From jfs at computer.org Fri Jan 2 02:37:35 2009 From: jfs at computer.org (Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?=) Date: Fri, 2 Jan 2009 02:37:35 +0100 Subject: [Openvas-discuss] openvas-adduser In-Reply-To: <000801c96b6c$ae5229b0$0af67d10$@net> References: <000801c96b6c$ae5229b0$0af67d10$@net> Message-ID: <20090102013735.GA11613@javifsp.no-ip.org> On Wed, Dec 31, 2008 at 12:24:45PM -0500, Man-E-Faces wrote: > > I installed OpenVas via the Debian package manager (aptitude) and all seemed > to work well except for the fact that I'm missing the openvas-adduser file. > This relates to the OpenVas server obviously. I also installed the client > and it works fine (w/o really using it since I don't have a user yet). > Anyone run into the same issue? Openvas-adduser is in /usr/sbin. You probably don't have /usr/sbin in your path and that's why you don't find it. Tip: You could have found this easily either by running 'dpkg -L openvas-server', by running 'dpkg -S openvas-adduser' or (if you didn't have the packages installed) by intalling 'apt-file' and running 'apt-file search openvas-adduser' Regards Javier -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090102/17fab67c/attachment.pgp From man-e-faces at versprite.net Fri Jan 2 07:03:52 2009 From: man-e-faces at versprite.net (Man-E-Faces) Date: Fri, 2 Jan 2009 01:03:52 -0500 Subject: [Openvas-discuss] openvas-adduser In-Reply-To: <20090102013735.GA11613@javifsp.no-ip.org> References: <000801c96b6c$ae5229b0$0af67d10$@net> <20090102013735.GA11613@javifsp.no-ip.org> Message-ID: <002601c96c9f$e41a79b0$ac4f6d10$@net> Thanks Javier. Apparently I installed the open-vas modules for Lenny (Debian) and not the open-vas package. Has this package (open-vas) been added to the Debian-Lenny distro source list somewhere for Lenny or are others simply manually downloading and installing the binary package from the OpenVas site? man-e-faces -----Original Message----- From: Javier Fernandez-Sanguino [mailto:javifs at gmail.com] On Behalf Of Javier Fern?ndez-Sanguino Pe?a Sent: Thursday, January 01, 2009 8:38 PM To: Man-E-Faces Cc: openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] openvas-adduser On Wed, Dec 31, 2008 at 12:24:45PM -0500, Man-E-Faces wrote: > > I installed OpenVas via the Debian package manager (aptitude) and all > seemed to work well except for the fact that I'm missing the openvas-adduser file. > This relates to the OpenVas server obviously. I also installed the > client and it works fine (w/o really using it since I don't have a user yet). > Anyone run into the same issue? Openvas-adduser is in /usr/sbin. You probably don't have /usr/sbin in your path and that's why you don't find it. Tip: You could have found this easily either by running 'dpkg -L openvas-server', by running 'dpkg -S openvas-adduser' or (if you didn't have the packages installed) by intalling 'apt-file' and running 'apt-file search openvas-adduser' Regards Javier From man-e-faces at versprite.net Fri Jan 2 21:03:24 2009 From: man-e-faces at versprite.net (Man-E-Faces) Date: Fri, 2 Jan 2009 15:03:24 -0500 Subject: [Openvas-discuss] (Debian - Lenny) glibc error when configuring openvas libraries Message-ID: <003601c96d15$2c494570$84dbd050$@net> Greetings, I downloaded all of the tarballs associated with OpenVas and began with the libraries (per the instructions on the installing/ config page). Upon running ./config for the openvas libraries, I get the following error: checking for GLIB... no configure: error: "glib >= 2.6.0 not found" As you can see from the output below, I have a virtual package installed for 2.7.1 for glibc. v glibc-2.7-1 - i glibc-doc - GNU C Library: Documentation v glibc-pic - i glibc-source - GNU C Library: sources i libstdc++2.10-glibc2.2 - The GNU stdc++ library I don't know if the fact that 2.7.1 is a 'virtual' package or not would be a factor for the error above, but if anyone has run into this, please let me know. Thanks in advance. M.E.F -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090102/e2a48da5/attachment.html From jan-oliver.wagner at intevation.de Sat Jan 3 11:45:31 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Sat, 3 Jan 2009 11:45:31 +0100 Subject: [Openvas-discuss] (Debian - Lenny) glibc error when configuring openvas libraries In-Reply-To: <003601c96d15$2c494570$84dbd050$@net> References: <003601c96d15$2c494570$84dbd050$@net> Message-ID: <200901031145.32139.jan-oliver.wagner@intevation.de> Hello, On Friday 02 January 2009 21:03:24 Man-E-Faces wrote: > I downloaded all of the tarballs associated with OpenVas and began with the > libraries (per the instructions on the installing/ config page). Upon > running ./config for the openvas libraries, I get the following error: > > checking for GLIB... no > configure: error: "glib >= 2.6.0 not found" > > As you can see from the output below, I have a virtual package installed > for 2.7.1 for glibc. configure requests glib, not glibc. glib is part of the GTK+ project, see www.gtk.org for more. Try something like # apt-get install libglib2.0-dev to install the development files. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jfs at computer.org Sun Jan 4 01:33:59 2009 From: jfs at computer.org (Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?=) Date: Sun, 4 Jan 2009 01:33:59 +0100 Subject: [Openvas-discuss] openvas-adduser In-Reply-To: <002601c96c9f$e41a79b0$ac4f6d10$@net> References: <000801c96b6c$ae5229b0$0af67d10$@net> <20090102013735.GA11613@javifsp.no-ip.org> <002601c96c9f$e41a79b0$ac4f6d10$@net> Message-ID: <20090104003359.GB18112@javifsp.no-ip.org> On Fri, Jan 02, 2009 at 01:03:52AM -0500, Man-E-Faces wrote: > Thanks Javier. > > Apparently I installed the open-vas modules for Lenny (Debian) and not the > open-vas package. Has this package (open-vas) been added to the Debian-Lenny > distro source list somewhere for Lenny or are others simply manually > downloading and installing the binary package from the OpenVas site? The packages are available for Lenny and work as expected. I don't know about the OpenVAS packages at openvas.org. Regards Javier -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090104/9860e1c7/attachment.pgp From gautam.chekuri at gmail.com Wed Jan 7 05:26:55 2009 From: gautam.chekuri at gmail.com (gautam chekuri) Date: Wed, 7 Jan 2009 09:56:55 +0530 Subject: [Openvas-discuss] OTP 1.0 client in ruby Message-ID: <44265ba90901062026y42f5064fnbb1a0b208e1a2e00@mail.gmail.com> Hi all, 1. I use OpenVAS on my debian laptops to identify any potential unpatched programs. I find it especially useful because it warns about potential security holes in Firefox and thunderbird. Sometimes, I also use it to scan the machines of my friends. 2. The OpenVAS client written in C is great, but I would love to have scriptable client(preferably a library in a scripting language) :-p 3. Hence, I trying to write a OpenVAS client in ruby. My immediate goal is to be able to ask the server to launch attacks from a ruby script and receive the results from the server. 4. To implement this I choose ruby (becuase that's the language I've been working on nowadays). I am refering to the compendium and the code in openvas-client-2.0.1/nessus/*.c. For example to understand how to tell the server to start and attack I referred to attack_host() in attack.c 5. I just wanted to ask if there is anything else that I might want to refer to. 6. I am hosting the code on github : http://github.com/gautamc/ovasotp-ruby/tree/master (its pretty dumb right now, but I will be improving on it .. :) ) Thanks, Gautam Chekuri Programmer - Azri Solutions Pvt Ltd. "May the source be with GNU" From jan-oliver.wagner at intevation.de Wed Jan 7 23:21:47 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Wed, 7 Jan 2009 23:21:47 +0100 Subject: [Openvas-discuss] Start of planning OpenVAS DevCon 2 Message-ID: <200901072321.47523.jan-oliver.wagner@intevation.de> Hi, I just put a draft page on the OpenVAS DevCon#2 online: http://www.openvas.org/openvas-devcon2.html I guess it might make sense to introduce a special email address such as devcon2 att openvas.org to not require to send reservation whiches, arrival times etc. to the public mailing list. Also it would be great if a team of 2 or 3 people would volunteer to do some organizational work such as maintaining the above web page (also make it nicer than it is currently ;-), maintain the list of participants and coordinating the working out of the agenda. Over here at Intevation we