to use NBE if re-importing is planned and to use
PDF for creating simple report documents that need no further editing.
-Use one of the other if you want to further process the report or
+Use one of the others if you want to further process the report or
integrate it into your own document style.

@@ -1548,6 +1548,7 @@

at the bottom of the main window. There, the connection information
+% FIX should be e.g. ? why extra .?
is displayed, i.e.. {}Connection: username at host.test.example''.
At bottom right there is an icon indicating the connection status.

@@ -1642,7 +1643,7 @@
\paragraph{Number of hosts to test at the same time}

Maximal number of hosts that the OpenVAS server will test at the same
-time. Be aware that the OpenVAS server will spawn max\_hosts max\_checks
+time. Be aware that the OpenVAS server will spawn max\_hosts x max\_checks
processes!

@@ -1775,9 +1776,10 @@

\paragraph{Plugin information dialog}

-Double-clicking on a specific plugin title will raise a information
+Double-clicking on a specific plugin title will raise an information
dialog for the respective plugin.

+% FIX The values shown...?
The information shown are the ones specified within the corresponding
plugin.

@@ -1850,6 +1852,7 @@
\xname{scan-options-plugin-preferences}
\subsection{Plugin Preferences}

+% FIX ... allow refinement via specific parameters. ...?
Some of the plugins allow to refine with specific parameters. All
where the user may modify the default values.
@@ -1862,19 +1865,19 @@
\subsection{Access Rules}

In this section you can view and manage the access rules for your scan. These
-rules determine which host you may scan. Note that there three kinds off access
+rules determine which host you may scan. Note that there are three kinds of access
rules:

\begin{description}
\item[Server rules] These rules are global to the server and will affect all
users that connect to this server.
- \item[Serverside user rules] These rules are specific to an user and affect
+ \item[Serverside user rules] These rules are specific to a user and affect
only this user, no matter from which client he connects to this server.
\item[Clientside user rules] These rules are specific to the client. They will
affect only the scope in which they are defined.
\end{description}

-The first two rulesets are sent by server only to inform the client about
+The first two rulesets are sent by the server only to inform the client about
possible restrictions and cannot be changed by the client. Only the last
ruleset can be changed by the client.

@@ -2236,7 +2239,7 @@
However, the OpenVAS solution is using samba (smbclient) and does not
re-implement the binary SMB protocol in NASL.

-The advantage of this smbclient integration is to act more flexible on protocol
+The advantage of this smbclient integration is to act more flexibly on protocol
changes on the SAMBA/CEFIS protocol side.

\xname{preparing-the-openvas-server-wlsc}
@@ -2381,7 +2384,7 @@
\subsubsection{lsof}

The Unix system utility lsof simply shows a list of files currently open on the
-system and which program uses them. This can assist an administrator to find
+system and which programs use them. This can assist an administrator to find
unusual activity on the system.

@@ -2421,7 +2424,7 @@
detecting a large number of attacks such as buffer overflows, stealth port
scans, CGI attacks, SMB probes or OS fingerprinting attempts by doing both
protocol analysis and content checks. Once an attack has been detected Snort is
-also capable of counteracting them by dropping the according connections.  The
+also capable of counteracting it by dropping the according connections.  The
SLAD plugin selects all relevant Snort messages from a MySQL Database and sends
them to the management platform.

@@ -2509,7 +2512,7 @@
\subsection{Understanding Nikto results}

Some web servers are (intentionally or unintentionally) configured to respond
-to requests for non-existent with an HTTP status code other than 404. This can
+to requests for non-existent files with an HTTP status code other than 404. This can
be used to direct these requests from human users to a page with helpful
information (like a sitemap), but tends to confuse security assessment tools
like Nikto checking whether possibly sensitive or dangerous content can be
@@ -2663,7 +2666,7 @@
\end{verbatim}

The plugin description has to be contained in the \verb|if (description)| block
-so the OpenVAS server can retrieve it. The first time it the server encounters a
+so the OpenVAS server can retrieve it. The first time the server encounters a
new plugin, it will be called with the global variable \verb|description| set
to \verb|TRUE|. The information provided by the plugin will be cached in
the \verb|.desc| subdirectory in the plugins directory. When the script is
@@ -3172,8 +3175,8 @@
\label{sec:NASL-KB}

In order to facilitate the exchange of information between different NVTs and to
-speed up the scanning process, information collected by plugins can be to stored
-in a Knowledge Base (KB). This enables plugins to built upon the results of
+speed up the scanning process, information collected by plugins can be stored
+in a Knowledge Base (KB). This enables plugins to build upon the results of
other plugins and can help to avoid duplicate scans.

