[Openvas-discuss] ID/OID scheme for OpenVAS NASL scripts?

Jan-Oliver Wagner jan-oliver.wagner at intevation.de
Thu Jan 24 15:40:00 CET 2008


On Montag, 7. Januar 2008, Lmwangi wrote:
> On Jan 3, 2008 11:47 PM, Bernhard Herzog <bh at intevation.de> wrote:
> > On Thursday 03 January 2008 12:00, Jan-Oliver Wagner wrote:
> > Sounds good in principle.  I wonder, though, whether there should be
> > additional intermediate levels of OIDs and a way to simply map the old
> > nessus
> > plugin ID to an OID during a transition phase:
> >
> > ...25623.1 = OpenVAS.NASL
> > ...25623.1.1 = OpenVAS.NASL.legacy
> > ...25623.1.1.123 = OpenVAS.NASL.legacy.123  (old nessus ID 123 as OID)
> > ...25623.1.2 = OpenVAS.NASL.libraries
> > ...25623.1.3 = OpenVAS.NASL.DSA
> > ...25623.2 = OpenVAS.SomeOtherPluginSpace
> > ...
> >
> > This would leave the OID space a little cleaner if we ever need OIDs for
> > other
> > purposes such as LDAP attributes.
> >
> > Maybe we should create the ID based on the OID in the suggested manner
> with a few enhancements..:)
>  Legacy :    ...25623.1.1.123 = OpenVAS.NASL.legacy.123  (old nessus ID 123
> as OID)
>  New IDs:   ...25623.1.2.123 = OpenVAS.OSVDB.123 (OSVDB vulnerability 123)
>                  ...25623.1.3.123 = OpenVAS.CVE.123 (CVE vulnerability 123)
> etc.

so far no use case comes to my mind where this would be needed,
but of course the good thing is we are open to add this whenever
required.

> And also reserve an OID branch to SNMP (Appliances use)

The good thing about the OIDs is that we do not need to 'reserve' :-)
We just add when needed.

The only things we have to take care of is to have sufficient depth.

Best

	Jan

-- 
Dr. Jan-Oliver Wagner                        Intevation GmbH, Osnabrück
Amtsgericht Osnabrück, HR B 18998             http://www.intevation.de/
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner



More information about the Openvas-discuss mailing list