will take care of hotel reservations, evening events and all the stuff where you need to be onsite. All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From michael.wiegand at intevation.de Thu Jan 8 11:41:59 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Thu, 8 Jan 2009 11:41:59 +0100 Subject: [Openvas-discuss] Planning openvas-compendium 1.0.1 Message-ID: <20090108104159.GA2586@intevation.de> Hello, since the 1.0.0 version of the OpenVAS compendium does not yet reflect the release of OpenVAS 2.0.0 and a few other changes, I would like to release an update version of the compendium. I would like to do the 1.0.1 release on Wednesday, Jan 14. If there is anything you would like to add or update, please do so until Tuesday. Please let me know if you need help incorporating your changes or have any other questions. Regards, Michael -- Michael Wiegand | OpenPGP key: D7D049EC | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From eric at nixwizard.net Thu Jan 8 16:55:55 2009 From: eric at nixwizard.net (Eric Gearhart) Date: Thu, 8 Jan 2009 08:55:55 -0700 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault Message-ID: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> Sorry to bring up an old thread, but I was just looking at open source SIM projects and I noticed OSSIM uses Nessus. Naturally the first thing that popped into my head was that they ought to move to OpenVAS Anyone know if the endeavor to help get OSSIM running OpenVAS in lieu of Nessus went anywhere? -- Eric http://nixwizard.net From timb at nth-dimension.org.uk Thu Jan 8 18:01:01 2009 From: timb at nth-dimension.org.uk (Tim Brown) Date: Thu, 8 Jan 2009 17:01:01 +0000 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault In-Reply-To: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> References: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> Message-ID: <200901081701.01457.timb@nth-dimension.org.uk> On Thursday 08 January 2009 15:55:55 Eric Gearhart wrote: > Sorry to bring up an old thread, but I was just looking at open source > SIM projects and I noticed OSSIM uses Nessus. Naturally the first > thing that popped into my head was that they ought to move to OpenVAS > > Anyone know if the endeavor to help get OSSIM running OpenVAS in lieu > of Nessus went anywhere? We've had some discussions with the OSSIM folk. In fact, their feed is OpenVAS compatible but no we've not merged the feeds (yet?) although there is some overlap in the offerings. It's on my big list of things I want to get done ;). Maybe we should invite Dominic to the next DevCon? Tim -- Tim Brown From jonas at andradas.es Fri Jan 9 01:32:10 2009 From: jonas at andradas.es (Jonas Andradas) Date: Fri, 9 Jan 2009 01:32:10 +0100 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault In-Reply-To: <200901081701.01457.timb@nth-dimension.org.uk> References: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> <200901081701.01457.timb@nth-dimension.org.uk> Message-ID: Hello, On Thu, Jan 8, 2009 at 6:01 PM, Tim Brown wrote: > On Thursday 08 January 2009 15:55:55 Eric Gearhart wrote: > > Sorry to bring up an old thread, but I was just looking at open source > > SIM projects and I noticed OSSIM uses Nessus. Naturally the first > > thing that popped into my head was that they ought to move to OpenVAS > > > > Anyone know if the endeavor to help get OSSIM running OpenVAS in lieu > > of Nessus went anywhere? > > We've had some discussions with the OSSIM folk. In fact, their feed is > OpenVAS compatible but no we've not merged the feeds (yet?) although there > is > some overlap in the offerings. It's on my big list of things I want to get > done ;). Maybe we should invite Dominic to the next DevCon? > > Tim > -- > Tim Brown > > > _______________________________________________ > I think it would definitively be a good idea. If not only the feed is merged, but also OpenVAS starts to be used in OSSIM, instead of Nessus, all new OSSIM installations and current OSSIM installations, upon upgrading to newer versions, would ship OpenVAS. That would make the project more known to the people, and would bring a whole lot of users that can speed up development and/or bug discovery and reports. Best Regards, Jon?s Andradas. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090109/d2d9c194/attachment.htm From jan-oliver.wagner at intevation.de Fri Jan 9 10:07:59 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Fri, 9 Jan 2009 10:07:59 +0100 Subject: [Openvas-discuss] Greenbone Website now online Message-ID: <200901091008.01795.jan-oliver.wagner@intevation.de> Hello, last October I announced the launch of Greenbone Networks dedicated to OpenVAS enterprise services: http://lists.wald.intevation.org/pipermail/openvas-announce/2008-October/000049.html Now, we have our website online: http://greenbone.net/ We are still busy on improving the website and finalizing our core product, the Greenbone Security Feed. If you have direct comments or questions, you can reach us via: info at greenbone.net All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From eric at nixwizard.net Fri Jan 9 20:34:09 2009 From: eric at nixwizard.net (Eric Gearhart) Date: Fri, 9 Jan 2009 12:34:09 -0700 Subject: [Openvas-discuss] OpenVAS wiki? In-Reply-To: References: Message-ID: <5792267e0901091134n6f0c1e80l8b353600feef7424@mail.gmail.com> On Fri, Jan 9, 2009 at 10:46 AM, wrote: > > Eric, > > I was just poking around the OpenVas mailing list to see if anybody had > managed to get it running on Debian etch and it looks like you've tackled > this. I also had the same thought of running it in a VMWare session as > well. > > I glanced at the previous version, downloaded the source, and then saw it > complaining about all the packages and I decided I didn't have enough time > to battle it at that point. > > Do you already have a vmware image going? Do you still have your notes on > getting it running on etch? Any tips would be greatly appreciated. > > Chris Chris, I don't have the VMware image, but I can get an OpenVAS image going in my spare time at work today. I have a server you can download the image from as well, worst case. -- Eric http://nixwizard.net From jsullivan at opensourcedevel.com Sun Jan 11 04:53:52 2009 From: jsullivan at opensourcedevel.com (John A. Sullivan III) Date: Sat, 10 Jan 2009 22:53:52 -0500 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault In-Reply-To: <200901081701.01457.timb@nth-dimension.org.uk> References: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> <200901081701.01457.timb@nth-dimension.org.uk> Message-ID: <1231646032.6422.36.camel@jaspav.missionsit.net.missionsit.net> On Thu, 2009-01-08 at 17:01 +0000, Tim Brown wrote: > On Thursday 08 January 2009 15:55:55 Eric Gearhart wrote: > > Sorry to bring up an old thread, but I was just looking at open source > > SIM projects and I noticed OSSIM uses Nessus. Naturally the first > > thing that popped into my head was that they ought to move to OpenVAS > > > > Anyone know if the endeavor to help get OSSIM running OpenVAS in lieu > > of Nessus went anywhere? > > We've had some discussions with the OSSIM folk. In fact, their feed is > OpenVAS compatible but no we've not merged the feeds (yet?) although there is > some overlap in the offerings. It's on my big list of things I want to get > done ;). Maybe we should invite Dominic to the next DevCon? > > Tim I am literally in the midst of an OSSIM deployment - just reading the docs and preparing our first test installation. We have also just started testing OpenVAS. We'd very much like to merge these two projects of ours. Has anyone integrated OSSIM and OpenVAS yet? Any pointers or bumps we should beware of? Is it even possible at this point? We don't mind being a test bed but we do not have the development skills in house to start digging deeply into the code so can use whatever help anyone else can provide to get a working model going. we'd be more than happy to share our results and documentation with the project. Thanks - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society From eric at nixwizard.net Mon Jan 12 03:30:32 2009 From: eric at nixwizard.net (Eric Gearhart) Date: Sun, 11 Jan 2009 19:30:32 -0700 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault In-Reply-To: <1231646032.6422.36.camel@jaspav.missionsit.net.missionsit.net> References: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> <200901081701.01457.timb@nth-dimension.org.uk> <1231646032.6422.36.camel@jaspav.missionsit.net.missionsit.net> Message-ID: <5792267e0901111830i15350dfco4420fba6f7fc3416@mail.gmail.com> On Sat, Jan 10, 2009 at 8:53 PM, John A. Sullivan III wrote: > Tim > I am literally in the midst of an OSSIM deployment - just reading the > docs and preparing our first test installation. We have also just > started testing OpenVAS. We'd very much like to merge these two > projects of ours. Has anyone integrated OSSIM and OpenVAS yet? Any > pointers or bumps we should beware of? Is it even possible at this > point? We don't mind being a test bed but we do not have the development > skills in house to start digging deeply into the code so can use > whatever help anyone else can provide to get a working model going. > we'd be more than happy to share our results and documentation with the > project. Thanks - John At my work they're looking for recommendations to beef up security, and I've been looking at OSSIM as well. If anyone has any suggestions I'd be interested as well - please post to the list so and insights aren't lost and can be archived by the great Google -- Eric http://nixwizard.net From ATijssen at Ram.nl Tue Jan 13 11:46:25 2009 From: ATijssen at Ram.nl (Arnoud Tijssen) Date: Tue, 13 Jan 2009 11:46:25 +0100 Subject: [Openvas-discuss] Opnevas-client 2 for windows Message-ID: Hi, I installed openvas server 2.0.0 on linux without problems. I need a openvas-client for openvas-server-2 for windows. How do I compile/make a openvas-client-2 for windows. Any help would be greatly appreciated. Arnoud -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090113/3e6a8b76/attachment.html From man-e-faces at versprite.net Tue Jan 13 14:32:51 2009 From: man-e-faces at versprite.net (Man-E-Faces) Date: Tue, 13 Jan 2009 08:32:51 -0500 Subject: [Openvas-discuss] Opnevas-client 2 for windows In-Reply-To: References: Message-ID: <000c01c97583$6fb099a0$4f11cce0$@net> I've installed Open-Vas server 2.0 w/o problems as well and in the interim am using the linux client over SSH and exporting X11 back. That may be an option you like in the interim. I will say that I have received authentication failures from the client to the server that I've posted to the forum. I get the following error when attempting to connect the openvas-client to the server (located on the same host). Error: Unable to establish a connection to the remote host using the specified protocol version! Other info: . I have run both open-vas client as both root and as a non-root user. Cert is located off of /usr/local/var/. and get the same error. . I have re-run openvas-mkcert to see if there was a problem with the first cert . Protocol version for connection to OpenVas server is NTP 1.2 . Thought it may be a case with tcpwrappers, so added new line to /etc/hosts.deny file so that localhost could be translated to a the local loopback address. Man-E-Faces From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Arnoud Tijssen Sent: Tuesday, January 13, 2009 5:46 AM To: openvas-discuss at wald.intevation.org Subject: [Openvas-discuss] Opnevas-client 2 for windows Hi, I installed openvas server 2.0.0 on linux without problems. I need a openvas-client for openvas-server-2 for windows. How do I compile/make a openvas-client-2 for windows. Any help would be greatly appreciated. Arnoud -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090113/d1c430df/attachment.htm From jsullivan at opensourcedevel.com Wed Jan 14 04:17:25 2009 From: jsullivan at opensourcedevel.com (John A. Sullivan III) Date: Tue, 13 Jan 2009 22:17:25 -0500 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault In-Reply-To: <1231646032.6422.36.camel@jaspav.missionsit.net.missionsit.net> References: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> <200901081701.01457.timb@nth-dimension.org.uk> <1231646032.6422.36.camel@jaspav.missionsit.net.missionsit.net> Message-ID: <1231903045.6459.87.camel@jaspav.missionsit.net.missionsit.net> On Sat, 2009-01-10 at 22:53 -0500, John A. Sullivan III wrote: > On Thu, 2009-01-08 at 17:01 +0000, Tim Brown wrote: > > On Thursday 08 January 2009 15:55:55 Eric Gearhart wrote: > > > Sorry to bring up an old thread, but I was just looking at open source > > > SIM projects and I noticed OSSIM uses Nessus. Naturally the first > > > thing that popped into my head was that they ought to move to OpenVAS > > > > > > Anyone know if the endeavor to help get OSSIM running OpenVAS in lieu > > > of Nessus went anywhere? > > > > We've had some discussions with the OSSIM folk. In fact, their feed is > > OpenVAS compatible but no we've not merged the feeds (yet?) although there is > > some overlap in the offerings. It's on my big list of things I want to get > > done ;). Maybe we should invite Dominic to the next DevCon? > > > > Tim > I am literally in the midst of an OSSIM deployment - just reading the > docs and preparing our first test installation. We have also just > started testing OpenVAS. We'd very much like to merge these two > projects of ours. Has anyone integrated OSSIM and OpenVAS yet? Any > pointers or bumps we should beware of? Is it even possible at this > point? We don't mind being a test bed but we do not have the development > skills in house to start digging deeply into the code so can use > whatever help anyone else can provide to get a working model going. > we'd be more than happy to share our results and documentation with the > project. Thanks - John I should be ready to start testing integrating OpenVAS 2.0 and OSSIM in the morning. Unfortunately, I'm at quite a disadvantage as the OSSIM installer installs Debian Etch and I am quite unfamiliar with Debian (although somewhat familiar with Ubuntu). Right away I see a problem. OpenVAS 2.0 requires glibc >= 2.6 and Etch has 2.3.something or other. Before I try to bring in 2.6 from Lenny (sounds like trouble) or try to install OSSIM on CentOS 5.2 (sounds like even more trouble), has anyone successfully installed OpenVAS 2.0 on Etch and can save me all this grief by telling me how? Thanks - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society From man-e-faces at versprite.net Wed Jan 14 05:45:14 2009 From: man-e-faces at versprite.net (Man-E-Faces) Date: Tue, 13 Jan 2009 23:45:14 -0500 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault In-Reply-To: <1231903045.6459.87.camel@jaspav.missionsit.net.missionsit.net> References: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> <200901081701.01457.timb@nth-dimension.org.uk> <1231646032.6422.36.camel@jaspav.missionsit.net.missionsit.net> <1231903045.6459.87.camel@jaspav.missionsit.net.missionsit.net> Message-ID: <000601c97602$e4c7a0b0$ae56e210$@net> I began to install OpenVas 2.0 on Etch but ran into problems with missing packages that were dependencies during the install. Glibc 2.6 was one. Ultimately, I had wanted to try out Lenny anyway (more updates) so I took the leap. OpenVas installed perfectly fine on Lenny. Only problem has been now in connecting the client to the server, which I am calling remotely (the client) from another host and forwarding by X11 over ssh. Again, related to OpenVas server, I was able to complete the install, add users and make a cert. Man-E-Faces -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of John A. Sullivan III Sent: Tuesday, January 13, 2009 10:17 PM To: Tim Brown; openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault On Sat, 2009-01-10 at 22:53 -0500, John A. Sullivan III wrote: > On Thu, 2009-01-08 at 17:01 +0000, Tim Brown wrote: > > On Thursday 08 January 2009 15:55:55 Eric Gearhart wrote: > > > Sorry to bring up an old thread, but I was just looking at open > > > source SIM projects and I noticed OSSIM uses Nessus. Naturally the > > > first thing that popped into my head was that they ought to move > > > to OpenVAS > > > > > > Anyone know if the endeavor to help get OSSIM running OpenVAS in > > > lieu of Nessus went anywhere? > > > > We've had some discussions with the OSSIM folk. In fact, their feed > > is OpenVAS compatible but no we've not merged the feeds (yet?) > > although there is some overlap in the offerings. It's on my big > > list of things I want to get done ;). Maybe we should invite Dominic to the next DevCon? > > > > Tim > I am literally in the midst of an OSSIM deployment - just reading the > docs and preparing our first test installation. We have also just > started testing OpenVAS. We'd very much like to merge these two > projects of ours. Has anyone integrated OSSIM and OpenVAS yet? Any > pointers or bumps we