From jsimmons at goblin.punk.net Mon Jun 1 00:21:02 2009 From: jsimmons at goblin.punk.net (Jeff Simmons) Date: Sun, 31 May 2009 15:21:02 -0700 Subject: [Openvas-discuss] CPPFLAGS problem - Mac OS X In-Reply-To: <200905300655.24083.jsimmons@goblin.punk.net> References: <200905300655.24083.jsimmons@goblin.punk.net> Message-ID: <200905311521.02503.jsimmons@goblin.punk.net> On Saturday 30 May 2009 06:55, I wrote: > Trying to compile openvas (specifically openvas-libraries-2.0.2) on a Mac > (10.5.8) using Mac Ports to add necessary libraries. Mac Ports puts files > into /opt/local/include and /opt/local/lib, so I should need something > like: > > LDFLAGS=-L/opt/local/lib > CPPFLAGS=-I/opt/local/include I managed to get this past the ./compile stage (it helps to remember that -l and -I look identical in my mailreader). But the make is dying in an unusual way, and with only a rudimentary knowledge of C I don't know what to make of it. The make output features a series of calls to gcc that look like the following: gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/opt/local/src/openvas- libraries-2.0.2/include -I/usr/local/include -I/opt/local/include/ glib-2.0 -I/opt/local/lib/glib-2.0/include -I/opt/local/include - DHAVE_CONFIG_H -g -Wall -c openvas_ssh_login.c -o openvas_ssh_login.o >/dev/null 2>&1 Then a bunch of stuff happens, and the next time gcc gets a similar call it looks like this: gcc -pipe -DHAVE_CONFIG_H -I. -I/opt/local/src/openvas-libraries-2.0.2/ include -I/usr/local/include -Wall -I../libopenvas -c hg_utils.c -fno- common -DPIC -o .libs/hg_utils.o The includes are gone except for /usr/local/include, gcc can't find /opt/local/include/gnutls, and the compile stops. Anyone have any ideas about what's going on here, and is this the kind of thing I should file a bug report for? The complete sequence: gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/opt/local/src/openvas- libraries-2.0.2/include -I/usr/local/include -I/opt/local/include/ glib-2.0 -I/opt/local/lib/glib-2.0/include -I/opt/local/include - DHAVE_CONFIG_H -g -Wall -c openvas_ssh_login.c -o openvas_ssh_login.o >/dev/null 2>&1 /bin/sh /opt/local/src/openvas-libraries-2.0.2/libtool gcc -pipe -L/ opt/local/lib -o libopenvas.la plugutils.lo system.lo network.lo resolve.lo arglists.lo ftp_funcs.lo scanners_utils.lo pcap.lo hlst.lo harglists.lo www_funcs.lo ids_send.lo rand.lo popen.lo bpf_share.lo services.lo services1.lo proctitle.lo store.lo kb.lo share_fd.lo hash_table_file.lo openvas_ssh_login.lo -lutil -lpcap -lgnutls - lresolv -L/usr/local/lib -L/opt/local/lib -lglib-2.0 -lintl -liconv -rpath /usr/local/lib \ -version-info 2:2:0 *** Warning: inferring the mode of operation is deprecated. *** Future versions of Libtool will require --mode=MODE be specified. gcc -dynamiclib ${wl}-flat_namespace ${wl}-undefined ${wl}suppress - o .libs/libopenvas.2.0.2.dylib .libs/plugutils.o .libs/system.o .libs/ network.o .libs/resolve.o .libs/arglists.o .libs/ftp_funcs.o .libs/ scanners_utils.o .libs/pcap.o .libs/hlst.o .libs/harglists.o .libs/ www_funcs.o .libs/ids_send.o .libs/rand.o .libs/popen.o .libs/ bpf_share.o .libs/services.o .libs/services1.o .libs/proctitle.o .libs/ store.o .libs/kb.o .libs/share_fd.o .libs/hash_table_file.o .libs/ openvas_ssh_login.o -L/opt/local/lib -lutil -lpcap /opt/local/lib/ libgnutls.dylib /opt/local/lib/libtasn1.dylib /opt/local/lib/ libz.dylib /opt/local/lib/libgcrypt.dylib /opt/local/lib/libgpg- error.dylib -lresolv -L/usr/local/lib /opt/local/lib/ libglib-2.0.dylib /opt/local/lib/libintl.dylib /opt/local/lib/ libiconv.dylib -install_name /usr/local/lib/libopenvas.2.dylib -Wl,- compatibility_version -Wl,3 -Wl,-current_version -Wl,3.2 ld: warning, duplicate dylib /opt/local/lib/libz.1.dylib (cd .libs && rm -f libopenvas.2.dylib && ln -s libopenvas.2.0.2.dylib libopenvas.2.dylib) (cd .libs && rm -f libopenvas.dylib && ln -s libopenvas.2.0.2.dylib libopenvas.dylib) ar cru .libs/libopenvas.a plugutils.o system.o network.o resolve.o arglists.o ftp_funcs.o scanners_utils.o pcap.o hlst.o harglists.o www_funcs.o ids_send.o rand.o popen.o bpf_share.o services.o services1.o proctitle.o store.o kb.o share_fd.o hash_table_file.o openvas_ssh_login.o ranlib .libs/libopenvas.a creating libopenvas.la (cd .libs && rm -f libopenvas.la && ln -s ../libopenvas.la libopenvas.la) cd libopenvas_hg && make /bin/sh /opt/local/src/openvas-libraries-2.0.2/libtool --mode=compile gcc -pipe -DHAVE_CONFIG_H -I. -I/opt/local/src/openvas- libraries-2.0.2/include -I/usr/local/include -Wall -I../libopenvas -c hg_utils.c mkdir .libs gcc -pipe -DHAVE_CONFIG_H -I. -I/opt/local/src/openvas-libraries-2.0.2/ include -I/usr/local/include -Wall -I../libopenvas -c hg_utils.c -fno- common -DPIC -o .libs/hg_utils.o In file included from /opt/local/src/openvas-libraries-2.0.2/include/ libopenvas.h:48, from /opt/local/src/openvas-libraries-2.0.2/include/ includes.h:233, from hg_utils.c:19: ../libopenvas/network.h:30:27: error: gnutls/gnutls.h: No such file or directory In file included from /opt/local/src/openvas-libraries-2.0.2/include/ libopenvas.h:48, from /opt/local/src/openvas-libraries-2.0.2/include/ includes.h:233, from hg_utils.c:19: ../libopenvas/network.h:91: error: syntax error before '*' token ../libopenvas/network.h:91: warning: type defaults to 'int' in declaration of 'ovas_get_tlssession_from_connection' ../libopenvas/network.h:91: warning: data definition has no type or storage class make[1]: *** [hg_utils.o] Error 1 make: *** [all] Error 2 Thanks for any assistance. -- Jeff Simmons jsimmons at goblin.punk.net Simmons Consulting - Network Engineering, Administration, Security "You guys, I don't hear any noise. Are you sure you're doing it right?" -- My Life With The Thrill Kill Kult From jsimmons at goblin.punk.net Mon Jun 1 00:40:24 2009 From: jsimmons at goblin.punk.net (Jeff Simmons) Date: Sun, 31 May 2009 15:40:24 -0700 Subject: [Openvas-discuss] CPPFLAGS problem - Mac OS X In-Reply-To: <200905311521.02503.jsimmons@goblin.punk.net> References: <200905300655.24083.jsimmons@goblin.punk.net> <200905311521.02503.jsimmons@goblin.punk.net> Message-ID: <200905311540.24216.jsimmons@goblin.punk.net> s/compile/configure On Sunday 31 May 2009 15:21, Jeff Simmons wrote: > I managed to get this past the ./compile stage (it helps to remember that > -l and -I look identical in my mailreader). But the make is dying in an > unusual way, and with only a rudimentary knowledge of C I don't know what > to make of it. -- Jeff Simmons jsimmons at goblin.punk.net Simmons Consulting - Network Engineering, Administration, Security "You guys, I don't hear any noise. Are you sure you're doing it right?" -- My Life With The Thrill Kill Kult From sujith at poornam.com Mon Jun 1 09:24:50 2009 From: sujith at poornam.com (Sujith Mohan K) Date: Mon, 1 Jun 2009 12:54:50 +0530 Subject: [Openvas-discuss] SLAD with Openvas Message-ID: <200906011254.50369.sujith@poornam.com> Hi, I was trying hard to get SLAD results into Openvas-client report section ... I have setup SLAD as per documentations in : http://www.openvas.org/using-slad.html The connection looks fine from the Openvas server and target server logs and also from tcpdump.... But, the SLAD (chkrootkit, john, etc) reports are not added into the report generated after running a scan on target server. Please if some one have suggestion on what more to check it will be of great help... Regards, -- Sujith Mohan K Poornam Info Vision DISCLAIMER : This email and any files transmitted with it are property of Poornam Info Vision Pvt. Ltd. This email contains confidential information intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender immediately and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. Warning: Although the company has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments. From jan-oliver.wagner at intevation.de Mon Jun 1 23:36:59 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Mon, 1 Jun 2009 23:36:59 +0200 Subject: [Openvas-discuss] CPPFLAGS problem - Mac OS X In-Reply-To: <200905311521.02503.jsimmons@goblin.punk.net> References: <200905300655.24083.jsimmons@goblin.punk.net> <200905311521.02503.jsimmons@goblin.punk.net> Message-ID: <200906012336.59422.jan-oliver.wagner@intevation.de> On Monday 01 June 2009 00:21:02 Jeff Simmons wrote: > Anyone have any ideas about what's going on here, and is this the kind of > thing I should file a bug report for? The complete sequence: yes, I'd say this qualifies for a bug report. AFAIKT, noone of the active developers does us a MacOS X. Thus it was not being systematically tested for this platform. I could imagine several more problem that will occure with using MacOS X. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From michael.wiegand at intevation.de Tue Jun 2 08:18:56 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Tue, 2 Jun 2009 08:18:56 +0200 Subject: [Openvas-discuss] Please confirm md5sum In-Reply-To: <200905301749.52509.hans.ullrich@loop.de> References: <200905301626.16425.hans.ullrich@loop.de> <20090530154426.GA4433@m2.homelinux.org> <200905301749.52509.hans.ullrich@loop.de> Message-ID: <20090602061856.GZ13489@intevation.de> * Hans-J. Ullrich [30. May 2009]: > Am Samstag 30 Mai 2009 schrieb Michael Meyer: > > *** Hans-J. Ullrich wrote: > > > I synced all the plugins using openvas-nvt-sync and it is telling me, > > > md5sum is not o.k. > > > > > > I suppose, the tranmission was o.k. (as I synced several times!), so > > > might it be, that the source of md5sum on your server is wrong? It would > > > be nice, if you could check this and deny or confirm this. > > > > Confirm. ;-) md5sum of the file 'md5sums' is not ok. > > thanks for the info! I additionally found no package, which might cause the > fault. So everyone can use it without any fear of security holes or crash. > > Nice to know! Thanks for the info again. Michael Meyer was of course right. The md5sum of the file 'md5sums' before the feed update was inadvertently included in the 'md5sums' file and was of course wrong. As Hans-J. suggested, no scripts were affected in any way as you check for yourself using the correct md5sums of the scripts. I apologize for any inconvenience, I'll try to find the cause of this bug. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090602/be7f7ca3/attachment.pgp From Jan-Oliver.Wagner at greenbone.net Tue Jun 2 12:41:00 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Tue, 2 Jun 2009 12:41:00 +0200 Subject: [Openvas-discuss] Greenbone Security Feed: last month for early birds Message-ID: <200906021241.01734.Jan-Oliver.Wagner@greenbone.net> Hello, not sure whether everyone is aware, but lots of contributions to OpenVAS result out of Greenbone (www.greenbone.net) activities who offer the Greenbone Security Feed[1]. This is to inform those people who are interested in a professional Feed Service that the "early-bird" deduction will end by end of June. [1] http://www.greenbone.net/solutions/gbn_feed.html Best regards -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From michael.wiegand at intevation.de Tue Jun 2 14:26:36 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Tue, 2 Jun 2009 14:26:36 +0200 Subject: [Openvas-discuss] CPPFLAGS problem - Mac OS X In-Reply-To: <200905300655.24083.jsimmons@goblin.punk.net> References: <200905300655.24083.jsimmons@goblin.punk.net> Message-ID: <20090602122636.GA2694@intevation.de> * Jeff Simmons [30. May 2009]: > Trying to compile openvas (specifically openvas-libraries-2.0.2) on a Mac > (10.5.8) using Mac Ports to add necessary libraries. Mac Ports puts files > into /opt/local/include and /opt/local/lib, so I should need something like: > > LDFLAGS=-L/opt/local/lib > CPPFLAGS=-l/opt/local/include > > The CPPFLAGS environmental variable crashes the ./configure script with the > message: "C compiler cannot create executables". Without it, make can't find > the necessary header files (specifically for gnutls). > > Anyone have any suggestions on this? Parts of the compile environment have the tendency to silently lose FLAGS. This is due to existing templates and Makefiles. We have fixed it in a number of places, looks like you just discovered a new one. Could you file a bug report for that? Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090602/43fa20f5/attachment.pgp From matt.bellizzi at gmail.com Tue Jun 2 20:49:48 2009 From: matt.bellizzi at gmail.com (Matthew Bellizzi) Date: Tue, 2 Jun 2009 11:49:48 -0700 Subject: [Openvas-discuss] Login failed Message-ID: <181916ee0906021149m6694f212u587ecec469397398@mail.gmail.com> Hello I'm trying to figure something out here. So I'm trying to run openvasd on a ubuntu 8.10 box. I downloaded the source packages and got them to compile cleanly. I ran the openvasd-adduser script but, it never exits cleanly. It hangs right after the is this correct prompt y/n. I'm trying to login from another machine. I connect from the remote machine and it downloads the openvasd cert and displys it correctly but, I then get a Login failed. I have a feeling it's sometype of pathing problem betwwen the adduser script and openvasd. Any ideas? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090602/dc2842d4/attachment.htm From Jan-Oliver.Wagner at greenbone.net Wed Jun 3 09:44:55 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Wed, 3 Jun 2009 09:44:55 +0200 Subject: [Openvas-discuss] Login failed In-Reply-To: <181916ee0906021149m6694f212u587ecec469397398@mail.gmail.com> References: <181916ee0906021149m6694f212u587ecec469397398@mail.gmail.com> Message-ID: <200906030944.56207.Jan-Oliver.Wagner@greenbone.net> On Dienstag, 2. Juni 2009, Matthew Bellizzi wrote: > I'm trying to figure something out here. So I'm trying to run openvasd on > a ubuntu 8.10 box. I downloaded the source packages and got them to > compile cleanly. I ran the openvasd-adduser script but, it never exits > cleanly. It hangs right after the is this correct prompt y/n. I'm > trying to login from another machine. I connect from the remote machine and > it downloads the openvasd cert and displys it correctly but, I then get a > Login failed. I have a feeling it's sometype of pathing problem betwwen > the adduser script and openvasd. Any ideas? the adduser script should not hang. Are you aware that you have to hit Ctrl-D to close the rules specification? Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From michael.wiegand at intevation.de Wed Jun 3 09:57:48 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Wed, 3 Jun 2009 09:57:48 +0200 Subject: [Openvas-discuss] Login failed In-Reply-To: <181916ee0906021149m6694f212u587ecec469397398@mail.gmail.com> References: <181916ee0906021149m6694f212u587ecec469397398@mail.gmail.com> Message-ID: <20090603075748.GA9960@intevation.de> * Matthew Bellizzi [ 2. Jun 2009]: > Hello > > I'm trying to figure something out here. So I'm trying to run openvasd on > a ubuntu 8.10 box. I downloaded the source packages and got them to > compile cleanly. I ran the openvasd-adduser script but, it never exits > cleanly. It hangs right after the is this correct prompt y/n. I'm > trying to login from another machine. I connect from the remote machine and > it downloads the openvasd cert and displys it correctly but, I then get a > Login failed. I have a feeling it's sometype of pathing problem betwwen > the adduser script and openvasd. Any ideas? I haven't tested the Ubuntu 8.10 packages yet, so I can only guess. If possible, could you answer the following questions: - Is the user directory created, i.e. does /var/lib/openvas/users/ exist? - Which client version are you using? The client packaged by Ubuntu (1.0.4) is not compatible with the server packaged by Ubuntu. - Does the command "df" take very long in your environment? Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090603/f4129662/attachment.pgp From matt.bellizzi at gmail.com Wed Jun 3 18:43:00 2009 From: matt.bellizzi at gmail.com (matt.bellizzi@gmail.com) Date: Wed, 03 Jun 2009 16:43:00 +0000 Subject: [Openvas-discuss] Login failed In-Reply-To: <20090603075748.GA9960@intevation.de> Message-ID: <001636458b94333162046b745a5b@google.com> Hey I figured it out. Must have been some type of lib problem. I rebooted my box and it all works now. Thanks everyone On Jun 3, 2009 12:57am, Michael Wiegand wrote: > * Matthew Bellizzi [ 2. Jun 2009]: > > Hello > > > > I'm trying to figure something out here. So I'm trying to run openvasd > on > > a ubuntu 8.10 box. I downloaded the source packages and got them to > > compile cleanly. I ran the openvasd-adduser script but, it never exits > > cleanly. It hangs right after the is this correct prompt y/n. I'm > > trying to login from another machine. I connect from the remote machine > and > > it downloads the openvasd cert and displys it correctly but, I then get > a > > Login failed. I have a feeling it's sometype of pathing problem betwwen > > the adduser script and openvasd. Any ideas? > I haven't tested the Ubuntu 8.10 packages yet, so I can only guess. If > possible, could you answer the following questions: > - Is the user directory created, ie does > /var/lib/openvas/users/ exist? > - Which client version are you using? The client packaged by Ubuntu > (1.0.4) is not compatible with the server packaged by Ubuntu. > - Does the command "df" take very long in your environment? > Regards, > Michael > -- > Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de > Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090603/2730803d/attachment.html From jjoske at nextdigital.com Thu Jun 4 02:06:36 2009 From: jjoske at nextdigital.com (John Joske) Date: Thu, 4 Jun 2009 10:06:36 +1000 Subject: [Openvas-discuss] running