From jan-oliver.wagner at intevation.de Mon Feb 2 16:13:40 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Mon, 2 Feb 2009 16:13:40 +0100 Subject: [Openvas-discuss] Draft announcement for OpenVAS DevCon2 Message-ID: <200902021613.41895.jan-oliver.wagner@intevation.de> Hello, I'd like to announce the DevCon2 to the openvas-announce mailing list. Here is a draft, what do you think? Best Jan OpenVAS Developer Conference #2: July 9-12 2009 in Germany For the second time, the OpenVAS developers will meet in real life to exchange ideas and plans about future OpenVAS developments. While Developer Conference ("DevCon") #1 in 2006 brought the initial team together and lead to OpenVAS 2.0 and all of the project infrastructure, DevCon #2 faces the challenge to coordinate the numerous feature plans and other contributions brought in by the strongly growing user and developer community. We expect a final roadmap for OpenVAS 3.0 (to be released in late 2009), interesting exchange of ideas and concepts among professionals and newcomers and, last but not least, a lot of fun meeting team members from all over the globe. The planning coordination will be updated here: http://www.openvas.org/openvas-devcon2.html A User's Workshop is also planned one day prior to the conference (July 8th, 2009). OpenVAS users who are interested in a first-hand training should visit the DevCon#2 web page and express their interest early. DevCon#2 is kindly hosted by Intevation GmbH and will be held in their offices in Osnabr?ck, Germany. -- Dr. Jan-Oliver Wagner | ++49-541-335083-0 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From lists at securityspace.com Mon Feb 2 21:15:26 2009 From: lists at securityspace.com (Thomas Reinke) Date: Mon, 02 Feb 2009 15:15:26 -0500 Subject: [Openvas-discuss] Draft announcement for OpenVAS DevCon2 In-Reply-To: <200902021613.41895.jan-oliver.wagner@intevation.de> References: <200902021613.41895.jan-oliver.wagner@intevation.de> Message-ID: <4987545E.7090209@securityspace.com> Looks fine from here. Thomas Jan-Oliver Wagner wrote: > Hello, > > I'd like to announce the DevCon2 to the openvas-announce mailing list. > Here is a draft, what do you think? From bchandra at secpod.com Tue Feb 3 08:46:00 2009 From: bchandra at secpod.com (Chandrashekhar B) Date: Tue, 3 Feb 2009 13:16:00 +0530 Subject: [Openvas-discuss] Draft announcement for OpenVAS DevCon2 In-Reply-To: <200902021613.41895.jan-oliver.wagner@intevation.de> References: <200902021613.41895.jan-oliver.wagner@intevation.de> Message-ID: Looks good! Chandra. -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Jan-Oliver Wagner Sent: Monday, February 02, 2009 8:44 PM To: OpenVAS Discuss Subject: [Openvas-discuss] Draft announcement for OpenVAS DevCon2 Hello, I'd like to announce the DevCon2 to the openvas-announce mailing list. Here is a draft, what do you think? Best Jan OpenVAS Developer Conference #2: July 9-12 2009 in Germany For the second time, the OpenVAS developers will meet in real life to exchange ideas and plans about future OpenVAS developments. While Developer Conference ("DevCon") #1 in 2006 brought the initial team together and lead to OpenVAS 2.0 and all of the project infrastructure, DevCon #2 faces the challenge to coordinate the numerous feature plans and other contributions brought in by the strongly growing user and developer community. We expect a final roadmap for OpenVAS 3.0 (to be released in late 2009), interesting exchange of ideas and concepts among professionals and newcomers and, last but not least, a lot of fun meeting team members from all over the globe. The planning coordination will be updated here: http://www.openvas.org/openvas-devcon2.html A User's Workshop is also planned one day prior to the conference (July 8th, 2009). OpenVAS users who are interested in a first-hand training should visit the DevCon#2 web page and express their interest early. DevCon#2 is kindly hosted by Intevation GmbH and will be held in their offices in Osnabr?ck, Germany. -- Dr. Jan-Oliver Wagner | ++49-541-335083-0 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss From timb at nth-dimension.org.uk Tue Feb 3 11:43:28 2009 From: timb at nth-dimension.org.uk (Tim Brown) Date: Tue, 3 Feb 2009 10:43:28 +0000 Subject: [Openvas-discuss] Draft announcement for OpenVAS DevCon2 In-Reply-To: <200902021613.41895.jan-oliver.wagner@intevation.de> References: <200902021613.41895.jan-oliver.wagner@intevation.de> Message-ID: <200902031043.29767.timb@nth-dimension.org.uk> On Monday 02 February 2009 15:13:40 Jan-Oliver Wagner wrote: > Hello, > > I'd like to announce the DevCon2 to the openvas-announce mailing list. > Here is a draft, what do you think? > Fine to me, the dates are now definite? I shall start making travel plans. Tim -- Tim Brown From jan-oliver.wagner at intevation.de Tue Feb 3 14:41:38 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Tue, 3 Feb 2009 14:41:38 +0100 Subject: [Openvas-discuss] Draft announcement for OpenVAS DevCon2 In-Reply-To: <200902031043.29767.timb@nth-dimension.org.uk> References: <200902021613.41895.jan-oliver.wagner@intevation.de> <200902031043.29767.timb@nth-dimension.org.uk> Message-ID: <200902031441.40774.jan-oliver.wagner@intevation.de> On Dienstag, 3. Februar 2009, Tim Brown wrote: > On Monday 02 February 2009 15:13:40 Jan-Oliver Wagner wrote: > > Hello, > > > > I'd like to announce the DevCon2 to the openvas-announce mailing list. > > Here is a draft, what do you think? > > > > Fine to me, the dates are now definite? I shall start making travel plans. yes dates are fix now! Everyone should contact the given email address and arrange participation as soon as possible. Felix will take care of all over here in Osnabr?ck. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335083-0 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jcf at ubiqube.com Thu Feb 5 14:02:35 2009 From: jcf at ubiqube.com (Jean-Christophe FORTON) Date: Thu, 5 Feb 2009 14:02:35 +0100 Subject: [Openvas-discuss] OpenVAS XML reports Message-ID: <8D6BC20888573C4D8163394E3E149FD4892B11@TUVALU.ubiqube.com> Hello all, I'm back working on my vulnerability assessment project. Currently I'm generating xml reports and try to parse them with Xalan (JAVA API) but, unfortunately, the reports always contain the following line: My parser doesn't like the "<" ">" of and says my xml input is not valid xml. I'm using the following packages: # openvas-libraries : 1.0.1 # openvas-libnasl : 1.0.0 # openvas-server : 1.0.0 # openvas-plugins : 1.0.3 # openvas-client : 1.0.2 Any idea if this problem is fixed in version 2.0.0? Thanks, Jean-Christophe Forton UBIqube Solutions Smart Security Services 18-20 rue Henri Barbusse B.P.2501 38035 Grenoble, Cedex 2, France ph: +33 438498370 www.ubiqube.com From michael.wiegand at intevation.de Thu Feb 5 14:33:33 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Thu, 5 Feb 2009 14:33:33 +0100 Subject: [Openvas-discuss] OpenVAS XML reports In-Reply-To: <8D6BC20888573C4D8163394E3E149FD4892B11@TUVALU.ubiqube.com> References: <8D6BC20888573C4D8163394E3E149FD4892B11@TUVALU.ubiqube.com> Message-ID: <20090205133333.GA20289@intevation.de> * Jean-Christophe FORTON [ 5. Feb 2009]: > I'm back working on my vulnerability assessment project. Glad to hear. :) > Currently I'm generating xml reports and try to parse them with Xalan > (JAVA