should beware of? Is it even possible at this > point? We don't mind being a test bed but we do not have the > development skills in house to start digging deeply into the code so > can use whatever help anyone else can provide to get a working model going. > we'd be more than happy to share our results and documentation with > the project. Thanks - John I should be ready to start testing integrating OpenVAS 2.0 and OSSIM in the morning. Unfortunately, I'm at quite a disadvantage as the OSSIM installer installs Debian Etch and I am quite unfamiliar with Debian (although somewhat familiar with Ubuntu). Right away I see a problem. OpenVAS 2.0 requires glibc >= 2.6 and Etch has 2.3.something or other. Before I try to bring in 2.6 from Lenny (sounds like trouble) or try to install OSSIM on CentOS 5.2 (sounds like even more trouble), has anyone successfully installed OpenVAS 2.0 on Etch and can save me all this grief by telling me how? Thanks - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss From michael.wiegand at intevation.de Wed Jan 14 08:07:27 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Wed, 14 Jan 2009 08:07:27 +0100 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault In-Reply-To: <1231903045.6459.87.camel@jaspav.missionsit.net.missionsit.net> References: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> <200901081701.01457.timb@nth-dimension.org.uk> <1231646032.6422.36.camel@jaspav.missionsit.net.missionsit.net> <1231903045.6459.87.camel@jaspav.missionsit.net.missionsit.net> Message-ID: <20090114070727.GA17644@intevation.de> * John A. Sullivan III [14. Jan 2009]: > Right away I see a problem. OpenVAS 2.0 requires glibc >= 2.6 and Etch > has 2.3.something or other. Once again: OpenVAS 2.0 requires *glib* (as in libglib2.0-dev) to be >= 2.6, Etch packages 2.12 as you can see on [1]. So you should have no trouble compiling or installing OpenVAS 2.0 on Etch. Note that this is glib and _not_ glibc. I'm not sure about the exact minimum version for glibc, but it is certainly below 2.3. There was a small packaging error in the first OpenVAS 2.0.0 Debian packages which failed to specify the dependency on glib, which resulted in a glib-related error messages when configuring. This bug should be fixed very soon. I apologize for the confusion and I think it is unfortunate that these two libraries have so similar names -- but we did name neither glib nor glibc. ;) Regards, Michael [1] http://packages.debian.org/etch/libglib2.0-dev -- Michael Wiegand | OpenPGP key: D7D049EC | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jsullivan at opensourcedevel.com Wed Jan 14 13:21:57 2009 From: jsullivan at opensourcedevel.com (John A. Sullivan III) Date: Wed, 14 Jan 2009 07:21:57 -0500 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault In-Reply-To: <000601c97602$e4c7a0b0$ae56e210$@net> References: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> <200901081701.01457.timb@nth-dimension.org.uk> <1231646032.6422.36.camel@jaspav.missionsit.net.missionsit.net> <1231903045.6459.87.camel@jaspav.missionsit.net.missionsit.net> <000601c97602$e4c7a0b0$ae56e210$@net> Message-ID: <1231935717.6511.3.camel@jaspav.missionsit.net.missionsit.net> Thanks for the input but that still leaves me with the problem of OSSIM integration as OSSIM is strongly emphasizing to use their monolithic package built on Etch and, having started working my way through such an enormous and highly integrated project, I can understand why - John On Tue, 2009-01-13 at 23:45 -0500, Man-E-Faces wrote: > I began to install OpenVas 2.0 on Etch but ran into problems with missing > packages that were dependencies during the install. Glibc 2.6 was one. > Ultimately, I had wanted to try out Lenny anyway (more updates) so I took > the leap. OpenVas installed perfectly fine on Lenny. Only problem has been > now in connecting the client to the server, which I am calling remotely (the > client) from another host and forwarding by X11 over ssh. > > Again, related to OpenVas server, I was able to complete the install, add > users and make a cert. > > Man-E-Faces > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of John A. > Sullivan III > Sent: Tuesday, January 13, 2009 10:17 PM > To: Tim Brown; openvas-discuss at wald.intevation.org > Subject: Re: [Openvas-discuss] Next Tier for the OpenVAS feed: join with > OSSIM/AlienVault > > On Sat, 2009-01-10 at 22:53 -0500, John A. Sullivan III wrote: > > On Thu, 2009-01-08 at 17:01 +0000, Tim Brown wrote: > > > On Thursday 08 January 2009 15:55:55 Eric Gearhart wrote: > > > > Sorry to bring up an old thread, but I was just looking at open > > > > source SIM projects and I noticed OSSIM uses Nessus. Naturally the > > > > first thing that popped into my head was that they ought to move > > > > to OpenVAS > > > > > > > > Anyone know if the endeavor to help get OSSIM running OpenVAS in > > > > lieu of Nessus went anywhere? > > > > > > We've had some discussions with the OSSIM folk. In fact, their feed > > > is OpenVAS compatible but no we've not merged the feeds (yet?) > > > although there is some overlap in the offerings. It's on my big > > > list of things I want to get done ;). Maybe we should invite Dominic to > the next DevCon? > > > > > > Tim > > I am literally in the midst of an OSSIM deployment - just reading the > > docs and preparing our first test installation. We have also just > > started testing OpenVAS. We'd very much like to merge these two > > projects of ours. Has anyone integrated OSSIM and OpenVAS yet? Any > > pointers or bumps we should beware of? Is it even possible at this > > point? We don't mind being a test bed but we do not have the > > development skills in house to start digging deeply into the code so > > can use whatever help anyone else can provide to get a working model > going. > > we'd be more than happy to share our results and documentation with > > the project. Thanks - John > > I should be ready to start testing integrating OpenVAS 2.0 and OSSIM in the > morning. Unfortunately, I'm at quite a disadvantage as the OSSIM installer > installs Debian Etch and I am quite unfamiliar with Debian (although > somewhat familiar with Ubuntu). > > Right away I see a problem. OpenVAS 2.0 requires glibc >= 2.6 and Etch has > 2.3.something or other. Before I try to bring in 2.6 from Lenny (sounds > like trouble) or try to install OSSIM on CentOS 5.2 (sounds like even more > trouble), has anyone successfully installed OpenVAS 2.0 on Etch and can save > me all this grief by telling me how? Thanks - John > -- > John A. Sullivan III > Open Source Development Corporation > +1 207-985-7880 > jsullivan at opensourcedevel.com > > http://www.spiritualoutreach.com > Making Christianity intelligible to secular society > > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > > -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society From jsullivan at opensourcedevel.com Wed Jan 14 13:34:14 2009 From: jsullivan at opensourcedevel.com (John A. Sullivan III) Date: Wed, 14 Jan 2009 07:34:14 -0500 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault In-Reply-To: <20090114070727.GA17644@intevation.de> References: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> <200901081701.01457.timb@nth-dimension.org.uk> <1231646032.6422.36.camel@jaspav.missionsit.net.missionsit.net> <1231903045.6459.87.camel@jaspav.missionsit.net.missionsit.net> <20090114070727.GA17644@intevation.de> Message-ID: <1231936454.6511.6.camel@jaspav.missionsit.net.missionsit.net> On Wed, 2009-01-14 at 08:07 +0100, Michael Wiegand wrote: > * John A. Sullivan III [14. Jan 2009]: > > Right away I see a problem. OpenVAS 2.0 requires glibc >= 2.6 and Etch > > has 2.3.something or other. > > Once again: OpenVAS 2.0 requires *glib* (as in libglib2.0-dev) to be >= > 2.6, Etch packages 2.12 as you can see on [1]. So you should have no > trouble compiling or installing OpenVAS 2.0 on Etch. > > Note that this is glib and _not_ glibc. I'm not sure about the exact > minimum version for glibc, but it is certainly below 2.3. > > There was a small packaging error in the first OpenVAS 2.0.0 Debian > packages which failed to specify the dependency on glib, which resulted > in a glib-related error messages when configuring. This bug should be > fixed very soon. > > I apologize for the confusion and I think it is unfortunate that these > two libraries have so similar names -- but we did name neither glib nor > glibc. ;) > > Regards, > > Michael > > [1] http://packages.debian.org/etch/libglib2.0-dev > Argh! (Very red face) You are exactly right. My late night brain cramp and my apologies. I let you know how I fare. Any other caveats about integrating OpenVAS 2.0 and OSSIM? I've read some things about output formats being mismatched, i.e., different from the Nessus format OSSIM expects. Thanks - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society From michael.wiegand at intevation.de Wed Jan 14 14:14:22 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Wed, 14 Jan 2009 14:14:22 +0100 Subject: [Openvas-discuss] Next Tier for the OpenVAS feed: join with OSSIM/AlienVault In-Reply-To: <1231936454.6511.6.camel@jaspav.missionsit.net.missionsit.net> References: <5792267e0901080755p5a9cb61bnddeae4374360d644@mail.gmail.com> <200901081701.01457.timb@nth-dimension.org.uk> <1231646032.6422.36.camel@jaspav.missionsit.net.missionsit.net> <1231903045.6459.87.camel@jaspav.missionsit.net.missionsit.net> <20090114070727.GA17644@intevation.de> <1231936454.6511.6.camel@jaspav.missionsit.net.missionsit.net> Message-ID: <20090114131422.GD22514@intevation.de> * John A. Sullivan III [14. Jan 2009]: > Argh! (Very red face) You are exactly right. My late night brain cramp > and my apologies. I let you know how I fare. Any other caveats about > integrating OpenVAS 2.0 and OSSIM? I've read some things about output > formats being mismatched, i.e., different from the Nessus format OSSIM > expects. Thanks - John Depends on which output formats you are talking about. OpenVAS uses OIDs in place of the numerical IDs used by Nessus, for example. There are a few other changes as well; I'm not familiar with OSSIM, so I don't know what it expects. But unless OSSIM is doing something weird with the results, the changes should be pretty straightforward and easy to implement. Let me know if you have any questions regarding the output. Regards, Michael -- Michael Wiegand | OpenPGP key: D7D049EC | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From tommymay at comcast.net Wed Jan 14 17:39:43 2009 From: tommymay at comcast.net (Tommy May) Date: Wed, 14 Jan 2009 16:39:43 +0000 (UTC) Subject: [Openvas-discuss] Question regarding Debian etch and dependencies libopenvasnasl1 - libgpg-error0 (>=1.5) and libgpgme11 (>=1.1.6) Message-ID: <983747784.1989261231951183382.JavaMail.root@sz0153a.westchester.pa.mail.comcast.net> Greetings - I am extremely new to openvas... and my development knowledge in this space could use some improvement. I certainly hope that I haven't failed the 'RTFM' test here, but I seem to have a dependency issue when attempting to install libopenvasnasl1 on Debian. Looks like there is a dependency to have libopenvasnasl1 - libgpg-error0 (>=1.5) and libgpgme11 (>=1.1.6). The latest versions I can find for each are 1.4-1 and 1.1.2-5, respectively. Am I missing something here? Any information that you may be able to point me to would be greatly appreciated. Thanks for the help... Tommy From jsullivan at opensourcedevel.com Wed Jan 14 17:45:22 2009 From: jsullivan at opensourcedevel.com (John A. Sullivan III) Date: Wed, 14 Jan 2009 11:45:22 -0500 Subject: [Openvas-discuss] Question regarding Debian etch and dependencies libopenvasnasl1 - libgpg-error0 (>=1.5) and libgpgme11 (>=1.1.6) In-Reply-To: <983747784.1989261231951183382.JavaMail.root@sz0153a.westchester.pa.mail.comcast.net> References: <983747784.1989261231951183382.JavaMail.root@sz0153a.westchester.pa.mail.comcast.net> Message-ID: <1231951522.6511.37.camel@jaspav.missionsit.net.missionsit.net> On Wed, 2009-01-14 at 16:39 +0000, Tommy May wrote: > Greetings - I am extremely new to openvas... and my development knowledge in this space could use some improvement. > I certainly hope that I haven't failed the 'RTFM' test here, but I seem to have a dependency issue when attempting to install libopenvasnasl1 on Debian. > > Looks like there is a dependency to have libopenvasnasl1 - libgpg-error0 (>=1.5) and libgpgme11 (>=1.1.6). The latest versions I can find for each are 1.4-1 and 1.1.2-5, respectively. > > Am I missing something here? Any information that you may be able to point me to would be greatly appreciated. > > Thanks for the help... > Sorry I don't have time to investigate your errors specifically but I just happen to be in the process of installing on Etch (as shipped with OSSIM) and have these notes on the dependencies I found. One I installed them, all compiled fine: apt-get install bison libpcap-dev libgnutls-dev libgpgme11-dev rsync coreutils gcc libglib2.0-dev libssl-dev Hope that helps - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society From tommymay at comcast.net Wed Jan 14 21:02:52 2009 From: tommymay at comcast.net (Tommy May) Date: Wed, 14 Jan 2009 20:02:52 +0000 (UTC) Subject: [Openvas-discuss] Question regarding Debian etch and dependencies libopenvasnasl1 - libgpg-error0 (>=1.5) and libgpgme11 (>=1.1.6) In-Reply-To: <1231951522.6511.37.camel@jaspav.missionsit.net.missionsit.net> Message-ID: <1906745898.2070301231963372469.JavaMail.root@sz0153a.westchester.pa.mail.comcast.net> Yes - thank you John. After installing all of the packages below and compiling each Openvas component from source code, all works perfectly. I really appreciate the assistance. Tommy ----- Original Message ----- From: "John A. Sullivan III" To: "Tommy May" Cc: openvas-discuss at wald.intevation.org Sent: Wednesday, January 14, 2009 11:45:22 AM GMT -05:00 US/Canada Eastern Subject: Re: [Openvas-discuss] Question regarding Debian etch and dependencies libopenvasnasl1 - libgpg-error0 (>=1.5) and libgpgme11 (>=1.1.6) On Wed, 2009-01-14 at 16:39 +0000, Tommy May wrote: > Greetings - I am extremely new to openvas... and my development knowledge in this space could use some improvement. > I certainly hope that I haven't failed the 'RTFM' test here, but I seem to have a dependency issue when attempting to install libopenvasnasl1 on Debian. > > Looks like there is a dependency to have libopenvasnasl1 - libgpg-error0 (>=1.5) and libgpgme11 (>=1.1.6). The latest versions I can find for each are 1.4-1 and 1.1.2-5, respectively. > > Am I missing something here? Any information that you may be able to point me to would be greatly appreciated. > > Thanks for the help... > Sorry I don't have time to investigate your errors specifically but I just happen to be in the process of installing on Etch (as shipped with OSSIM) and have these notes on the dependencies I found. One I installed them, all compiled fine: apt-get install bison libpcap-dev libgnutls-dev libgpgme11-dev rsync coreutils gcc libglib2.0-dev libssl-dev Hope that helps - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society From hans.ullrich at loop.de Sat Jan 17 10:56:21 2009 From: hans.ullrich at loop.de (Hans-J. Ullrich) Date: Sat, 17 Jan 2009 10:56:21 +0100 Subject: [Openvas-discuss] Problem: Where are the users? Message-ID: <200901171056.22204.hans.ullrich@loop.de> Dear list, I am looking for an option, to list all added users by openvas-adduser as theye are strangewise not listed below /usr/lib/openvas/users/. Maybe it is a bug ? My configuration: Openvas-serever is running on my debian-amd64 and debian-i386. Since the debian packages are still version 1.x, I had to compile 2.0 for myself. Compilation went fine by doing: ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var to make it debian compatible and then, of course, 'make' and 'make install' openvasd started fine, I added a user, but I could not find his entry. I found /etc/openvas, /usr/lib/openvas and /var/run/openvasd.pid - just as wished. What did I do wrong? Thanks for any help. Greets Hans P.S. Jan, still I did not find the users. From joey at infodrom.org Sat Jan 17 12:11:22 2009 From: joey at infodrom.org (Joey Schulze) Date: Sat, 17 Jan 2009 12:11:22 +0100 Subject: [Openvas-discuss] OpenVAS wiki? In-Reply-To: <5792267e0901091134n6f0c1e80l8b353600feef7424@mail.gmail.com> References: <5792267e0901091134n6f0c1e80l8b353600feef7424@mail.gmail.com> Message-ID: <20090117111122.GA27491@finlandia.home.infodrom.org> Eric Gearhart wrote: > > I was just poking around the OpenVas mailing list to see if anybody had > > managed to get it running on Debian etch and it looks like you've tackled > > this. I also had the same thought of running it in a VMWare session as > > well. If you want to run OpenVAS on etch, the best you could do is pobably try to recompile the Debian packages from unstable on etch. That may cause some probalems, but should produce packages at