on freebsd Message-ID: <4DB589C0660D1442900051415FDBE5C00158F57D@exchange.wdg> I have installed OpenVas on FreeBSD 7.1 through the ports system. Everything seems to have installed fine, however when I try and start the server I get the following error: smb_nt.inc: No such file or directory Can anyone please point me the right direction on this configuration file as I can't find much info on it. Thanks, John Joske -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090604/38025faa/attachment.htm From jan-oliver.wagner at intevation.de Thu Jun 4 07:20:35 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Thu, 4 Jun 2009 07:20:35 +0200 Subject: [Openvas-discuss] running on freebsd In-Reply-To: <4DB589C0660D1442900051415FDBE5C00158F57D@exchange.wdg> References: <4DB589C0660D1442900051415FDBE5C00158F57D@exchange.wdg> Message-ID: <200906040720.35810.jan-oliver.wagner@intevation.de> Hello John, On Thursday 04 June 2009 02:06:36 John Joske wrote: > I have installed OpenVas on FreeBSD 7.1 through the ports system. > Everything seems to have installed fine, however when I try and start > the server I get the following error: > > smb_nt.inc: No such file or directory > > Can anyone please point me the right direction on this configuration > file as I can't find much info on it. Which version of openvas-libraries, openvas-libnasl, openvas-server and openvas-plugins are you using? In your /etc/openvas/openvasd.conf, there should be 2 parameters set: plugins_folder and include_folders Usually these should point to the same directory. Do you find many *.nasl and *.inc files in this directory? Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jsimmons at goblin.punk.net Thu Jun 4 19:52:03 2009 From: jsimmons at goblin.punk.net (Jeff Simmons) Date: Thu, 4 Jun 2009 10:52:03 -0700 Subject: [Openvas-discuss] CPPFLAGS problem - Mac OS X In-Reply-To: <20090602122636.GA2694@intevation.de> References: <200905300655.24083.jsimmons@goblin.punk.net> <20090602122636.GA2694@intevation.de> Message-ID: <200906041052.03534.jsimmons@goblin.punk.net> Any instructions on filing a bug report? A quick search of the openvas web site couldn't find one. Basically, here's the section where make fails for openvas-libraries. Near the end the /opt/local/include FLAG has disappeared: gcc -pipe -I../ -DHAVE_CONFIG_H -I. -I/opt/local/src/openvas- libraries-2.0.2/include -I/usr/local/include -I/opt/local/include/ glib-2.0 -I/opt/local/lib/glib-2.0/include -I/opt/local/include - DHAVE_CONFIG_H -g -Wall -c openvas_ssh_login.c -o openvas_ssh_login.o >/dev/null 2>&1 /bin/sh /opt/local/src/openvas-libraries-2.0.2/libtool gcc -pipe -L/ opt/local/lib -o libopenvas.la plugutils.lo system.lo network.lo resolve.lo arglists.lo ftp_funcs.lo scanners_utils.lo pcap.lo hlst.lo harglists.lo www_funcs.lo ids_send.lo rand.lo popen.lo bpf_share.lo services.lo services1.lo proctitle.lo store.lo kb.lo share_fd.lo hash_table_file.lo openvas_ssh_login.lo -lutil -lpcap -lgnutls - lresolv -L/usr/local/lib -L/opt/local/lib -lglib-2.0 -lintl -liconv -rpath /usr/local/lib \ -version-info 2:2:0 *** Warning: inferring the mode of operation is deprecated. *** Future versions of Libtool will require --mode=MODE be specified. gcc -dynamiclib ${wl}-flat_namespace ${wl}-undefined ${wl}suppress - o .libs/libopenvas.2.0.2.dylib .libs/plugutils.o .libs/system.o .libs/ network.o .libs/resolve.o .libs/arglists.o .libs/ftp_funcs.o .libs/ scanners_utils.o .libs/pcap.o .libs/hlst.o .libs/harglists.o .libs/ www_funcs.o .libs/ids_send.o .libs/rand.o .libs/popen.o .libs/ bpf_share.o .libs/services.o .libs/services1.o .libs/proctitle.o .libs/ store.o .libs/kb.o .libs/share_fd.o .libs/hash_table_file.o .libs/ openvas_ssh_login.o -L/opt/local/lib -lutil -lpcap /opt/local/lib/ libgnutls.dylib /opt/local/lib/libtasn1.dylib /opt/local/lib/ libz.dylib /opt/local/lib/libgcrypt.dylib /opt/local/lib/libgpg- error.dylib -lresolv -L/usr/local/lib /opt/local/lib/ libglib-2.0.dylib /opt/local/lib/libintl.dylib /opt/local/lib/ libiconv.dylib -install_name /usr/local/lib/libopenvas.2.dylib -Wl,- compatibility_version -Wl,3 -Wl,-current_version -Wl,3.2 ld: warning, duplicate dylib /opt/local/lib/libz.1.dylib (cd .libs && rm -f libopenvas.2.dylib && ln -s libopenvas.2.0.2.dylib libopenvas.2.dylib) (cd .libs && rm -f libopenvas.dylib && ln -s libopenvas.2.0.2.dylib libopenvas.dylib) ar cru .libs/libopenvas.a plugutils.o system.o network.o resolve.o arglists.o ftp_funcs.o scanners_utils.o pcap.o hlst.o harglists.o www_funcs.o ids_send.o rand.o popen.o bpf_share.o services.o services1.o proctitle.o store.o kb.o share_fd.o hash_table_file.o openvas_ssh_login.o ranlib .libs/libopenvas.a creating libopenvas.la (cd .libs && rm -f libopenvas.la && ln -s ../libopenvas.la libopenvas.la) cd libopenvas_hg && make /bin/sh /opt/local/src/openvas-libraries-2.0.2/libtool --mode=compile gcc -pipe -DHAVE_CONFIG_H -I. -I/opt/local/src/openvas- libraries-2.0.2/include -I/usr/local/include -Wall -I../libopenvas -c hg_utils.c mkdir .libs gcc -pipe -DHAVE_CONFIG_H -I. -I/opt/local/src/openvas-libraries-2.0.2/ include -I/usr/local/include -Wall -I../libopenvas -c hg_utils.c -fno- common -DPIC -o .libs/hg_utils.o In file included from /opt/local/src/openvas-libraries-2.0.2/include/ libopenvas.h:48, from /opt/local/src/openvas-libraries-2.0.2/include/ includes.h:233, from hg_utils.c:19: ../libopenvas/network.h:30:27: error: gnutls/gnutls.h: No such file or directory In file included from /opt/local/src/openvas-libraries-2.0.2/include/ libopenvas.h:48, from /opt/local/src/openvas-libraries-2.0.2/include/ includes.h:233, from hg_utils.c:19: ../libopenvas/network.h:91: error: syntax error before '*' token ../libopenvas/network.h:91: warning: type defaults to 'int' in declaration of 'ovas_get_tlssession_from_connection' ../libopenvas/network.h:91: warning: data definition has no type or storage class make[1]: *** [hg_utils.o] Error 1 make: *** [all] Error 2 On Tuesday 02 June 2009 05:26, Michael Wiegand wrote: > * Jeff Simmons [30. May 2009]: > > Trying to compile openvas (specifically openvas-libraries-2.0.2) on a Mac > > (10.5.8) using Mac Ports to add necessary libraries. Mac Ports puts files > > into /opt/local/include and /opt/local/lib, so I should need something > > like: > > > > LDFLAGS=-L/opt/local/lib > > CPPFLAGS=-l/opt/local/include > > > > The CPPFLAGS environmental variable crashes the ./configure script with > > the message: "C compiler cannot create executables". Without it, make > > can't find the necessary header files (specifically for gnutls). > > > > Anyone have any suggestions on this? > > Parts of the compile environment have the tendency to silently lose > FLAGS. This is due to existing templates and Makefiles. We have fixed it > in a number of places, looks like you just discovered a new one. > > Could you file a bug report for that? > > Regards, > > Michael -- Jeff Simmons jsimmons at goblin.punk.net Simmons Consulting - Network Engineering, Administration, Security "You guys, I don't hear any noise. Are you sure you're doing it right?" -- My Life With The Thrill Kill Kult From jsimmons at goblin.punk.net Thu Jun 4 20:21:04 2009 From: jsimmons at goblin.punk.net (Jeff Simmons) Date: Thu, 4 Jun 2009 11:21:04 -0700 Subject: [Openvas-discuss] Porting openvas to the Mac (OS X) In-Reply-To: <471172AF-4776-4CF2-ACEE-8678C95C073A@macports.org> References: <200905290644.21821.jsimmons@goblin.punk.net> <200906020755.09521.jsimmons@goblin.punk.net> <471172AF-4776-4CF2-ACEE-8678C95C073A@macports.org> Message-ID: <200906041121.04615.jsimmons@goblin.punk.net> There's an interesting problem in getting openvas (specifically openvas-server) to run on the Mac. Background: bpf (Berkeley Packet Filter) is a pseudo-device (it's pretending to be a hardware device) residing in /dev. It's basically a way to access the datastream flowing through the ethernet card without actually accessing the ethernet card (usually at /dev/eth0 or similar) itself. Having multiple bpf's makes programs that are doing multiple things with the ethernet data stream, such as packet filters and network scanners, simpler to write and more efficient to run. A message when compiling openvas says that the program would like 100 bpf's. The Mac has 4. The message threatens dire consequences, such as missed scans, for limited bpf's. The assigned weapon in *nix systems for creating bpf's (or any other device node) is the program mknod. Running this program 96 times with the proper options (preferably via shell script ;-) successfully gives my MacBook 100 bpf's. But they don't persist - unlike other *nix systems I've used, they're gone after a reboot. So I either have to run that script on boot, or before launching openvas-server (it shouldn't affect the client). There are obvious implications for a mac port of