API) but, unfortunately, the reports always contain the following > line: > value="OpenVAS "/> > > My parser doesn't like the "<" ">" of and says > my xml input is not valid xml. I suppose your xml parser is right, "<" and ">" should be escaped in the attributes. Oddly enough, they should have been escaped during XML output. Looking at the code, I can't quite make out what went wrong there. I suppose you are not using the "XML (old style - deprecated)" option? Would you mind filing a bug report at http://bugs.openvas.org/ ? > Any idea if this problem is fixed in version 2.0.0? There were no changes in the relevant parts of the code between 1.0.2 and 2.0.0, so I think the problem may still be there, whatever it is. But I would appreciate it if you could test the issue with an up-to-date release of OpenVAS and let us know if the bug is still present for you. Regards, Michael -- Michael Wiegand | OpenPGP key: D7D049EC | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090205/56d4bbc7/attachment.pgp From felix.wolfsteller at intevation.de Fri Feb 6 09:04:43 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Fri, 6 Feb 2009 09:04:43 +0100 Subject: [Openvas-discuss] OpenVAS XML reports In-Reply-To: <8D6BC20888573C4D8163394E3E149FD4892B11@TUVALU.ubiqube.com> References: <8D6BC20888573C4D8163394E3E149FD4892B11@TUVALU.ubiqube.com> Message-ID: <200902060904.43830.felix.wolfsteller@intevation.de> On Thursday 05 February 2009 14:02:35 Jean-Christophe FORTON wrote: > I'm back working on my vulnerability assessment project. > Currently I'm generating xml reports and try to parse them with Xalan > (JAVA API) but, unfortunately, the reports always contain the following > line: > > value="OpenVAS "/> > > My parser doesn't like the "<" ">" of and says > my xml input is not valid xml. > > Any idea if this problem is fixed in version 2.0.0? Does xalan tell you that your report.xml contains this line or does the text editor of your choice does so? At least in the 2.0 series characters like ",<,' etc should be properly 'escaped' ( openvas-client/nessus/xml_output.c: escape_string). Actually they are not escaped but replaced by the corresponding html/xml entities (like '"'), so its important that you use a tool that does not interprete the file too much. hope its gone in 2.x felix -- Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From amrossi at linux.it Fri Feb 6 10:15:07 2009 From: amrossi at linux.it (Andrea Modesto Rossi) Date: Fri, 6 Feb 2009 10:15:07 +0100 (CET) Subject: [Openvas-discuss] Strange Error with OpenVas and Nikto Message-ID: <32492.91.193.45.7.1233911707.squirrel@picard.linux.it> Hi all, i use OpenVas on my Fedora10. During a scan i've got this error: Reported by NVT "Nikto (NASL wrapper)" (1.3.6.1.4.1.25623.1.0.14260): Nikto could not be found in your system path. OpenVAS was unable to execute Nikto and to perform the scan you requested. Please make sure that Nikto is installed and that nikto.pl is available in the PATH variable defined for your environment. but i've installed NIKTO. What does this error mean? Can you help me to unterstand it? Have a nice day. -- Andrea Modesto Rossi Fedora Ambassador +---------------------------------------------------------------------+ | Bello. Che gli diciamo? Che sono tutti stronzi monopolisti di merda,| | con i loro protocolli brevettati e i loro driver finestrosi? | | Ci sono! | | Alessandro Rubini | +---------------------------------------------------------------------+ From bchandra at secpod.com Fri Feb 6 10:23:23 2009 From: bchandra at secpod.com (Chandrashekhar B) Date: Fri, 6 Feb 2009 14:53:23 +0530 Subject: [Openvas-discuss] Strange Error with OpenVas and Nikto