the end. > > Do you already have a vmware image going? Do you still have your notes on > > getting it running on etch? Any tips would be greatly appreciated. > > > > Chris > > Chris, > > I don't have the VMware image, but I can get an OpenVAS image going in > my spare time at work today. I have a server you can download the > image from as well, worst case. Thanks! That would probably help proliferate the software, however, I would prefer images to Free virtualisation software... Regards, Joey -- Let's call it an accidental feature. -- Larry Wall Please always Cc to me when replying to me on the lists. From hans.ullrich at loop.de Sat Jan 17 12:27:31 2009 From: hans.ullrich at loop.de (Hans-J. Ullrich) Date: Sat, 17 Jan 2009 12:27:31 +0100 Subject: [Openvas-discuss] OpenVAS wiki? In-Reply-To: <20090117111122.GA27491@finlandia.home.infodrom.org> References: <5792267e0901091134n6f0c1e80l8b353600feef7424@mail.gmail.com> <20090117111122.GA27491@finlandia.home.infodrom.org> Message-ID: <200901171227.32973.hans.ullrich@loop.de> Am Samstag, 17. Januar 2009 schrieb Joey Schulze: > Eric Gearhart wrote: > > > I was just poking around the OpenVas mailing list to see if anybody had > > > managed to get it running on Debian etch and it looks like you've > > > tackled this. I also had the same thought of running it in a VMWare > > > session as well. > > If you want to run OpenVAS on etch, the best you could do is pobably > try to recompile the Debian packages from unstable on etch. That > may cause some probalems, but should produce packages at the end. > > > > Do you already have a vmware image going? Do you still have your notes > > > on getting it running on etch? Any tips would be greatly appreciated. > > > > > > Chris > > > > Chris, > > > > I don't have the VMware image, but I can get an OpenVAS image going in > > my spare time at work today. I have a server you can download the > > image from as well, worst case. > > Thanks! > > That would probably help proliferate the software, however, I would > prefer images to Free virtualisation software... > > Regards, > > Joey The debian packages are too old, as they are still version 1.0. I recommend to use version 2.0, as there are significant changes made oppsite to version 1.0. Additionally, I compiled it fine on 32-bit debian-i386 (testing) and debian-amd64 (sid) - both, server and clients! Cheers Hans From andrew.court at bt.com Sun Jan 18 00:54:32 2009 From: andrew.court at bt.com (andrew.court@bt.com) Date: Sat, 17 Jan 2009 23:54:32 -0000 Subject: [Openvas-discuss] Brief Introduction Message-ID: Hi, My name is Andrew Court and I work as IT Security Specialist for a major telecoms company. I have been using Nessus in my current role for nearly 2 years and in general for about 5. I am familiar with its use and with NASL. However, I have become increasingly dissatisfied with it of late. Being an open source advocate I was saddened when tenable decided to close the source, and have been looking for an open alternative. I found OpenVAS a few weeks ago but only now got round to testing it. I must say I am very happy with it so far, and for that you have my congratulations. I hope to implement it on a number of servers over the next few weeks. With a view to supporting the project, I was wondering if there was anyway I could contribute. My c-coding skills are a bit rusty, and so I do not think I could help too much in software development, however, I open to suggestions and requests for help. I am just wondering is there any other way i can contribute? If you could let me know if there is anything you need or anything you would like looked at, I would be happy to comply. Hope to hear from you soon, Kind Regards, Andrew Court IT Security Specialist | CEH | BT Retail - Ireland | E:Andrew.Court at bt.com |Mobile: +353 86 1720 692 | Fax: +353 1 432 5899| www.btireland.com From joey at infodrom.org Sun Jan 18 18:44:45 2009 From: joey at infodrom.org (Joey Schulze) Date: Sun, 18 Jan 2009 18:44:45 +0100 Subject: [Openvas-discuss] OpenVAS wiki? In-Reply-To: <200901171227.32973.hans.ullrich@loop.de> References: <5792267e0901091134n6f0c1e80l8b353600feef7424@mail.gmail.com> <20090117111122.GA27491@finlandia.home.infodrom.org> <200901171227.32973.hans.ullrich@loop.de> Message-ID: <20090118174445.GB27491@finlandia.home.infodrom.org> Hans-J. Ullrich wrote: > > > I don't have the VMware image, but I can get an OpenVAS image going in > > > my spare time at work today. I have a server you can download the > > > image from as well, worst case. > > > > Thanks! > > > > That would probably help proliferate the software, however, I would > > prefer images to Free virtualisation software... > > > The debian packages are too old, as they are still version 1.0. Javier uploaded 2.0.x packages at the beginning of January which supersede the 1.0.x packages. Neither packages will become a part of lenny, though. > Additionally, I compiled it fine on 32-bit debian-i386 (testing) and > debian-amd64 (sid) - both, server and clients! Did you have to change anything in the packaging data? If so, please send us patches. Regards, Joey -- Still can't talk about what I can't talk about. Sorry. -- Bruce Schneier From jan-oliver.wagner at intevation.de Sun Jan 18 20:36:22 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Sun, 18 Jan 2009 20:36:22 +0100 Subject: [Openvas-discuss] Brief Introduction In-Reply-To: References: Message-ID: <200901182036.22676.jan-oliver.wagner@intevation.de> Hello Andrew, On Sunday 18 January 2009 00:54:32 andrew.court at bt.com wrote: > With a view to supporting the project, I was wondering if there was anyway > I could contribute. My c-coding skills are a bit rusty, and so I do not > think I could help too much in software development, however, I open to > suggestions and requests for help. I am just wondering is there any other > way i can contribute? If you could let me know if there is anything you > need or anything you would like looked at, I would be happy to comply. ? ? Thanks a lot for you offer! The OpenVAS projects can be supported in many ways. For example, the Compendium could be improved and extended. What also is of great help are detailed bug reports and trying to reproduce incoming bug reports. It is sometimes a time consuming job but it usually does not need high programming skills. All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From andrew.court at bt.com Mon Jan 19 13:07:06 2009 From: andrew.court at bt.com (andrew.court@bt.com) Date: Mon, 19 Jan 2009 12:07:06 -0000 Subject: [Openvas-discuss] Brief Introduction Message-ID: Ill see what I can do. I can hang out in irc from about 19:00 to about 22:00 GMT. Unfortunately due to firewall rules in the company(some of which I designed) I cannot access IRC during the day. Other ways I can lend a hand is documentation, aswell as basic support, and I also thought the website could do with an FAQ, which would cover basic installation questions etc. As for bug-reporting, well as I said I hope to implement openVAS across a range of servers in the coming weeks. The OS's of these include, RHEL5, Ubuntu Server, and CentOS. On top of that, I ran into a bug today, but it seems to already have been reported, though I was not exactly turned on by the verbosity of that bug report, its ID is 871. The bug report is as follows: >I just completed openVAS scans on 3 large network ranges. There are some specific concerns I would like to hightlight >in making the report easier to analyse. For all the IPs in the network range OpenVAS returns the following port results, >SMB: All of them have failed the test. This is documented in the report >SSH: All except the real ssh ports have failed the test but still listed in the report >HTTP: All except the real web services have failed but is still listed as empty nikto scan. >It would be great if we can remove these false positives or excessive information making analysis of results faster >and more effective. The bug I found was that the scan report reported that open office was installed on the target machine when it is not. Here is the entry in the scan: >Reported by NVT "OpenOffice.org <= 2.4.1 vulnerability" (1.3.6.1.4.1.25623.1.0.90030): >Error getting SMB-Data -> CONNECTION TO 192.168.1.4 FAILED (ERROR NT_STATUS_CONNECTION_REFUSED) >CVE : CVE-2008-2152 I will keep an eye out on how that bug turns out. Can you tell me who else contributes to the project, and whom is responsible for what? Thanks, Andrew Court IT Security