[Openvas-devel] Idea: Detector for silent exit's

Chandrashekhar B bchandra at secpod.com
Wed Apr 15 07:58:46 CEST 2009


-----Original Message-----
From: openvas-devel-bounces at wald.intevation.org
[mailto:openvas-devel-bounces at wald.intevation.org] On Behalf Of Jan-Oliver
Wagner
Sent: Tuesday, April 14, 2009 3:58 AM
To: openvas-devel at wald.intevation.org
Subject: [Openvas-devel] Idea: Detector for silent exit's

> Hi,

> we have several scripts that do a silent exit() due to some reason.
> This makes user believe the NVT ran without identifying a vulnerability,
> though it simply ran across an internal problem and not even tried
> to identify anything.
> In such cases, at least a log_message() should be applied.

> However, wouldn't it make sense to extend the exit command
> with a check whether any report message has been created and
> issue a log_message() on its own in case the counter was 0?
> (The counter can be increased with any report message command).

Nice idea! We could do this or instead of a counter, we can extend exit() to
accept a optional log string and internally issue a log_message()?

Thanks,
Chandra. 



More information about the Openvas-devel mailing list