In-Reply-To: <32492.91.193.45.7.1233911707.squirrel@picard.linux.it> References: <32492.91.193.45.7.1233911707.squirrel@picard.linux.it> Message-ID: <598724BD7E84470C9B8CD284094A760F@bchandra> Hello Andrea, There's a find_in_path() function in nikto.nasl which tries to find nikto.pl in $PATH. Please make sure that it is added to path. Thanks, Chandra. -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Andrea Modesto Rossi Sent: Friday, February 06, 2009 2:45 PM To: openvas-discuss at wald.intevation.org Subject: [Openvas-discuss] Strange Error with OpenVas and Nikto Hi all, i use OpenVas on my Fedora10. During a scan i've got this error: Reported by NVT "Nikto (NASL wrapper)" (1.3.6.1.4.1.25623.1.0.14260): Nikto could not be found in your system path. OpenVAS was unable to execute Nikto and to perform the scan you requested. Please make sure that Nikto is installed and that nikto.pl is available in the PATH variable defined for your environment. but i've installed NIKTO. What does this error mean? Can you help me to unterstand it? Have a nice day. -- Andrea Modesto Rossi Fedora Ambassador +---------------------------------------------------------------------+ | Bello. Che gli diciamo? Che sono tutti stronzi monopolisti di merda,| | con i loro protocolli brevettati e i loro driver finestrosi? | | Ci sono! | | Alessandro Rubini | +---------------------------------------------------------------------+ _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss From michael.wiegand at intevation.de Fri Feb 6 10:24:09 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Fri, 6 Feb 2009 10:24:09 +0100 Subject: [Openvas-discuss] Strange Error with OpenVas and Nikto In-Reply-To: <32492.91.193.45.7.1233911707.squirrel@picard.linux.it> References: <32492.91.193.45.7.1233911707.squirrel@picard.linux.it> Message-ID: <20090206092409.GB23393@intevation.de> * Andrea Modesto Rossi [ 6. Feb 2009]: > Hi all, > > i use OpenVas on my Fedora10. During a scan i've got this error: > > Reported by NVT "Nikto (NASL wrapper)" (1.3.6.1.4.1.25623.1.0.14260): > > Nikto could not be found in your system path. > OpenVAS was unable to execute Nikto and to perform the scan you > requested. > Please make sure that Nikto is installed and that nikto.pl is > available in the PATH variable defined for your environment. > > but i've installed NIKTO. What does this error mean? My first guess would be that the Nikto executable on your system is not called nikto.pl, but nikto or something like this. The current Nikto Wrapper does not take this into consideration yet. As a workaround I would suggest either changing the command name in nikto.nasl or adding a symlink to your nikto executable called nikto.pl. Does this solve your issue? Regards, Michael -- Michael Wiegand | OpenPGP key: D7D049EC | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090206/21788ada/attachment.pgp From jan-oliver.wagner at intevation.de Fri Feb 6 10:56:10 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 6 Feb 2009 10:56:10 +0100 Subject: [Openvas-discuss] Draft announcement for OpenVAS DevCon2 In-Reply-To: <200902021613.41895.jan-oliver.wagner@intevation.de> References: <200902021613.41895.jan-oliver.wagner@intevation.de> Message-ID: <200902061056.13994.jan-oliver.wagner@intevation.de> On Montag, 2. Februar 2009, Jan-Oliver Wagner wrote: > I'd like to announce the DevCon2 to the openvas-announce mailing list. sorry, of course I meant to a broader public. There already was an announcemnt on our own list. > Here is a draft, what do you think? Thanks for the confirming feedback. We'll start to push the news to the usual channels starting next week. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335083-0 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From amrossi at linux.it Fri Feb 6 11:17:48 2009 From: amrossi at linux.it (Andrea Modesto Rossi) Date: Fri, 6 Feb 2009 11:17:48 +0100 (CET) Subject: [Openvas-discuss] Strange Error with OpenVas and Nikto In-Reply-To: <20090206092409.GB23393@intevation.de> References: <32492.91.193.45.7.1233911707.squirrel@picard.linux.it> <20090206092409.GB23393@intevation.de> Message-ID: <65283.91.193.45.7.1233915468.squirrel@picard.linux.it> On Ven, 6 Febbraio 2009 10:24 am, Michael Wiegand wrote: > * Andrea Modesto Rossi [ 6. Feb 2009]: >> Hi all, >> >> i use OpenVas on my Fedora10. During a scan i've got this error: >> >> Reported by NVT "Nikto (NASL wrapper)" (1.3.6.1.4.1.25623.1.0.14260): >> >> Nikto could not be found in your system path. >> OpenVAS was unable to execute Nikto and to perform the scan you >> requested. >> Please make sure that Nikto is installed and that nikto.pl is >> available in the PATH variable defined for your environment. >> ln -s /usr/bin/nikto /usr/bin/nikto.pl now he works fine. Thank you very much for your effort. Have a nice weekend. -- Andrea Modesto Rossi Fedora Ambassador +---------------------------------------------------------------------+ | Bello. Che gli diciamo? Che sono tutti stronzi monopolisti di merda,| | con i loro protocolli brevettati e i loro driver finestrosi? | | Ci sono! | | Alessandro Rubini | +---------------------------------------------------------------------+ From bh at intevation.de Fri Feb 6 12:22:23 2009 From: bh at intevation.de (Bernhard Herzog) Date: Fri, 6 Feb 2009 12:22:23 +0100 Subject: [Openvas-discuss] OpenVAS XML reports In-Reply-To: <200902060904.43830.felix.wolfsteller@intevation.de> References: <8D6BC20888573C4D8163394E3E149FD4892B11@TUVALU.ubiqube.com> <200902060904.43830.felix.wolfsteller@intevation.de> Message-ID: <200902061222.26786.bh@intevation.de> On 06.02.2009, Felix Wolfsteller wrote: > At least in the 2.0 series characters like ",<,' etc should be > properly 'escaped' ( openvas-client/nessus/xml_output.c: escape_string). AFAICT that function underestimates the worst case scenario when allocating the result string: ret = emalloc (5*strlen(temp)+1); It should multiply by 6 since " and ' are both converted to 6-character sequences (""" resp. "'"). Bernhard -- Bernhard Herzog | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090206/3df43a3c/attachment.pgp From felix.wolfsteller at intevation.de Fri Feb 6 12:44:13 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Fri, 6 Feb 2009 12:44:13 +0100 Subject: [Openvas-discuss] OpenVAS XML reports In-Reply-To: <200902061222.26786.bh@intevation.de> References: <8D6BC20888573C4D8163394E3E149FD4892B11@TUVALU.ubiqube.com> <200902060904.43830.felix.wolfsteller@intevation.de> <200902061222.26786.bh@intevation.de> Message-ID: <200902061244.13647.felix.wolfsteller@intevation.de> Thanks for spotting that, I commited your patch in Rev 2418. But imho this function should be replaced, anyway. Don't know _how many_ crazy escaping function OpenVAS Client defines ... :) On Friday 06 February 2009 12:22:23 Bernhard Herzog wrote: > On 06.02.2009, Felix Wolfsteller wrote: > > At least in the 2.0 series characters like ",<,' etc should be > > properly 'escaped' ( openvas-client/nessus/xml_output.c: escape_string). > > AFAICT that function underestimates the worst case scenario when allocating > the result string: > > ret = emalloc (5*strlen(temp)+1); > > It should multiply by 6 since " and ' are both converted to 6-character > sequences (""" resp. "'"). > > Bernhard -- Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From