Specialist | CEH | BT Retail - Ireland | E:Andrew.Court at bt.com |Mobile: +353 86 1720 692 | Fax: +353 1 432 5899| www.btireland.com -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org on behalf of Jan-Oliver Wagner Sent: Sun 1/18/2009 7:36 PM To: openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] Brief Introduction Hello Andrew, On Sunday 18 January 2009 00:54:32 andrew.court at bt.com wrote: > With a view to supporting the project, I was wondering if there was anyway > I could contribute. My c-coding skills are a bit rusty, and so I do not > think I could help too much in software development, however, I open to > suggestions and requests for help. I am just wondering is there any other > way i can contribute? If you could let me know if there is anything you > need or anything you would like looked at, I would be happy to comply. Thanks a lot for you offer! The OpenVAS projects can be supported in many ways. For example, the Compendium could be improved and extended. What also is of great help are detailed bug reports and trying to reproduce incoming bug reports. It is sometimes a time consuming job but it usually does not need high programming skills. All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss From jan-oliver.wagner at intevation.de Mon Jan 19 15:02:44 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Mon, 19 Jan 2009 15:02:44 +0100 Subject: [Openvas-discuss] Brief Introduction In-Reply-To: References: Message-ID: <200901191502.46411.jan-oliver.wagner@intevation.de> On Montag, 19. Januar 2009, andrew.court at bt.com wrote: > Other ways I can lend a hand is documentation, aswell as basic support, and I also thought the website could do with an FAQ, which would cover basic installation questions etc. yes, making the web site nicer and add more helpful content is yet another open task. Also we could need managers for mailing lists and the bug tracker, btw ;-) > As for bug-reporting, well as I said I hope to implement openVAS across a range of servers in the coming weeks. The OS's of these include, RHEL5, Ubuntu Server, and CentOS. On top of that, I ran into a bug today, but it seems to already have been reported, though I was not exactly turned on by the verbosity of that bug report, its ID is 871. The bug report is as follows: > > >I just completed openVAS scans on 3 large network ranges. There are some specific concerns I would like to hightlight > >in making the report easier to analyse. For all the IPs in the network range OpenVAS returns the following port results, > > >SMB: All of them have failed the test. This is documented in the report > >SSH: All except the real ssh ports have failed the test but still listed in the report > >HTTP: All except the real web services have failed but is still listed as empty nikto scan. > > >It would be great if we can remove these false positives or excessive information making analysis of results faster > >and more effective. > > The bug I found was that the scan report reported that open office was installed on the target machine when it is not. > > Here is the entry in the scan: > > >Reported by NVT "OpenOffice.org <= 2.4.1 vulnerability" (1.3.6.1.4.1.25623.1.0.90030): > > >Error getting SMB-Data -> CONNECTION TO 192.168.1.4 FAILED (ERROR NT_STATUS_CONNECTION_REFUSED) > >CVE : CVE-2008-2152 > > I will keep an eye out on how that bug turns out. Could you create a bug report for this one? > Can you tell me who else contributes to the project, and whom is responsible for what? well, anyone active on the OpenVAS mailing lists, IRC or bug tracker is a contributor. The comitters you see here, but note that the stats do not mean a lot: http://wald.intevation.org/scm/?group_id=29 We have so far no detailed mapping of responsibilities other than Tim Brown is the project contact. Best is to throw ideas into the mailing lists or IRC - the right people will pick up. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From eric at nixwizard.net Tue Jan 20 00:08:15 2009 From: eric at nixwizard.net (Eric Gearhart) Date: Mon, 19 Jan 2009 16:08:15 -0700 Subject: [Openvas-discuss] Question about plugin 11808 Message-ID: <5792267e0901191508y1c1fe4fbg47e682f6909a6d6@mail.gmail.com> Sorry about the double posting, but I was not aware there even was an openvas-plugins mailing list, and the volume on both lists is not deafening, so I figured it can't hurt to cross-post to both lists (if nothing else more people will be made aware the openvas-plugins list *exists*) ( please see original post at http://lists.wald.intevation.org/pipermail/openvas-plugins/2008-May/000057.html ) I am having the exact same issue as reported by the link in the note above.... a huge number of machines are reported as vulnerable to MS03-026, when I know for a fact they're completely patched. I can see their status via WSUS (if you're familiar with the Windows patching routine you're familiar with WSUS - if not http://en.wikipedia.org/wiki/Windows_Server_Update_Services looks pretty accurate) Here's the full text of the offending plugin: "Reported by NVT "Microsoft RPC Interface Buffer Overrun (823980)" (1.3.6.1.4.1.25623.1.0.11808): The remote host is running a version of Windows which has a flaw in its RPC interface which may allow an attacker to execute arbitrary code and gain SYSTEM privileges. There is at least one Worm which is currently exploiting this vulnerability. Namely, the MsBlaster worm. Solution: see http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx Risk factor : High CVE : CAN-2003-0352 BID : 8205 Other references : IAVA:2003-A-0011" A quick grep of my plugins/ folder reveals the plugin with filename msrpc_dcom.nasl is what's the offending nasl script. In that file, I see this section: if(get_kb_item("SMB/KB824146"))exit(0); if(get_kb_item("SMB/KB824146_cant_be_verified"))exit(0); I looked up that knowledgebase article, and indeed that update has been superseded by http://support.microsoft.com/kb/828741/ "MS04-012: Cumulative Update for Microsoft RPC/DCOM" I've modifed the original NASL script, and flipped the KB824146 bits over to KB828741. I'm in the process of re-scanning one of the machines now, to see if the change made a difference. I don't have a vulnerable machine available (that does not have either update), so I have no way to test there; that's assuming testing is necessary for a simple "Is the KB828741 patch installed?" nasl script... I would be tickled pink if the effort I've put in leads to an improvement in OpenVAS... should I try to cobble a patch together to apply against msrpc_dcom.nasl to update those two lines to the newer KB article? -- Eric http://nixwizard.net From jan-oliver.wagner at intevation.de Tue Jan 20 09:24:52 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Tue, 20 Jan 2009 09:24:52 +0100 Subject: [Openvas-discuss] Start of planning OpenVAS DevCon 2 In-Reply-To: <200901072321.47523.jan-oliver.wagner@intevation.de> References: <200901072321.47523.jan-oliver.wagner@intevation.de> Message-ID: <200901200924.54949.jan-oliver.wagner@intevation.de> On Mittwoch, 7. Januar 2009, Jan-Oliver Wagner wrote: > I just put a draft page on the OpenVAS DevCon#2 online: > > http://www.openvas.org/openvas-devcon2.html > > I guess it might make sense to introduce a special > email address such as devcon2 att openvas.org > to not require to send reservation whiches, arrival > times etc. to the public mailing list. > > Also it would be great if a team of 2 or 3 people > would volunteer to do some organizational work > such as maintaining the above web page (also make it nicer > than it is currently ;-), maintain the list of participants > and coordinating the working out of the agenda. > > Over here at Intevation we will take care of hotel reservations, > evening events and all the stuff where you need to be onsite. so far I received zero feedback. So, we'll keep it at a low organizational and PR efford. I will introduce a email address at intevation as a contact for attendees. Thought of openvas-devcon at intevation.de. I also plan to put a simple news box on the web site to let every visitor know. Any concerns? Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jan-oliver.wagner at intevation.de Wed Jan 21 09:41:10 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Wed, 21 Jan 2009 09:41:10 +0100 Subject: [Openvas-discuss] Start of planning OpenVAS DevCon 2 In-Reply-To: <200901200924.54949.jan-oliver.wagner@intevation.de> References: <200901072321.47523.jan-oliver.wagner@intevation.de> <200901200924.54949.jan-oliver.wagner@intevation.de> Message-ID: <200901210941.12381.jan-oliver.wagner@intevation.de> On Dienstag, 20. Januar 2009, Jan-Oliver Wagner wrote: > On Mittwoch, 7. Januar 2009, Jan-Oliver Wagner wrote: > I will introduce a email address at intevation as a contact for attendees. > Thought of openvas-devcon at intevation.de. > > I also plan to put a simple news box on the web site to let every visitor know. I did this now. Felix will receive the emails and take care of the organizational part. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From eric at nixwizard.net Wed Jan 21 20:53:07 2009 From: eric at nixwizard.net (Eric Gearhart) Date: Wed, 21 Jan 2009 12:53:07 -0700 Subject: [Openvas-discuss] Debian dependency on glib missing in package openvas-libraries Message-ID: <5792267e0901211153s32a58245ibb5ce2d56bac0c8b@mail.gmail.com> Are the maintainers aware of this bug in the Debian openvas packages? (see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511627 for the bug) Also, the package is in freeze due to the bug (see http://release.debian.org/migration/testing.pl?package=openvas-libraries for details) "Your package is failing to build with the following error: checking for pkg-config... no checking for GLIB... configure: error: "glib >= 2.6.0 not found" make: *** [config.status] Error 1 You're probably missing a few build dependencies." It's causing the openvas packages to not install on Debian testing: "root at openvas:~# apt-get install openvas-server Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: openvas-server: Depends: libopenvas2 (>= 2.0.0) but it is not installable Depends: libopenvasnasl2 (>= 2.0.0) but it is not installable E: Broken packages" Just for reference here's my /etc/apt/sources.list: # unstable repo deb http://ftp.us.debian.org/debian unstable main contrib non-free # Security updates #deb http://ftp.us.debian.org/debian-security etch/updates main contrib non-free -- Eric http://nixwizard.net From jfs at computer.org Thu Jan 22 02:21:11 2009 From: jfs at computer.org (Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?=) Date: Thu, 22 Jan 2009 02:21:11 +0100 Subject: [Openvas-discuss] Debian dependency on glib missing in package openvas-libraries In-Reply-To: <5792267e0901211153s32a58245ibb5ce2d56bac0c8b@mail.gmail.com> References: <5792267e0901211153s32a58245ibb5ce2d56bac0c8b@mail.gmail.com> Message-ID: <20090122012111.GA32759@javifsp.no-ip.org> On Wed, Jan 21, 2009 at 12:53:07PM -0700, Eric Gearhart wrote: > Are the maintainers aware of this bug in the Debian openvas packages? > (see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511627 for the > bug) Yes, packages have been uploaded to fix this and are waiting in NEW (http://ftp-master.debian.org/new.html) > Also, the package is in freeze due to the bug (see > http://release.debian.org/migration/testing.pl?package=openvas-libraries > for details) Actually, regardless of this bug it will *not* move to testing. > It's causing the openvas packages to not install on Debian testing: No, that's not the reason, the openvas-server package with unmet dependencies is only in sid, not in lenny, you are probably mixing sources. Regardless, when the new 2.x packages for openvas-libraries and openvas-libnasl get ACCEPTED these issues should go away. > Just for reference here's my /etc/apt/sources.list: > > # unstable repo > deb http://ftp.us.debian.org/debian unstable main contrib non-free See, you are not using 'testing' (lenny), you are using unstable (sid). Regards Javier -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090122/957e6833/attachment.pgp From eric at nixwizard.net Thu Jan 22 06:01:29 2009 From: eric at nixwizard.net (Eric Gearhart) Date: Wed, 21 Jan 2009 22:01:29 -0700 Subject: [Openvas-discuss] Debian dependency on glib missing in package openvas-libraries In-Reply-To: <20090122012111.GA32759@javifsp.no-ip.org> References: <5792267e0901211153s32a58245ibb5ce2d56bac0c8b@mail.gmail.com> <20090122012111.GA32759@javifsp.no-ip.org> Message-ID: <5792267e0901212101w179c3167le0781b1a1d43721c@mail.gmail.com> On Wed, Jan 21, 2009 at 6:21 PM, Javier Fern?ndez-Sanguino Pe?a wrote: > On Wed, Jan 21, 2009 at 12:53:07PM -0700, Eric Gearhart wrote: >> Are the maintainers aware of this bug in the Debian openvas packages? >> (see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511627 for the >> bug) > > Yes, packages have been uploaded to fix this and are waiting in NEW > (http://ftp-master.debian.org/new.html) Just out of curiosity is there a URL available where I can download libopenvas2_2.0.0-2_i386.deb? I can't find anything helpful with Google, and I don't see anywhere on http://ftp-master.debian.org/new/openvas-libraries_2.0.0-2.html where the actual .deb file is available for download. I'd like to get the OpenVAS box I setup at work up and scanning tomorrow... Worst case I can compile from source, but I'd much rather be lazy and wget down a deb if I can... if nothing else I'll "test the deb" and report back if I have any problems -- Eric http://nixwizard.net From randy at procyonlabs.com Fri Jan 23 08:30:19 2009 From: randy at procyonlabs.com (Randal T. Rioux) Date: Fri, 23 Jan 2009 02:30:19 -0500 (EST) Subject: [Openvas-discuss] Brief Introduction In-Reply-To: References: Message-ID: <8ccab9b7bee3ab4e23167a860348e504.squirrel@192.168.3.3> On Sat, January 17, 2009 6:54 pm, andrew.court at bt.com wrote: > > Hi, > > My name is Andrew Court and I work as IT Security Specialist for a major > telecoms company. Let me guess... BT? Randy :-) From michael.wiegand at intevation.de Thu Jan 29 15:13:50 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Thu, 29 Jan 2009 15:13:50 +0100 Subject: [Openvas-discuss] Problem: Where are the users? In-Reply-To: <200901171056.22204.hans.ullrich@loop.de> References: <200901171056.22204.hans.ullrich@loop.de> Message-ID: <20090129141350.GC21185@intevation.de> * Hans-J. Ullrich [17. Jan 2009]: > Dear list, > > I am looking for an option, to list all added users by openvas-adduser as > theye are strangewise not listed below /usr/lib/openvas/users/. I built a new installation with the configuration parameters you described, new users are correctly placed below /var/lib/openvas/users/. Note that this is below /var and not below /usr as you indicated. The /var/lib hierarchy seems to be the correct location, at least in my understanding of the FHS. Or am I missing something? Could you run "openvas-adduser", add an user and do a "ls -l /var/lib/openvas/users" ? The user you just created should show up there. If it does not, please let me know. Regards, Michael -- Michael Wiegand | OpenPGP key: D7D049EC | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 206 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090129/03e98470/attachment.pgp From hans.ullrich at loop.de Thu Jan 29 17:49:03 2009 From: hans.ullrich at loop.de (Hans-J. Ullrich) Date: Thu, 29 Jan 2009 17:49:03 +0100 Subject: [Openvas-discuss] Problem: Where are the users? In-Reply-To: <20090129141350.GC21185@intevation.de> References: <200901171056.22204.hans.ullrich@loop.de> <20090129141350.GC21185@intevation.de> Message-ID: <200901291749.03829.hans.ullrich@loop.de> Am Donnerstag, 29. Januar 2009 schrieb Michael Wiegand: > * Hans-J. Ullrich [17. Jan 2009]: > > Dear list, > > > > I am looking for an option, to list all added users by openvas-adduser as > > theye are strangewise not listed below /usr/lib/openvas/users/. > > I built a new installation with the configuration parameters you > described, new users are correctly placed below /var/lib/openvas/users/. > Note that this is below /var and not below /usr as you indicated. > > The /var/lib hierarchy seems to be the correct location, at least in my > understanding of the FHS. Or am I missing something? > > Could you run "openvas-adduser", add an user and do a > "ls -l /var/lib/openvas/users" ? The user you just created should show > up there. If it does not, please let me know. > > Regards, > > Michael Hi Michael, yes, meanwhile I found the users below /var/lib/openvas/users. I just searched the whole system for a decent named user, and so I found it. Sorry, I should have reported it earlier. I was a little bit confused, as one of the developer pointed me to /usr. So sorry for my late response. As this is not a bug at all, and as I didn't open a bug, there should be nothing to close. If someone did, it can safely be closed of course. Thanks for the help anyway! Cheers Hans