Below is a list of known KB entries and the NASL/NES scripts that are known to
@@ -3532,7 +3535,7 @@
\end{verbatim}

This is telling us that this script has a syntax error.
contains only syntactically correct NASL.

Now you can test on your target host, if the LVT is correct, by writing
@@ -3629,7 +3632,7 @@
contains only correct NASL.

The test on the network is a bit more complicated. To test if the right packet
-was sent, you can use TCPDUMP to capture the communication between the host can
+was sent, you can use TCPDUMP to capture the communication between the host and
the client, e.g.:

\begin{verbatim}
@@ -4069,7 +4072,7 @@

Especially as an IT security product, the OpenVAS project is committed to a high
level regarding code quality and security. While the code inherited from Nessus
-certainly left room for improvements in this two aspects, the OpenVAS project is
+certainly left room for improvements in these two aspects, the OpenVAS project is
confident in its abilities to mitigate these shortcomings and to further improve
code quality and security.

@@ -4306,7 +4309,7 @@
this message type has been removed from the protocol.

\paragraph{Protocol extensions}
-These protocol extensions have been made standard of the OTP protocol:
+These protocol extensions have been made standard in the OTP protocol:
"timestamps", "dependencies", "plugins\_version", "plugins\_cve\_id",
"plugins\_bugtraq\_id" and "plugins\_xrefs".

@@ -4356,10 +4359,10 @@

where
\begin{description}
- \item[file\_name] The path and name of the file. It is a identifier
+ \item[file\_name] The path and name of the file. It is an identifier
to reference the file in the plugin preferences.
\item[file\_length] the number of bytes that will follow after the newline
- \item[file\_content] the actual file as byte stream.
+ \item[file\_content] the actual file as a byte stream.
\end{description}

\xname{otp-bye}
@@ -4400,7 +4403,7 @@
\subsection{DEBUG}

\paragraph{Description:}
-With this command the server reports a identified problem of class "debug". The
+With this command the server reports an identified problem of class "debug". The
"general" version is applied if no port relates to the note.

\paragraph{Syntax:}
@@ -4472,7 +4475,7 @@
\subsection{HOLE}

\paragraph{Description:}
-With this command the server reports a identified problem of class
+With this command the server reports an identified problem of class
"security hole". The "general" version is applied if no port relates to the
hole.

@@ -4500,7 +4503,7 @@
\subsection{INFO}

\paragraph{Description:}
-With this command the server reports a identified problem of class "security
+With this command the server reports an identified problem of class "security
info". The "general" version is applied if no port relates to the info.
\paragraph{Syntax:}

@@ -4526,7 +4529,7 @@
\subsection{LOG}

\paragraph{Description:}
-With this command the server reports a identified problem of class "log". The
+With this command the server reports an identified problem of class "log". The
"general" version is applied if no port relates to the note.

\paragraph{Syntax:}
@@ -4574,7 +4577,7 @@
\subsection{NOTE}

\paragraph{Description:}
-With this command the server reports a identified problem of class "security
+With this command the server reports an identified problem of class "security
note". The "general" version is applied if no port relates to the note.

\paragraph{Syntax:}
@@ -4691,7 +4694,7 @@
The server will send \verb|PREFERENCES| and \verb|RULES| right after this
command.

-The client might request individual NVT information via \verb|PLUGIN_INFO|
+The client might request individual NVT information via the \verb|PLUGIN_INFO|
command.

\paragraph{Syntax:}
@@ -4724,7 +4727,7 @@

\paragraph{Description:}
With this command the values for the preferences are
-communicated. The server uses the commands to inform
+communicated. The server uses the command to inform
about defaults, the client uses the command to send
the user selections.

@@ -4878,7 +4881,7 @@
\subsection{SESSIONS\_LIST}

\paragraph{Description:}
-The CLIENT request with this command the list of sessions stored on the server
+The CLIENT requests with this command the list of sessions stored on the server
side for the logged in user.

The SERVER will answer with the same command and provide the list of sessions.