openvas-server. -- Jeff Simmons jsimmons at goblin.punk.net Simmons Consulting - Network Engineering, Administration, Security "You guys, I don't hear any noise. Are you sure you're doing it right?" -- My Life With The Thrill Kill Kult From jan-oliver.wagner at intevation.de Thu Jun 4 22:11:07 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Thu, 4 Jun 2009 22:11:07 +0200 Subject: [Openvas-discuss] Porting openvas to the Mac (OS X) In-Reply-To: <200906041121.04615.jsimmons@goblin.punk.net> References: <200905290644.21821.jsimmons@goblin.punk.net> <471172AF-4776-4CF2-ACEE-8678C95C073A@macports.org> <200906041121.04615.jsimmons@goblin.punk.net> Message-ID: <200906042211.08382.jan-oliver.wagner@intevation.de> Hello Jeff, On Thursday 04 June 2009 20:21:04 Jeff Simmons wrote: > There's an interesting problem in getting openvas (specifically > openvas-server) to run on the Mac. > > Background: bpf (Berkeley Packet Filter) is a pseudo-device (it's > pretending to be a hardware device) residing in /dev. It's basically a way > to access the datastream flowing through the ethernet card without actually > accessing the ethernet card (usually at /dev/eth0 or similar) itself. > Having multiple bpf's makes programs that are doing multiple things with > the ethernet data stream, such as packet filters and network scanners, > simpler to write and more efficient to run. > > A message when compiling openvas says that the program would like 100 > bpf's. The Mac has 4. The message threatens dire consequences, such as > missed scans, for limited bpf's. > > The assigned weapon in *nix systems for creating bpf's (or any other device > node) is the program mknod. Running this program 96 times with the proper > options (preferably via shell script ;-) successfully gives my MacBook 100 > bpf's. But they don't persist - unlike other *nix systems I've used, > they're gone after a reboot. So I either have to run that script on boot, > or before launching openvas-server (it shouldn't affect the client). > > There are obvious implications for a mac port of openvas-server. the documentation says that max_concurrent_hosts * max_concurrent_plugins should no exceed the number of BPFs. So, if you set the params in openvasd.conf, you should be on the safe side. However, scans for many target systems can become slow. We removed BPF sharing some time ago, please see Change Request #5. Not sure what the real solution is nor whether there is (still) a real problem in openvas. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From info at secinfy.com Thu Jun 4 22:48:18 2009 From: info at secinfy.com (SECInfy Team) Date: Thu, 04 Jun 2009 21:48:18 +0100 Subject: [Openvas-discuss] Problem accessing openvas server Message-ID: <20090604214818.vtmlqhoirk0k00og@webmail.secinfy.com> Hi All, I am using Openvas 2.0.1 on Fedora 10. When I try to connect to OpenVAS server using openvas client, I am getting error "Remote host is not using the good version of the Nessus communication protocol (1.2) or is tcpwrapped" I also tried to connect to openvas server using nessuc command line client (Perl based nessus command line client version 1.2). I am getting different error "Cannot connect to the Nessus server running at 192.168.110.132, port 9390: Error while requesting NTP proto 1.1: at /usr/local/lib/perl5/site_perl/5.10.0/Net/Nessus/Client.pm line 152." Following are options which I am using with nessusc [root at ServerA ~]# nessusc --target=192.168.110.1 --host=192.168.110.132 --port=9390 --user=openvas --password=openvas --verbose Cannot connect to the Nessus server running at 192.168.110.132, port 9390: Error while requesting NTP proto 1.1: at /usr/local/lib/perl5/site_perl/5.10.0/Net/Nessus/Client.pm line 152. My ultimate goal is to run scan from command line using OpenVAS server. Can anyone please help me with this? Please let me know if you want any further detail to help me. Thanks, Hemil From geoff at galitz.org Thu Jun 4 22:59:57 2009 From: geoff at galitz.org (Geoff Galitz) Date: Thu, 4 Jun 2009 22:59:57 +0200 Subject: [Openvas-discuss] Problem accessing openvas server In-Reply-To: <20090604214818.vtmlqhoirk0k00og@webmail.secinfy.com> References: <20090604214818.vtmlqhoirk0k00og@webmail.secinfy.com> Message-ID: > > Hi All, > I am using Openvas 2.0.1 on Fedora 10. When I try to connect to > OpenVAS server using openvas client, I am getting error "Remote host > is not using the good version of the Nessus communication protocol > (1.2) or is tcpwrapped" My first thought is that your OpenVAS client is too old. You need a 2.x client to communicate with a 2.x server. That goes for both the GUI and CLI clients. What is the version of the GUI client you are trying to use? -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ From info at secinfy.com Thu Jun 4 23:13:01 2009 From: info at secinfy.com (SECInfy Team) Date: Thu, 04 Jun 2009 22:13:01 +0100 Subject: [Openvas-discuss] Problem accessing openvas server In-Reply-To: References: <20090604214818.vtmlqhoirk0k00og@webmail.secinfy.com> Message-ID: <20090604221301.xzdflsr3koowwwow@webmail.secinfy.com> HI geoff, I am using OpenVAS-Client 1.0.3 for UI which is I believe latest version of openvas client. About command line client, I think development of nessusc command line has been stopped long back and there is no new version of command line client. Please correct me if there are new versions of this clients. Thanks Quoting Geoff Galitz : > > > >> >> Hi All, >> I am using Openvas 2.0.1 on Fedora 10. When I try to connect to >> OpenVAS server using openvas client, I am getting error "Remote host >> is not using the good version of the Nessus communication protocol >> (1.2) or is tcpwrapped" > > > My first thought is that your OpenVAS client is too old. You need a 2.x > client to communicate with a 2.x server. That goes for both the GUI and CLI > clients. What is the version of the GUI client you are trying to use? > > > > -geoff > > > > --------------------------------- > Geoff Galitz > Blankenheim NRW, Germany > http://www.galitz.org/ > http://german-way.com/blog/ > > > > From geoff at galitz.org Thu Jun 4 23:23:25 2009 From: geoff at galitz.org (Geoff Galitz) Date: Thu, 4 Jun 2009 23:23:25 +0200 Subject: [Openvas-discuss] Problem accessing openvas server In-Reply-To: <20090604221301.xzdflsr3koowwwow@webmail.secinfy.com> References: <20090604214818.vtmlqhoirk0k00og@webmail.secinfy.com> <20090604221301.xzdflsr3koowwwow@webmail.secinfy.com> Message-ID: > HI geoff, > I am using OpenVAS-Client 1.0.3 for UI which is I believe latest > version of openvas client. > About command line client, I think development of nessusc command line > has been stopped long back and there is no new version of command line > client. The latest version of the client is 2.0.3. It might not be available via the FC repos. You can download and compile it directly from: http://wald.intevation.org/frs/?group_id=29&release_id=250 You can refer to the project website at http://openvas.org/ for more general information, as well. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ From geoff at galitz.org Thu Jun 4 23:30:45 2009 From: geoff at galitz.org (Geoff Galitz) Date: Thu, 4 Jun 2009 23:30:45 +0200 Subject: [Openvas-discuss] Problem accessing openvas server In-Reply-To: <20090604221301.xzdflsr3koowwwow@webmail.secinfy.com> References: <20090604214818.vtmlqhoirk0k00og@webmail.secinfy.com> <20090604221301.xzdflsr3koowwwow@webmail.secinfy.com> Message-ID: I think you can get current Fedora Core RPMs here: http://www.atomicorp.com/channels/atomic/fedora/ -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ From info at secinfy.com Fri Jun 5 00:38:13 2009 From: info at secinfy.com (SECInfy Team) Date: Thu, 04 Jun 2009 18:38:13 -0400 Subject: [Openvas-discuss] Problem accessing openvas server In-Reply-To: References: <20090604214818.vtmlqhoirk0k00og@webmail.secinfy.com> <20090604221301.xzdflsr3koowwwow@webmail.secinfy.com> Message-ID: <4A284CD5.8050703@secinfy.com> Hi, I installed latest version of openvas client and had following error. Server Error - 1.3.6.1.4.1.25623.1.0.100113 Xplode 'module_wrapper.asp' SQL Injection and Cross Site Scripting Vulnerabilities Client Invalid PLUGIN_INfo response from server Error while updating cache plugin information Login Failed Can you please help me with this? Thanks, Hemil Geoff Galitz wrote: > I think you can get current Fedora Core RPMs here: > > http://www.atomicorp.com/channels/atomic/fedora/ > > > -geoff > > > --------------------------------- > Geoff Galitz > Blankenheim NRW, Germany > http://www.galitz.org/ > http://german-way.com/blog/ > > > > > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.339 / Virus Database: 270.12.53/2154 - Release Date: 06/04/09 05:53:00 > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090604/ca79b7ff/attachment.html From salgatt at turtleshell.net Fri Jun 5 07:24:15 2009 From: salgatt at turtleshell.net (Scott Algatt) Date: Fri, 5 Jun 2009 01:24:15 -0400 Subject: [Openvas-discuss] ShellNET MiniVM Goes OpenVAS Message-ID: <4e0e17360906042224w68c3e214n3e9177001475c5ec@mail.gmail.com> I have converted my MiniVM from a Nessus appliance to an OpenVAS appliance. Read about the quick blurb on the ShellNET forum, http://groups.google.com/group/shellnet-minivm/topics Direct link to the announcement: http://groups.google.com/group/shellnet-minivm/browse_thread/thread/4b0d5b1b84a275e3 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090605/9c3efcc8/attachment.htm From michael.wiegand at intevation.de Fri Jun 5 08:17:22 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Fri, 5 Jun 2009 08:17:22 +0200 Subject: [Openvas-discuss] Fwd: New Live CD Distro integrating OpenVAS Message-ID: <20090605061722.GC28251@intevation.de> Hello, This message arrived through an intevation.de mailing list, I have taken the liberty of forwarding it here in case anyone is interested. Regards, Michael ----- Forwarded message from Clement Gam? ----- From: Clement Gam? Date: Thu, 04 Jun 2009 18:08:01 +0200 Subject: New Live CD Distro integrating OpenVAS Hi OpenVAS team, First, congrats for your beautiful security tool. Forking a big project like Nessus is something that requires lots of courrage. Next, i'm allowing myself to write this FYI mail to inform you that i started a fork of Backtrack 2 months ago, and that OpenVAS is integrated in it by default (and SAINT definitely removed ). The Distro is called shadowcircle, and the project URL is http://www.shadowcircle.org BTW keep up the good work. Best regards, Clement Game CEO digi-nation.com S.A.R.L 1 rue carnot 95300 Pontoise France +33.6.73.65.17.47 ----- End forwarded message ----- -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090605/eb2fb360/attachment.pgp From michael.wiegand at intevation.de Fri Jun 5 08:30:36 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Fri, 5 Jun 2009 08:30:36 +0200 Subject: [Openvas-discuss] Problem accessing openvas server In-Reply-To: <4A284CD5.8050703@secinfy.com> References: <20090604214818.vtmlqhoirk0k00og@webmail.secinfy.com> <20090604221301.xzdflsr3koowwwow@webmail.secinfy.com> <4A284CD5.8050703@secinfy.com> Message-ID: <20090605063036.GF28251@intevation.de> * SECInfy Team [ 5. Jun 2009]: > Hi, > I installed latest version of openvas client and had following error. > > Server > Error - 1.3.6.1.4.1.25623.1.0.100113 Xplode 'module_wrapper.asp' SQL > Injection and Cross Site Scripting Vulnerabilities > > Client > Invalid PLUGIN_INfo response from server > Error while updating cache plugin information > Login Failed > > Can you please help me with this? The script you mentioned was broken in the openvas-plugins 1.0.6 release and made both client and server cache unusable in some circumstances. The following steps will solve this issue: 1) Shut down openvasd. 2) Update your NVT collection by executing "openvas-nvt-sync" 3) Delete the server cache. (/var/cache/openvas/*) 4) Delete the client cache. (~/.openvas_nvt_cache and openvas_nvt_cache in the tasks/scopes beneath ~/.openvas/) 5) Start openvasd. 6) Connect to the server using the GUI or CLI client. Let me know if you have any questions or suggestions. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090605/9ca97039/attachment.pgp From info at secinfy.com Sat Jun 6 01:15:06 2009 From: info at secinfy.com (SECInfy Team) Date: Sat, 06 Jun 2009 00:15:06 +0100 Subject: [Openvas-discuss] Problem accessing openvas server In-Reply-To: <20090605063036.GF28251@intevation.de> References: <20090604214818.vtmlqhoirk0k00og@webmail.secinfy.com> <20090604221301.xzdflsr3koowwwow@webmail.secinfy.com> <4A284CD5.8050703@secinfy.com> <20090605063036.GF28251@intevation.de> Message-ID: <20090606001506.u992svj6kw8wgwg4@webmail.secinfy.com> Hi Michael, Thanks a ton for the help. it worked for me from UI. I was able to see command line options through -h option but can anyone please give me some link where I can find details with example for the same? If not, I will write one and send it to group. Thanks, Hemil Quoting Michael Wiegand : > * SECInfy Team [ 5. Jun 2009]: >> Hi, >> I installed latest version of openvas client and had following error. >> >> Server >> Error - 1.3.6.1.4.1.25623.1.0.100113 Xplode 'module_wrapper.asp' SQL >> Injection and Cross Site Scripting Vulnerabilities >> >> Client >> Invalid PLUGIN_INfo response from server >> Error while updating cache plugin information >> Login Failed >> >> Can you please help me with this? > > The script you mentioned was broken in the openvas-plugins 1.0.6 release > and made both client and server cache unusable in some circumstances. > > The following steps will solve this issue: > 1) Shut down openvasd. > 2) Update your NVT collection by executing "openvas-nvt-sync" > 3) Delete the server cache. (/var/cache/openvas/*) > 4) Delete the client cache. (~/.openvas_nvt_cache and openvas_nvt_cache > in the tasks/scopes beneath ~/.openvas/) > 5) Start openvasd. > 6) Connect to the server using the GUI or CLI client. > > Let me know if you have any questions or suggestions. > > Regards, > > Michael > > -- > Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de > Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > From felix.wolfsteller at intevation.de Mon Jun 8 09:49:55 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Mon, 8 Jun 2009 09:49:55 +0200 Subject: [Openvas-discuss] Definitive list of client preferences In-Reply-To: <83386960905010817mbdb9d1el3b515e379daf7c1e@mail.gmail.com> References: <83386960905010817mbdb9d1el3b515e379daf7c1e@mail.gmail.com> Message-ID: <200906080949.55255.felix.wolfsteller@intevation.de> Hi Shawn I just noticed OpenVAS-Client 's -q -p -P -S arguments. With them you will have sql statements for NVT info and their preferences created. The output looks reasonable to me. Btw, how is your project going? -- enjoy Felix On Friday 01 May 2009 17:17:34 Shawn Duffy wrote: > As I've mentioned before, I'm in the process of developing a web > frontend to OpenVAS. I'm currently working on building custom scan > templates and profiles. In order to do so, I need to be able to store > client preferences in the database. But I can't seem to find a > definitive list of the available client preferences. There is a list > in the OTP docs but it doesn't appear to be complete: > > http://www.openvas.org/compendium/otp-preferences.html > > Is there a definitive list somewhere of all the possible preferences a > client could send to the server? > > Thanks! > Shawn > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From michael.wiegand at intevation.de Tue Jun 9 08:16:26 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Tue, 9 Jun 2009 08:16:26 +0200 Subject: [Openvas-discuss] Problem accessing openvas server In-Reply-To: <20090606001506.u992svj6kw8wgwg4@webmail.secinfy.com> References: <20090604214818.vtmlqhoirk0k00og@webmail.secinfy.com> <20090604221301.xzdflsr3koowwwow@webmail.secinfy.com> <4A284CD5.8050703@secinfy.com> <20090605063036.GF28251@intevation.de> <20090606001506.u992svj6kw8wgwg4@webmail.secinfy.com> Message-ID: <20090609061626.GE9170@intevation.de> * SECInfy Team [ 6. Jun 2009]: > Hi Michael, > Thanks a ton for the help. it worked for me from UI. > > I was able to see command line options through -h option but can anyone > please give me some link where I can find details with example for the > same? If not, I will write one and send it to group. I'm afraid the -h option is the only help available right now besides the man pages. I agree that something like this would be helpful and make a good addition to the compendium. So yes, any help in that direction would be very much appreciated. :) If you have any questions regarding the commandline options, feel free to ask on the mailing lists or visit our IRC channel #openvas on irc.oftc.net. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090609/2ff2fc12/attachment.pgp From christian.edjenguele at owasp.org Thu Jun 11 19:55:43 2009 From: christian.edjenguele at owasp.org (Christian Eric Edjenguele) Date: Thu, 11 Jun 2009 19:55:43 +0200 Subject: [Openvas-discuss] Feature proposal Message-ID: <4A31451F.2010402@owasp.org> Hello, I dont no if there is always a post on this, but the question is: does it make sense implement a server-side routine to handle the report functions (security_note(), security_hole(),...) ? in order to exit the script if not explicitly specified in the code with exit(0). Since plugins are executed on server-side, I think it might increase robustness. -- Christian Eric Edjenguele IT Security Software Engineer / IT Enterprise Software Architect Mobile (IT): +39 3408580513 PGP KeyID: 0xB1654498 Key Server: http://pgp.mit.edu -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.9 (GNU/Linux) mQENBEmka7IBCAC5e8/9BlCZR/3XHMO4DWHYoewaODmQypHqPaCfKR+BLTAy8xLZ eVJ0wwNwaLheZeLPfBqu3r/lp58xJhgYHm9gzihfqPbmJh4Dibc/d2XL9UQ1eshs K0JkTlvZtdK5Zo5VmeOZCWlKEMXzlg6HjuYUV4qokqD3qIj6/rhubjtrjlw/XA8P 6pGOFhsDZFXbn+lj80XhRdkObMnmWU6wdgJvEPx1vxvhV9D1sJgZz6FVoXAfTOb3 EjYpluEKdDod46hhF45UJ4Avc8q4DaXxmci5Kdx9rzF2tbvB3Ua6O7l5RaMGNZR2 QtVY65xVxRfAYF+yE3n+YkFQxWGlqVIajry/ABEBAAG0WkNocmlzdGlhbiBFcmlj IEVESkVOR1VFTEUgKElUIFNlY3VyaXR5IFNvZnR3YXJlIEVuZ2luZWVyKSA8Y2hy aXN0aWFuLmVkamVuZ3VlbGVAb3dhc3Aub3JnPokBNgQTAQIAIAUCSaRrsgIbAwYL CQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJENETScWxZUSYS9QH+gOpYUPkon/D/eNm RLCbTaqJhSV6jRH9t+pomm6FiYgphCxDW96OpzA9BieiFEPHhVXAFcHkEBMlk/u0 wILqDNfBoZk3oCq0+/+Zc7z0zRZfgMHwB4czpqhUCrINEjLO0rb2Jff6Hh0C5S9w 8l+x9IiOG9hHNO8ftVr1sNHGDTAWNNZ+pcCt5ROhqiiqnZsvowO1TcDMKEGD9NTW BN+jLFGZRY9/MQsUkWoXBQ8K5S9AP1EPPbSTX68VTj0vINLTk2/XfsJlV9Vd9b7G NkhbAdrvujbqLHDSE3ALpx8sWKg2vPCUAxJJY6S6danpw/XPGKkpcSNfqn4k8sCV e+9MJSu5Ag0ESaRthQEQALEj8eO2WCRqhOHakHhpvGQ4tFEIDS6Z3mnBaNaMc9VM i89LNYvJOgOSnWvIu8EF6Ah+PnhOayb9E3wvH+0nfOwzp6XhDor7h8WLQNL+qzk3 cPxkxdfNDaQdyJclstUqa0nIaPOJgbIRs12N6bCxhAeOKffIkrIdDqjxshTI3S3z fq7choduX8tNHoFzIIl6T+4Q0QXMT8xu5MeBHr+vxlgqNUTWOQn6Q/B6QnrVzWDA gEq4Id45vN4j18iXGqMy8/xWQg3kRHaU563zx8u+7cjV81feMDbQiC6p6nqQHsD4 U07JIVDqjbJESLdeqju6HsNzYKohi/gxhsgouPXdFTrfgkWCklAGwqT7QE0ZnL/t SVC0xpmCLneXAxWGGo27zJKVJ1/iMUgi/i4R+u2K4eQbsBXXYwh0gSxwYReTyr+C 51ugKkvYjTy+U2Fedq3lXEVtnRV02zpO/LlpJR446jRAapVH+ZF9tGMoIHg5hATZ KEzGw9x19/wQSRumTvV0HAQ0lqWW9/0n2VuwI/Sh7YHQ2j/DhyF0blFrooGyIxd2 x5+Xu1PWlYwlUbu7ZsOw1V9cqL5yv5m+w4mL+h8ytHJHHL2Cg8/3qp/QxLT7CnfX fOHAjNxGkS/QfoxEhuSwigPi/Yd51wHcaOLyUdGceOZ79ciQtPgvCFdyrDrfDhSr ABEBAAGJAR8EGAECAAkFAkmkbYUCGwwACgkQ0RNJxbFlRJhbLAgAsCBA7KmGkTmQ mjPNA7Iig8tA5S9fYavbKydNQNxPpL47GLf9V3la4P2/LPLa3rH31Bt+ScfSqAKC 5/geB5BKwmQqRomsQpjhmrpBenPjYrUYG2dEB/BOMvOyvr3dTpWtAg5CwYYnHTNy yJn7dc7whiE94ZxqFdt58K0H5/H449/VHuCJue+uzy0ldrTK8VVpK6uGgrJc5kre 2bpdGVbALpC+yeNMyXCqgGigg9gu1iHXSSGgbQfW+AhsFpiN37fPq8zDNU2C8sp3 4Y45EYRmRCZ+0a9WSRnYALRZFdvjysKfRjP3o4Ax/d4cSi6v2pT93yfoA2TQMkLF E1MQObpE5A== =7VGF -----END PGP PUBLIC KEY BLOCK----- From michael.wiegand at intevation.de Fri Jun 12 10:34:57 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Fri, 12 Jun 2009 10:34:57 +0200 Subject: [Openvas-discuss] Feature proposal In-Reply-To: <4A31451F.2010402@owasp.org> References: <4A31451F.2010402@owasp.org> Message-ID: <20090612083457.GD7507@intevation.de> * Christian Eric Edjenguele [11. Jun 2009]: > Hello, > I dont no if there is always a post on this, but the question is: does > it make sense implement a server-side routine to handle the report > functions (security_note(), security_hole(),...) ? in order to exit the > script if not explicitly specified in the code with exit(0). I'm not quite sure if I understand what you mean by "server-side routine to handle the report functions". Could you provide an example? Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090612/cf6ee6c6/attachment.pgp From mime at gmx.de Fri Jun 12 10:42:12 2009 From: mime at gmx.de (Michael Meyer) Date: Fri, 12 Jun 2009 10:42:12 +0200 Subject: [Openvas-discuss] Feature proposal In-Reply-To: <4A31451F.2010402@owasp.org> References: <4A31451F.2010402@owasp.org> Message-ID: <20090612084212.GB2643@komma-nix.de> Hello Christian, *** Christian Eric Edjenguele wrote: > I dont no if there is always a post on this, but the question is: does > it make sense implement a server-side routine to handle the report > functions (security_note(), security_hole(),...) ? in order to exit the > script if not explicitly specified in the code with exit(0). There are NVTs which using 'security_*()' more than once. Such a routine would make this NVTs not work properly anymore. Micha From c_edjenguele at yahoo.it Fri Jun 12 13:28:30 2009 From: c_edjenguele at yahoo.it (Christian Eric EDJENGUELE) Date: Fri, 12 Jun 2009 11:28:30 +0000 (GMT) Subject: [Openvas-discuss] A kind of garbage collector ? In-Reply-To: References: Message-ID: <621857.69567.qm@web28608.mail.ukl.yahoo.com> > ------------------------------ > > Message: 2 > Date: Fri, 12 Jun 2009 10:34:57 +0200 > From: Michael Wiegand > Subject: Re: [Openvas-discuss] Feature proposal > To: Christian Eric Edjenguele > Cc: openvas-discuss at wald.intevation.org > Message-ID: <20090612083457.GD7507 at intevation.de> > Content-Type: text/plain; charset="iso-8859-15" > > * Christian Eric Edjenguele [11. Jun 2009]: > > Hello, > > I dont no if there is always a post on this, but the question is: does > > it make sense implement a server-side routine to handle the report > > functions (security_note(), security_hole(),...) ? in order to exit the > > script if not explicitly specified in the code with exit(0). > > I'm not quite sure if I understand what you mean by "server-side routine > to handle the report functions". Could you provide an example? yes, just think abbout a Garbage Collector > Regards, > > Michael > > Message: 3 > Date: Fri, 12 Jun 2009 10:42:12 +0200 > From: Michael Meyer > Subject: Re: [Openvas-discuss] Feature proposal > To: openvas-discuss at wald.intevation.org > Message-ID: <20090612084212.GB2643 at komma-nix.de> > Content-Type: text/plain; charset=iso-8859-1 > > Hello Christian, > > *** Christian Eric Edjenguele wrote: > > I dont no if there is always a post on this, but the question is: does > > it make sense implement a server-side routine to handle the report > > functions (security_note(), security_hole(),...) ? in order to exit the > > script if not explicitly specified in the code with exit(0). > > There are NVTs which using 'security_*()' more than once. Such a > routine would make this NVTs not work properly anymore. > as I said, I should be use as an event handler only and only if exit(0) is not explicitly specified in the code I repeat, I dont no if it makes sense. > Micha > > > ------------------------------ > > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > > > End of Openvas-discuss Digest, Vol 29, Issue 10 > *********************************************** From michael.wiegand at intevation.de Fri Jun 12 14:17:46 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Fri, 12 Jun 2009 14:17:46 +0200 Subject: [Openvas-discuss] Feature proposal In-Reply-To: <20090612084212.GB2643@komma-nix.de> References: <4A31451F.2010402@owasp.org> <20090612084212.GB2643@komma-nix.de> Message-ID: <20090612121746.GF7507@intevation.de> * Michael Meyer [12. Jun 2009]: > *** Christian Eric Edjenguele wrote: > > I dont no if there is always a post on this, but the question is: does > > it make sense implement a server-side routine to handle the report > > functions (security_note(), security_hole(),...) ? in order to exit the > > script if not explicitly specified in the code with exit(0). > > There are NVTs which using 'security_*()' more than once. Such a > routine would make this NVTs not work properly anymore. Ah, now I understand what Christian Eric meant. :) Yes, mime is correct, a script might use security_* more than once or might want to output a security_note and a debug_message containing background information. Or it might want to execute additional code after it has sent a message. I think recognizing when an exit might be appropriate would mean adding quite an amount of logic to the parser. I'd rather like to see that energy going into improving existing scripts than changing the parser to compensate for bad programming styles. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090612/7ed77e54/attachment.pgp From vivekumasuthan at ruggedcom.com Wed Jun 17 18:30:01 2009 From: vivekumasuthan at ruggedcom.com (Vivek Umasuthan) Date: Wed, 17 Jun 2009 12:30:01 -0400 Subject: [Openvas-discuss] Scan duration : unknown (ping_host.nasl not launched?) Message-ID: <6DDBE5621293434D9E66429533B6A23106455FB7@rcserver3.ruggedcom.local> Hi, I am a new here, so pardon me if I am asking about something that has already been resolved. I have installed and am running OpenVAS on Debian Lenny. I ran a scan against a router. I wanted to specifically do a TCP SYN scan. Once the scan was complete and I looked at the report, there is this message under the "information about the scan" section which says "Scan duration : unknown (ping_host.nasl not launched?)". I looked into [My OpenVAS Directory]/lib/openvas/plugins/ and couldn't find any NASL called 'ping_host.nasl'. Is this a problem? Can I get this file somewhere? Did TCP SYN scan actually happen? Any help is appreciated. Thanks, Vivek Umasuthan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090617/751e55e9/attachment.htm From bchandra at secpod.com Thu Jun 18 06:53:29 2009 From: bchandra at secpod.com (Chandrashekhar B) Date: Thu, 18 Jun 2009 10:23:29 +0530 Subject: [Openvas-discuss] Scan duration : unknown (ping_host.nasl notlaunched?) In-Reply-To: <6DDBE5621293434D9E66429533B6A23106455FB7@rcserver3.ruggedcom.local> References: <6DDBE5621293434D9E66429533B6A23106455FB7@rcserver3.ruggedcom.local> Message-ID: Hello Vivek, Please ignore that message, ping_host.nasl is not there in the Plugins repository, we'll remove the specific log message, ?Scan duration : unknown (ping_host.nasl not launched?)? Are you selecting synscan port scanner? I never got any report from this specific scanner, you could select nmap scanner and in the Preferences, enable SYN scan. Thanks, Chandra. ________________________________________ From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Vivek Umasuthan Sent: Wednesday, June 17, 2009 10:00 PM To: openvas-discuss at wald.intevation.org Subject: [Openvas-discuss] Scan duration : unknown (ping_host.nasl notlaunched?) Hi, I am a new here, so pardon me if I am asking about something that has already been resolved. I have installed and am running ?OpenVAS on Debian Lenny. I ran a scan against a router. I wanted to specifically do a TCP SYN scan. Once the scan was complete and I looked at the report, there is this message under the ?information about the scan? section which says ?Scan duration : unknown (ping_host.nasl not launched?)?. I looked into [My OpenVAS Directory]/lib/openvas/plugins/ and couldn?t find any NASL called ?ping_host.nasl?. Is this a problem? Can I get this file somewhere? Did TCP SYN scan actually happen? ? Any help is appreciated. Thanks, Vivek Umasuthan From vivekumasuthan at ruggedcom.com Thu Jun 18 17:23:36 2009 From: vivekumasuthan at ruggedcom.com (Vivek Umasuthan) Date: Thu, 18 Jun 2009 11:23:36 -0400 Subject: [Openvas-discuss] FW: Scan duration : unknown (ping_host.nasl notlaunched?) Message-ID: <6DDBE5621293434D9E66429533B6A231064567F8@rcserver3.ruggedcom.local> Hi Chandra, Please ignore the previous message. I figured out how to get nmap to show up. This time I selected nmap, disabled OpenVAS TCP Scanner and enabled SYN scan (all under general settings). However, I still see the message "Scan duration : unknown (ping_host.nasl not launched?)". I think the scan itself is fine since tcpdump shows a lot of TCP traffic with the SYN bit set. I haven't found a way to completely disable all other plugins and just do a SYN scan so I can be sure that the SYN scan is done properly. I have copied a section of the report below in case it would be helpful. -------------------------- OPENVAS REPORT ---------------------------------- Reported by NVT "Information about the scan" (1.3.6.1.4.1.25623.1.0.19506): Information about this scan : OpenVAS version : 2.0.1 Plugin feed version : 200906180810 Type of plugin feed : OpenVAS NVT Feed Scanner IP : 192.168.1.254 Port scanner(s) : nmap synscan Port range : default Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : no Max hosts : 20 Max checks : 4 Scan duration : unknown (ping_host.nasl not launched?) -------------------------- OPENVAS REPORT ---------------------------------- Thanks Vivek -----Original Message----- From: Vivek Umasuthan Sent: June-18-09 10:11 AM To: 'Chandrashekhar B' Subject: RE: [Openvas-discuss] Scan duration : unknown (ping_host.nasl notlaunched?) Hi Chandra, I selected TCP SYN scan in the general settings. I haven't tried using nmap for the same though. I will do that today and see what happens. Where do I select nmap? I don't seem to be able to find any settings related to that anywhere on the client. My report has the scan information here: 192.168.1.1 |_______ general/tcp |_________ Security Note I can also send you a copy of the whole report if you prefer. Thanks for the help. Vivek > -----Original Message----- > From: Chandrashekhar B [mailto:bchandra at secpod.com] > Sent: June-18-09 12:53 AM > To: Vivek Umasuthan; openvas-discuss at wald.intevation.org > Subject: RE: [Openvas-discuss] Scan duration : unknown (ping_host.nasl > notlaunched?) > > Hello Vivek, > > Please ignore that message, ping_host.nasl is not there in the Plugins > repository, we'll remove the specific log message, > > "Scan duration : unknown (ping_host.nasl not launched?)" > > Are you selecting synscan port scanner? I never got any report from this > specific scanner, you could select nmap scanner and in the Preferences, > enable SYN scan. > > Thanks, > Chandra. > > ________________________________________ > From: openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Vivek > Umasuthan > Sent: Wednesday, June 17, 2009 10:00 PM > To: openvas-discuss at wald.intevation.org > Subject: [Openvas-discuss] Scan duration : unknown (ping_host.nasl > notlaunched?) > > Hi, > I am a new here, so pardon me if I am asking about something that has > already been resolved. I have installed and am running ?OpenVAS on Debian > Lenny. I ran a scan against a router. I wanted to specifically do a TCP > SYN > scan. Once the scan was complete and I looked at the report, there is this > message under the "information about the scan" section which says "Scan > duration : unknown (ping_host.nasl not launched?)". I looked into [My > OpenVAS Directory]/lib/openvas/plugins/ and couldn't find any NASL called > 'ping_host.nasl'. Is this a problem? Can I get this file somewhere? Did > TCP > SYN scan actually happen? > > Any help is appreciated. > > Thanks, > Vivek Umasuthan From bchandra at secpod.com Fri Jun 19 06:55:55 2009 From: bchandra at secpod.com (Chandrashekhar B) Date: Fri, 19 Jun 2009 10:25:55 +0530 Subject: [Openvas-discuss] Scan duration : unknown (ping_host.nasl notlaunched?) In-Reply-To: <6DDBE5621293434D9E66429533B6A231064567F8@rcserver3.ruggedcom.local> References: <6DDBE5621293434D9E66429533B6A231064567F8@rcserver3.ruggedcom.local> Message-ID: <3FC290E546404C1A9EE82938FD53334C@bchandra> Vivek, I think in my previous mail, I mentioned to ignore that ping_host.nasl related message. There's an issue in one of the plugin which is reporting that message falsely and ping_host.nasl is not there in the plugins repository. If you are able to get the report, scan is fine. Thanks, Chandra. -----Original Message----- From: Vivek Umasuthan [mailto:vivekumasuthan at ruggedcom.com] Sent: Thursday, June 18, 2009 8:54 PM To: Chandrashekhar B Cc: openvas-discuss at wald.intevation.org Subject: FW: [Openvas-discuss] Scan duration : unknown (ping_host.nasl notlaunched?) Hi Chandra, Please ignore the previous message. I figured out how to get nmap to show up. This time I selected nmap, disabled OpenVAS TCP Scanner and enabled SYN scan (all under general settings). However, I still see the message "Scan duration : unknown (ping_host.nasl not launched?)". I think the scan itself is fine since tcpdump shows a lot of TCP traffic with the SYN bit set. I haven't found a way to completely disable all other plugins and just do a SYN scan so I can be sure that the SYN scan is done properly. I have copied a section of the report below in case it would be helpful. -------------------------- OPENVAS REPORT ---------------------------------- Reported by NVT "Information about the scan" (1.3.6.1.4.1.25623.1.0.19506): Information about this scan : OpenVAS version : 2.0.1 Plugin feed version : 200906180810 Type of plugin feed : OpenVAS NVT Feed Scanner IP : 192.168.1.254 Port scanner(s) : nmap synscan Port range : default Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : no Max hosts : 20 Max checks : 4 Scan duration : unknown (ping_host.nasl not launched?) -------------------------- OPENVAS REPORT ---------------------------------- Thanks Vivek -----Original Message----- From: Vivek Umasuthan Sent: June-18-09 10:11 AM To: 'Chandrashekhar B' Subject: RE: [Openvas-discuss] Scan duration : unknown (ping_host.nasl notlaunched?) Hi Chandra, I selected TCP SYN scan in the general settings. I haven't tried using nmap for the same though. I will do that today and see what happens. Where do I select nmap? I don't seem to be able to find any settings related to that anywhere on the client. My report has the scan information here: 192.168.1.1 |_______ general/tcp |_________ Security Note I can also send you a copy of the whole report if you prefer. Thanks for the help. Vivek > -----Original Message----- > From: Chandrashekhar B [mailto:bchandra at secpod.com] > Sent: June-18-09 12:53 AM > To: Vivek Umasuthan; openvas-discuss at wald.intevation.org > Subject: RE: [Openvas-discuss] Scan duration : unknown (ping_host.nasl > notlaunched?) > > Hello Vivek, > > Please ignore that message, ping_host.nasl is not there in the Plugins > repository, we'll remove the specific log message, > > "Scan duration : unknown (ping_host.nasl not launched?)" > > Are you selecting synscan port scanner? I never got any report from this > specific scanner, you could select nmap scanner and in the Preferences, > enable SYN scan. > > Thanks, > Chandra. > > ________________________________________ > From: openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Vivek > Umasuthan > Sent: Wednesday, June 17, 2009 10:00 PM > To: openvas-discuss at wald.intevation.org > Subject: [Openvas-discuss] Scan duration : unknown (ping_host.nasl > notlaunched?) > > Hi, > I am a new here, so pardon me if I am asking about something that has > already been resolved. I have installed and am running ?OpenVAS on Debian > Lenny. I ran a scan against a router. I wanted to specifically do a TCP > SYN > scan. Once the scan was complete and I looked at the report, there is this > message under the "information about the scan" section which says "Scan > duration : unknown (ping_host.nasl not launched?)". I looked into [My > OpenVAS Directory]/lib/openvas/plugins/ and couldn't find any NASL called > 'ping_host.nasl'. Is this a problem? Can I get this file somewhere? Did > TCP > SYN scan actually happen? > > Any help is appreciated. > > Thanks, > Vivek Umasuthan From jfs at computer.org Thu Jun 25 01:05:38 2009 From: jfs at computer.org (Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?=) Date: Thu, 25 Jun 2009 01:05:38 +0200 Subject: [Openvas-discuss] Discontinuing openvas-plugins tarball? In-Reply-To: <20090423081146.GB11585@intevation.de> References: <20090423081146.GB11585@intevation.de> Message-ID: <20090624230538.GB16138@javifsp.no-ip.org> On Thu, Apr 23, 2009 at 10:11:46AM +0200, Michael Wiegand wrote: > I would like your opinions regarding the following issues: > > - What would be the consequences of discontinuing the tarball release? > There should not be installations which use only the tarball and never > sync, should there? No tarball means no package in the distributions. People using a distribution (such as Debian / Ubuntu cds) with no or limited Internet access would not be able to get plugins and, consequentely, would have a mostly useless tool. > - What mechanisms should be available for users who cannot sync using > rsync due to restrictions on firewall or proxy level? Full download of the content using HTTP(s) which (typically) is something allowed through corporate proxies (even if limited through user / password). > - Should openvasd force an initial sync during installation or just > display a notice that a sync is need to use OpenVAS? It should only display a notice. Plugin updates should always be driven by administrators. My 2c, Regards Javier -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090625/1d25c005/attachment.pgp From jfs at computer.org Thu Jun 25 01:22:03 2009 From: jfs at computer.org (Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?=) Date: Thu, 25 Jun 2009 01:22:03 +0200 Subject: [Openvas-discuss] Web based Reporter tool In-Reply-To: <1240517487.10188.16.camel@LADY> References: <1240517487.10188.16.camel@LADY> Message-ID: <20090624232203.GC16138@javifsp.no-ip.org> On Thu, Apr 23, 2009 at 09:11:27PM +0100, Tim Mehmet wrote: > I'm not planning to take these scripts any further, though I am thinking > of doing something with MySQL, something a bit more powerful than static > files!. A long time ago (2005!) I coorinated the development of a Nessus a MySQL / PostgreSQL integration package which included: - a database schema for all information from scans - a patch for Nessus (server) to update a MySQL / PostgreSQL database throughout the scan - scripts to parse the reports so that they could be introduced in an SQL database. All this was included in Nessus' CVS NESSUS_SQL branch, if this is of interest for OpenVAS I can forward the patches to the list. Regards Javier From salgatt at turtleshell.net Thu Jun 25 01:37:44 2009 From: salgatt at turtleshell.net (Scott Algatt) Date: Wed, 24 Jun 2009 19:37:44 -0400 Subject: [Openvas-discuss] Web based Reporter tool In-Reply-To: <20090624232203.GC16138@javifsp.no-ip.org> References: <1240517487.10188.16.camel@LADY> <20090624232203.GC16138@javifsp.no-ip.org> Message-ID: <4e0e17360906241637q5f698531rc952b6e8be8a711@mail.gmail.com> I had been working on some of the same and put it all together in a vmware appliance. Please feel free to check this one. My site: http://www.turtleshell.net MiniVM Download: http://turtleshell.net/index.php?option=com_remository&Itemid=43&func=select&id=1 Any comments, suggestions, problems, complaints would be welcome. I built into it the ability to "call home" so that I could send out updates when bugs are discovered. -Scott 2009/6/24 Javier Fern?ndez-Sanguino Pe?a > On Thu, Apr 23, 2009 at 09:11:27PM +0100, Tim Mehmet wrote: > > I'm not planning to take these scripts any further, though I am thinking > > of doing something with MySQL, something a bit more powerful than static > > files!. > > A long time ago (2005!) I coorinated the development of a Nessus a MySQL / > PostgreSQL integration package which included: > > - a database schema for all information from scans > - a patch for Nessus (server) to update a MySQL / PostgreSQL database > throughout the scan > - scripts to parse the reports so that they could be introduced in an SQL > database. > > All this was included in Nessus' CVS NESSUS_SQL branch, if this is of > interest for OpenVAS I can forward the patches to the list. > > Regards > > Javier > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20090624/7d6d0535/attachment.htm From felix.wolfsteller at intevation.de Mon Jun 29 11:06:45 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Mon, 29 Jun 2009 11:06:45 +0200 Subject: [Openvas-discuss] Web based Reporter tool In-Reply-To: <20090624232203.GC16138@javifsp.no-ip.org> References: <1240517487.10188.16.camel@LADY> <20090624232203.GC16138@javifsp.no-ip.org> Message-ID: <200906291106.45892.felix.wolfsteller@intevation.de> On Thursday 25 June 2009 01:22:03 Javier Fern?ndez-Sanguino Pe?a wrote: > On Thu, Apr 23, 2009 at 09:11:27PM +0100, Tim Mehmet wrote: > > I'm not planning to take these scripts any further, though I am thinking > > of doing something with MySQL, something a bit more powerful than static > > files!. > > A long time ago (2005!) I coorinated the development of a Nessus a MySQL / > PostgreSQL integration package which included: > > - a database schema for all information from scans > - a patch for Nessus (server) to update a MySQL / PostgreSQL database > throughout the scan > - scripts to parse the reports so that they could be introduced in an SQL > database. > > All this was included in Nessus' CVS NESSUS_SQL branch, if this is of > interest for OpenVAS I can forward the patches to the list. I do not know the state of nessus as of 2005 but I guess that OpenVAS is heading in a different direction than what nessus was headed to back than. However I think these patches could be of good value, so please keep them hot. Do you have any document describing what should have been done? -- Felix -- Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From salgatt at turtleshell.net Mon Jun 29 12:46:07 2009 From: salgatt at turtleshell.net (Scott Algatt) Date: Mon, 29 Jun 2009 06:46:07 -0400 Subject: [Openvas-discuss] Web based Reporter tool In-Reply-To: <200906291106.45892.felix.wolfsteller@intevation.de> References: <1240517487.10188.16.camel@LADY> <20090624232203.GC16138@javifsp.no-ip.org> <200906291106.45892.felix.wolfsteller@intevation.de> Message-ID: <4e0e17360906290346q3c57caaaqfdf6fd2cc6c90e85@mail.gmail.com> The call home feature is for patches to anything on the vmware appliance. Nothing specifically for nessus or openvas. On 6/29/09, Felix Wolfsteller wrote: > On Thursday 25 June 2009 01:22:03 Javier Fern?ndez-Sanguino Pe?a wrote: >> On Thu, Apr 23, 2009 at 09:11:27PM +0100, Tim Mehmet wrote: >> > I'm not planning to take these scripts any further, though I am >> > thinking >> > of doing something with MySQL, something a bit more powerful than >> > static >> > files!. >> >> A long time ago (2005!) I coorinated the development of a Nessus a MySQL >> / >> PostgreSQL integration package which included: >> >> - a database schema for all information from scans >> - a patch for Nessus (server) to update a MySQL / PostgreSQL database >> throughout the scan >> - scripts to parse the reports so that they could be introduced in an SQL >> database. >> >> All this was included in Nessus' CVS NESSUS_SQL branch, if this is of >> interest for OpenVAS I can forward the patches to the list. > > I do not know the state of nessus as of 2005 but I guess that OpenVAS is > heading in a different direction than what nessus was headed to back than. > > However I think these patches could be of good value, so please keep them > hot. > > Do you have any document describing what should have been done? > > -- Felix > > -- > Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/ > PGP Key: 39DE0100 > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B > 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss >