[Openvas-commits] r3253 - trunk/openvas-compendium

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Wed May 6 12:29:41 CEST 2009


Author: geoff
Date: 2009-05-06 12:29:40 +0200 (Wed, 06 May 2009)
New Revision: 3253

Modified:
   trunk/openvas-compendium/ChangeLog
   trunk/openvas-compendium/openvas-compendium.tex
Log:
Made grammar changes and added stronger language cautioning the 
OpenVAS user/admin to get permission to scan public/external systems.



Modified: trunk/openvas-compendium/ChangeLog
===================================================================
--- trunk/openvas-compendium/ChangeLog	2009-05-06 09:53:04 UTC (rev 3252)
+++ trunk/openvas-compendium/ChangeLog	2009-05-06 10:29:40 UTC (rev 3253)
@@ -1,3 +1,10 @@
+2009-05-06 Geoff Galitz <geoff at galitz.org>
+
+	* openvas-compendium.tex: Edited "Choose Location of Scan-Server"
+	Grammar changes and also added stronger language cautioning the
+	use of OpenVAS against public servers under the assumption that 
+	ISPs and contracted organizations may perform such scans.
+
 2009-04-22 Geoff Galitz <geoff at galitz.org>
 
 	* openvas-compendium.tex:  Edited "Consider Coverage of Available

Modified: trunk/openvas-compendium/openvas-compendium.tex
===================================================================
--- trunk/openvas-compendium/openvas-compendium.tex	2009-05-06 09:53:04 UTC (rev 3252)
+++ trunk/openvas-compendium/openvas-compendium.tex	2009-05-06 10:29:40 UTC (rev 3253)
@@ -295,31 +295,38 @@
 \item Target is a public server:
 
       Several tests do follow the very same path
-      as various attacks do: from a remote network.
+      as various real attacks do: from a remote network.
       If you are only interested in these tests,
-      you may use a arbitrary location of your OpenVAS
+      you may use any arbitrary location of your OpenVAS
       server outside of the targeted network.
 
-      However, you are advised to contact the
-      administration of the target systems beforehand and inform them that you
+      However, you are strongly advised to contact the
+      owners of the target systems beforehand and inform them that you
       are planning on running OpenVAS against their machines.
       Because OpenVAS will actively look for vulnerabilities on the target
       system, a scan will under certain circumstances look like a real attack on
-      the target system and might be acted upon legally and/or technically by
-      the administration of the system in question.
+      the target system. This may trigger alarms and notifications for the IT 
+      staff.  You may be held responsible by the 
+      system owners.  In extreme situations the OpenVAS Server may be
+      blacklisted by the target network and/or legal action taken.
 
+      It is strongly recommended to get written permission to scan these 
+      systems to protect yourself from changes of policy or miscommunication
+      in the management of the target network.
+
+
 \item Targets are intranet desktops and servers:
 
       In this case you should directly coordinate with
-      your system administration.
+      your system administrators and management.
 
       Depending on the complexity of the intranet, you
       may need to find out how to reach specific subnets
-      from your OpenVAS Server installation. In some cases
-      it might be an option to install several OpenVAS Servers.
+      from your OpenVAS Server. In some cases
+      it might be an option or necessary to install several OpenVAS Servers.
 
       For local security checks you need to prepare the target systems
-      for remote access. For unixoid systems this is usually via ssh connections,
+      for remote access. For UNIX variants  this is usually via SSH connections,
       for Windows it is about SMB shares.
 \end{itemize}
 



More information about the Openvas-commits mailing list