[Openvas-devel] Get rid of old services concept

Jan-Oliver Wagner Jan-Oliver.Wagner at greenbone.net
Sun Sep 6 11:06:18 CEST 2009


Hi,

I looked at the code/concept we inherited from Nessus
regarding services handling (modules openvas-libraries/misc/services*).

To me it looks like multiple broken concept.

What I understand so far is:

* /etc/services is used through the standard glibc API
* in openvas-server there is a  openvas-services file
   that may work as an alternative to the system wide
   file.
* nmap knows even more about services.

What's broken?
(I might be wrong here, so please comment, discuss)

* My guess is that the nessus authors believed
   the system wide file is not always enough up-to-date.
   With their own file they unlink dependency to OS version
   and introduce dependency link to Scanner version.
   This leads to the problem that in several cases, people
   may use even older services data because they use
   an old scanner on a new OS.
   They might also have had the intention to make
   the scanner run on Windows eventually.

* It is questionalbel whether it makes sense at all
   to maintain services database on out own at all.
   In case we would do it, the only sensible way
   is to distribute it over the feed so it is always
   uptodate.

* What we might really want is to share effords
   with the nmap people. Distributuing the newes
   data via the feed remains still an option here.

What to do?

IMHO, we should drop the whole services code
stuff and use the glibc API using a thin layer
that allows us to go for a nmap database
distributed via feed.

You opinions welcome!

Best

	Jan 

-- 
Dr. Jan-Oliver Wagner |  ++49-541-335084-0  |  http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück
AG Osnabrück, HR B 202460 | Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner


More information about the Openvas-devel mailing list