thierry.thelliez.tech at gmail.com Wed Feb 11 20:53:43 2009 From: thierry.thelliez.tech at gmail.com (Thierry Thelliez) Date: Wed, 11 Feb 2009 12:53:43 -0700 Subject: [Openvas-discuss] NVT Rsync and firewall issues Message-ID: <42f5c4430902111153i6a1b6203x89b8324ccddd6a87@mail.gmail.com> Is there another way than rsync for accessing NVT feeds? I am behind a strict firewall. The only things I can do is http, https and ssh. Alternatively, could I download the feed content on a different system, outside that firewall. And then copy/push the files (scp) to my openVas installation? Thanks, Thierry From Mike.A.Disley at tpsgc-pwgsc.gc.ca Wed Feb 11 18:58:00 2009 From: Mike.A.Disley at tpsgc-pwgsc.gc.ca (Mike Disley) Date: Wed, 11 Feb 2009 12:58:00 -0500 Subject: [Openvas-discuss] openvas.rc question Message-ID: <299968468976AC41B1E214914F035D66059A0624@mb-ncr-024.ad.pwgsc-tpsgc.gc.ca> Greetings, I am attempting a batch scan using the following CLI arguments; /opt/openvas-client-1.0.5/bin/OpenVAS-Client -c /home/test/openvas.rc.custom -T html -qx localhost 1241 openvas1 scanme /home/target_list /home/scanreport.html This works however my problem is that openvas overwrites/creates the "openvas.rc.custom" file each time it runs. Is there a way to prevent this? My ultimate goal is to limit/restrict which plugins are called on startup. I.E. I don't want to run Windows plugins against a .NIX server. I can't seem to locate any documentation that would allow for this. Please and Thanks, Mike -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090211/3c78c8fb/attachment.html From bchandra at secpod.com Thu Feb 12 10:17:47 2009 From: bchandra at secpod.com (Chandrashekhar B) Date: Thu, 12 Feb 2009 14:47:47 +0530 Subject: [Openvas-discuss] openvas.rc question In-Reply-To: <299968468976AC41B1E214914F035D66059A0624@mb-ncr-024.ad.pwgsc-tpsgc.gc.ca> References: <299968468976AC41B1E214914F035D66059A0624@mb-ncr-024.ad.pwgsc-tpsgc.gc.ca> Message-ID: <9F212688899B42529F43E9AE960A403C@bchandra> Hello Mike, I think you need to set "auto_enable_new_plugins = no" in openvas.rc.custom. Thanks, Chandra. ________________________________________ From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Mike Disley Sent: Wednesday, February 11, 2009 11:28 PM To: openvas-discuss at wald.intevation.org Subject: [Openvas-discuss] openvas.rc question Greetings, I am attempting a batch scan using the following CLI arguments; ?/opt/openvas-client-1.0.5/bin/OpenVAS-Client -c? /home/test/openvas.rc.custom? -T? html? -qx localhost 1241 openvas1 scanme? /home/target_list /home/scanreport.html This works however my problem is that openvas overwrites/creates the "openvas.rc.custom" file each time it runs.? Is there a way to prevent this?? My ultimate goal is to limit/restrict which plugins are called on startup.? I.E. I don't want to run Windows plugins against a .NIX server.?? I can't seem to locate any documentation that would allow for this. Please and Thanks, Mike From meyer at strato-rz.de Thu Feb 12 12:25:25 2009 From: meyer at strato-rz.de (Michael Meyer) Date: Thu, 12 Feb 2009 12:25:25 +0100 Subject: [Openvas-discuss] NVT Rsync and firewall issues In-Reply-To: <42f5c4430902111153i6a1b6203x89b8324ccddd6a87@mail.gmail.com> References: <42f5c4430902111153i6a1b6203x89b8324ccddd6a87@mail.gmail.com> Message-ID: <20090212112525.GA8153@strato-rz.de> *** Thierry Thelliez wrote: > Is there another way than rsync for accessing NVT feeds? > > I am behind a strict firewall. The only things I can do is http, https and ssh. You could use a tunnel... ssh -L 1234:rsync.openvas.org:873 user at host_behind_firewall rsync --port 1234 -ltvrP rsync://rsync.openvas.org:/nvt-feed /path/to/plugins > Alternatively, could I download the feed content on a different > system, outside that firewall. And then copy/push the files (scp) to > my openVas installation? Sure... HTH Micha From thierry.thelliez.tech at gmail.com Thu Feb 12 19:31:52 2009 From: thierry.thelliez.tech at gmail.com (Thierry Thelliez) Date: Thu, 12 Feb 2009 11:31:52 -0700 Subject: [Openvas-discuss] NVT Rsync and firewall issues In-Reply-To: <20090212112525.GA8153@strato-rz.de> References: <42f5c4430902111153i6a1b6203x89b8324ccddd6a87@mail.gmail.com> <20090212112525.GA8153@strato-rz.de> Message-ID: <42f5c4430902121031g5edd2bf1qc6d704e94fb46b78@mail.gmail.com> Thanks. The tunnel did not work, not sure why. I use tunnels for other services without a problem. I will try to dig into my different firewalls later. In the meantime, I did a local rsync (outside the main firewall) and scp-ed the files. That work. But I have a question: Should I empty my plugins directory first? Or does that matter? The rsync command retrieved 13314 files. On the server I now have 13324 files. Are the 10 extra files older definitions that should be removed? One last question, is there other feeds I should consider? Thanks, Thierry From d.jagdmann at dn-systems.de Thu Feb 12 22:06:50 2009 From: d.jagdmann at dn-systems.de (Dirk Jagdmann) Date: Thu, 12 Feb 2009 13:06:50 -0800 Subject: [Openvas-discuss] NVT Rsync and firewall issues In-Reply-To: <42f5c4430902121031g5edd2bf1qc6d704e94fb46b78@mail.gmail.com> References: <42f5c4430902111153i6a1b6203x89b8324ccddd6a87@mail.gmail.com> <20090212112525.GA8153@strato-rz.de> <42f5c4430902121031g5edd2bf1qc6d704e94fb46b78@mail.gmail.com> Message-ID: <49948F6A.6050308@dn-systems.de> > But I have a question: Should I empty my plugins directory first? Or > does that matter? The rsync command retrieved 13314 files. On the > server I now have 13324 files. Are the 10 extra files older > definitions that should be removed? without "--delete" rsync will never delete files when syncing. So they must be old files. You should not delete your local directory, otherwise you won't get any speedup from rsync. -- Dirk Jagdmann : Coder Tel. +49-5121-28989-15 -- DN-Systems Enterprise Internet Solutions GmbH Hornemannstr. 11 31137 Hildesheim, Germany Tel. +49-5121-28989-0 Fax. +49-5121-28989-11 Handelsregister HRB-3213 Amtsgericht Hildesheim Gesch?ftsf?hrer: Lukas Grunwald From jan-oliver.wagner at intevation.de Fri Feb 13 01:58:24 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 13 Feb 2009 01:58:24 +0100 Subject: [Openvas-discuss] NVT Rsync and firewall issues In-Reply-To: <42f5c4430902121031g5edd2bf1qc6d704e94fb46b78@mail.gmail.com> References: <42f5c4430902111153i6a1b6203x89b8324ccddd6a87@mail.gmail.com> <20090212112525.GA8153@strato-rz.de> <42f5c4430902121031g5edd2bf1qc6d704e94fb46b78@mail.gmail.com> Message-ID: <200902130158.24837.jan-oliver.wagner@intevation.de> On Thursday 12 February 2009 19:31:52 Thierry Thelliez wrote: > But I have a question: Should I empty my plugins directory first? Or > does that matter? The rsync command retrieved 13314 files. On the > server I now have 13324 files. Are the 10 extra files older > definitions that should be removed? it is the *.nes files. Since they are platform-dependent they can not distributed over the feed. They are installed with the openvas-plugins module. > One last question, is there other feeds I should consider? http://www.greenbone.net/solutions/gbn_feed.html ;-) But this is basically a supported version of the OpenVAS feed, not something complementary/addon. There is a feed with OSSIM, but I have no idea how much additional content is provided. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From meyer at strato-rz.de Fri Feb 13 10:47:40 2009 From: meyer at strato-rz.de (Michael Meyer) Date: Fri, 13 Feb 2009 10:47:40 +0100 Subject: [Openvas-discuss] NVT Rsync and firewall issues In-Reply-To: <42f5c4430902121031g5edd2bf1qc6d704e94fb46b78@mail.gmail.com> References: <42f5c4430902111153i6a1b6203x89b8324ccddd6a87@mail.gmail.com> <20090212112525.GA8153@strato-rz.de> <42f5c4430902121031g5edd2bf1qc6d704e94fb46b78@mail.gmail.com> Message-ID: <20090213094740.GA15080@strato-rz.de> *** Thierry Thelliez wrote: > The tunnel did not work, not sure why. Sorry, my fault. Once again... ssh -L 1234:rsync.openvas.org:873 user at host_behind_firewall rsync --port 1234 -ltvrP rsync://localhost/nvt-feed /path/to/plugins ^^^^^^^^^ Micha From scannersecurity at live.com Mon Feb 16 17:19:41 2009 From: scannersecurity at live.com (s a) Date: Mon, 16 Feb 2009 10:19:41 -0600 Subject: [Openvas-discuss] port scan only Message-ID: How can I configure openvas to perform a port scan only? Is it better to use nmap.nasl,nmap_wrapper.nes or openvas_tcp_scanner to perform the port scan? _________________________________________________________________ Windows Live?: E-mail. Chat. Share. Get more ways to connect. http://windowslive.com/online/hotmail?ocid=TXT_TAGLM_WL_HM_AE_Faster_022009 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090216/227ca50b/attachment.html From kost at linux.hr Tue Feb 17 12:02:15 2009 From: kost at linux.hr (Vlatko Kosturjak) Date: Tue, 17 Feb 2009 12:02:15 +0100 Subject: [Openvas-discuss] [Fwd: AutoNessus and OpenVAS compatibility] Message-ID: <499A9937.3050402@linux.hr> fyi -------- Original Message -------- Subject: AutoNessus and OpenVAS compatibility Date: Tue, 17 Feb 2009 09:41:17 +0100 From: Frank Breedijk To: 'Vlatko Kosturjak' Hi, I am mailing you because you have all asked for OpenVAS compatibility for AutoNessus. I just finally got the time to put some effort in this and managed to get basic OpenVAS compatility going. The version currently in CVS (1.3.0_beta) can work together with OpenVAS. It appears that there are minimal differences between AutoNessus and OpenVAS which I had not accounted for. One thing is left on the agenda, and that is to check if the update-rcs script will also work together with OpenVAS. OpenVAS compatility will be the last real enhancement to AutoNessus v1 as I have come to new insights which force me to almost fully rewrite it. One of the goals of the rewrite will be to support multiple scanners simultaneously. As soon as I have check the update-rcs script and got it working I will make the binary available for general download as a relase. In the mean time you are free to try out the version in CVS. If you have trouble getting the version from the CVS repository I willb e happy to sent you the tarball. Frank Breedijk From jan-oliver.wagner at intevation.de Tue Feb 17 18:55:41 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Tue, 17 Feb 2009 18:55:41 +0100 Subject: [Openvas-discuss] port scan only In-Reply-To: References: Message-ID: <200902171855.42110.jan-oliver.wagner@intevation.de> On Monday 16 February 2009 17:19:41 s a wrote: > How can I configure openvas to perform a port scan only? Is it better to > use nmap.nasl,nmap_wrapper.nes or openvas_tcp_scanner to perform the port > scan? nmap.nasl superceeds the .nes version. There are some thoughts about improving the nmap integration in order to allow network wide scans rather than per-host basis. the openvas scanner is a independent implementation. I think Kost did a comparison study of various scanners. Don't find it right now ... Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner