From jsullivan at opensourcedevel.com Mon Nov 2 20:07:47 2009 From: jsullivan at opensourcedevel.com (John A. Sullivan III) Date: Mon, 02 Nov 2009 14:07:47 -0500 Subject: [Openvas-discuss] OpenNMS problem Message-ID: <1257188867.6669.14.camel@jaspav.missionsit.net.missionsit.net> Hello, all. This is a caution to anyone using OpenNMS to poll OpenVAS. We used the OpenNMS tcp monitor to poll the openvasd service availability. For some reason, the polling mechanism causes openvasd to spawn multiple copies of itself which then proceed to consume all CPU cycles. As soon as we disabled the poll, the problem went away - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan at opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society From deJongm at TEOCO.com Fri Nov 20 20:09:57 2009 From: deJongm at TEOCO.com (de Jong, Mark-Jan) Date: Fri, 20 Nov 2009 14:09:57 -0500 Subject: [Openvas-discuss] openvasd cannot find tools with toolcheck Message-ID: <5E3DCAE61C95FA4397679425D7275D260FBF9F6B@HQ-MX03.us.teo.earth> Hello, I've just installed the latest version of Openvas (2.0.3) on CentOS 5.4 and upon performing scan, I constantly get the error that it cannot find a version on Nmap > 4. I currently have Nmap version 4.11 installed and an wondering why it's not being found. Also, What do I need to install to get WMI functionality. I currently have wmic but am not sure if that's correct. Any help would be appreciated. Thanks, M -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20091120/1d18853c/attachment.html From bchandra at secpod.com Sat Nov 21 10:44:18 2009 From: bchandra at secpod.com (Chandrashekhar B) Date: Sat, 21 Nov 2009 15:14:18 +0530 Subject: [Openvas-discuss] openvasd cannot find tools with toolcheck In-Reply-To: <5E3DCAE61C95FA4397679425D7275D260FBF9F6B@HQ-MX03.us.teo.earth> References: <5E3DCAE61C95FA4397679425D7275D260FBF9F6B@HQ-MX03.us.teo.earth> Message-ID: <4DB7E82EEE014EFFA39F5E1F0BD4EF45@bchandra> Hello Mark, Please make sure that NMAP is in the PATH and you are able to run "nmap -V". WMI functionality is not available with OpenVAS 2.x version. If you want to scan Windows Local Security checks, you need to supply SMB credentials. Thanks, Chandra. _____ From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of de Jong, Mark-Jan Sent: Saturday, November 21, 2009 12:40 AM To: openvas-discuss at wald.intevation.org Subject: [Openvas-discuss] openvasd cannot find tools with toolcheck Hello, I've just installed the latest version of Openvas (2.0.3) on CentOS 5.4 and upon performing scan, I constantly get the error that it cannot find a version on Nmap > 4. I currently have Nmap version 4.11 installed and an wondering why it's not being found. Also, What do I need to install to get WMI functionality. I currently have wmic but am not sure if that's correct. Any help would be appreciated. Thanks, M -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20091121/b5729505/attachment.htm From Jan-Oliver.Wagner at greenbone.net Mon Nov 23 08:37:09 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Mon, 23 Nov 2009 08:37:09 +0100 Subject: [Openvas-discuss] Make download links on OpenVAS homepage more direct? Message-ID: <200911230837.10316.Jan-Oliver.Wagner@greenbone.net> Hello, I think we should better make the download links on the homepage directly link the tar.gz files. For many users it seems not so easy to find the right tar ball in the list. We can add a link at the bottom of the download box such as "More downloads". The original reason for indirect links was that OpenVAS maintained some installer packages. This is not done anymore since most distributions have adopted OpenVAS . Any concerns with changing the links? Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck AG Osnabr?ck, HR B 202460 | Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From michael.wiegand at intevation.de Mon Nov 23 08:43:35 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Mon, 23 Nov 2009 08:43:35 +0100 Subject: [Openvas-discuss] Make download links on OpenVAS homepage more direct? In-Reply-To: <200911230837.10316.Jan-Oliver.Wagner@greenbone.net> References: <200911230837.10316.Jan-Oliver.Wagner@greenbone.net> Message-ID: <4B0A3D27.4080302@intevation.de> Jan-Oliver Wagner wrote: > I think we should better make the download links > on the homepage directly link the tar.gz files. > > Any concerns with changing the links? None at all, I like the idea. That would certainly save a number of clicks and avoid confusion. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From geoff at galitz.org Mon Nov 23 09:51:59 2009 From: geoff at galitz.org (Geoff Galitz) Date: Mon, 23 Nov 2009 09:51:59 +0100 Subject: [Openvas-discuss] Make download links on OpenVAS homepage more direct? In-Reply-To: <4B0A3D27.4080302@intevation.de> References: <200911230837.10316.Jan-Oliver.Wagner@greenbone.net> <4B0A3D27.4080302@intevation.de> Message-ID: <0DF4F34BF4644F6A8A0C02E749A6532A@geoffPC> A most excellent user friendly idea. Might I suggest (and perhaps this is what you are already thinking) that we remove the current download link section on the sidebar of the homepage and replace it with direct links to the appropriate tarball and label them as current. Then we can add the "more downloads" link which points to the wald download area so users can get a specific package if they need it. Keeping it simple. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss- > bounces at wald.intevation.org] On Behalf Of Michael Wiegand > Sent: Montag, 23. November 2009 08:44 > To: openvas-discuss at wald.intevation.org > Subject: Re: [Openvas-discuss] Make download links on OpenVAS homepage > more direct? > > Jan-Oliver Wagner wrote: > > I think we should better make the download links > > on the homepage directly link the tar.gz files. > > > > Any concerns with changing the links? > > None at all, I like the idea. That would certainly save a number of clicks > and > avoid confusion. > > Regards, > > Michael > > -- > Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de > Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss From Jan-Oliver.Wagner at greenbone.net Thu Nov 26 12:47:24 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Thu, 26 Nov 2009 12:47:24 +0100 Subject: [Openvas-discuss] Any missing deps and missing incs resolved(?) Message-ID: <200911261247.25664.Jan-Oliver.Wagner@greenbone.net> Hi, AFAIKT, any missing dependency and any missing include has been resolved now. I think it is time to remov this entry from the FAQ as it creates some headache to people: " Why does OpenVAS complain that certain plugins are missing when they seem to be available? Licensing issues." Now that we got rid of the old stuff, we won't introduce new NVTs with licensing issues. Unless anyone still observes such problems with the current feed, I suggest we can declare this part of coping with history as resolved (and remove the FAQ entry). Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From geoff at galitz.org Thu Nov 26 13:12:20 2009 From: geoff at galitz.org (Geoff Galitz) Date: Thu, 26 Nov 2009 13:12:20 +0100 Subject: [Openvas-discuss] Any missing deps and missing incs resolved(?) In-Reply-To: <200911261247.25664.Jan-Oliver.Wagner@greenbone.net> References: <200911261247.25664.Jan-Oliver.Wagner@greenbone.net> Message-ID: <2892E8836D1C426BBA95AC32800D6BB5@geoffPC> > I think it is time to remov this entry from the FAQ as it creates some > headache to people: > > " Why does OpenVAS complain that certain plugins are missing when they > seem to be available? > > Licensing issues." > > Now that we got rid of the old stuff, we won't introduce new NVTs with > licensing issues. > > Unless anyone still observes such problems with the current feed, I > suggest > we can declare this part of coping with history as resolved (and remove > the FAQ entry > AFAIKT, any missing dependency and any missing include > has been resolved now. I'd suggest that rather than removing it, changing the answer to something like: "You are running an old version of OpenVAS with various licensing and technical issues relating to legacy code. Please upgrade to OpenVAS 3.x which does not have this issue." There are people who are still running OpenVAS 1.x without knowing it as parts of older Linux distributions and older virtual applications; so they'll still see these problems (as well as 2.x users) and this is a straight-forward answer and will get them off of those older platforms. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ From goran.licina at lss.hr Thu Nov 26 13:03:52 2009 From: goran.licina at lss.hr (=?iso-8859-2?Q?Goran_Li=E8ina?=) Date: Thu, 26 Nov 2009 13:03:52 +0100 Subject: [Openvas-discuss] Any missing deps and missing incs resolved(?) References: <200911261247.25664.Jan-Oliver.Wagner@greenbone.net> Message-ID: <8A02A3DF683DEE42BE73187F4CA4444C163DD1@vlasta.lss-net.lss.hr> > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas- > discuss-bounces at wald.intevation.org] On Behalf Of Jan-Oliver Wagner > Sent: Thursday, November 26, 2009 12:47 PM > To: openvas-discuss at wald.intevation.org > Subject: [Openvas-discuss] Any missing deps and missing incs > resolved(?) > > Hi, > > AFAIKT, any missing dependency and any missing include > has been resolved now. > > I think it is time to remov this entry from the FAQ as it creates some > headache to people: > > " Why does OpenVAS complain that certain plugins are missing when they > seem to be available? > > Licensing issues." > > Now that we got rid of the old stuff, we won't introduce new NVTs with > licensing issues. > > Unless anyone still observes such problems with the current feed, I > suggest > we can declare this part of coping with history as resolved (and remove > the FAQ entry). > > Best > > Jan > Hi, the only unresolved missing dep is smb_enum_services.nasl. We are working on it. However we are having trouble finding appropriate literature and/or protocol definitions for DCE/RPC over SMB and are stuck a little bit. Any help/materials/literature is appreciated? Thanks, Goran Licina -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb From michael.meyer at intevation.de Thu Nov 26 13:15:39 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Thu, 26 Nov 2009 13:15:39 +0100 Subject: [Openvas-discuss] Any missing deps and missing incs resolved(?) In-Reply-To: <200911261247.25664.Jan-Oliver.Wagner@greenbone.net> References: <200911261247.25664.Jan-Oliver.Wagner@greenbone.net> Message-ID: <20091126121539.GA14122@komma-nix.de> *** Jan-Oliver Wagner wrote: > AFAIKT, any missing dependency and any missing include > has been resolved now. smb_enum_services.nasl is the last one which is missing. Goran&Co. (LSS) are working on these plugin. In a fresh installation (or after deleting the cache) you get warned about slad.inc if you don't have SLAD installed. "slad.inc: Not able to open nor to locate it in include paths" Should we add a "dummy" slad.inc to the feed to avoid this warning? Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From geoff at galitz.org Thu Nov 26 13:34:47 2009 From: geoff at galitz.org (Geoff Galitz) Date: Thu, 26 Nov 2009 13:34:47 +0100 Subject: [Openvas-discuss] Any missing deps and missing incs resolved(?) In-Reply-To: <2892E8836D1C426BBA95AC32800D6BB5@geoffPC> References: <200911261247.25664.Jan-Oliver.Wagner@greenbone.net> <2892E8836D1C426BBA95AC32800D6BB5@geoffPC> Message-ID: <3B3F1DB78DFE447688D88D9BCF72F656@geoffPC> > > I'd suggest that rather than removing it, changing the answer to something > like: "You are running an old version of OpenVAS with various licensing > and > technical issues relating to legacy code. Please upgrade to OpenVAS 3.x > which does not have this issue." > > There are people who are still running OpenVAS 1.x without knowing it as > parts of older Linux distributions and older virtual applications; so > they'll still see these problems (as well as 2.x users) and this is a > straight-forward answer and will get them off of those older platforms. > I left something out of my point, in these above cases the users may still be using an older set of plugins that have not been updated as part of these OpenVAS 1.x and 2.x packages, simply because they are a new user to OpenVAS relying on their Linux distros and integrated applications. They are unaware of the need to sync their plugins. The new FAQ answer would reflect that. So here is a question... do all of the new plugins still work in the older OpenVAS versions all the way back to 1.x? -geoff From michael.wiegand at intevation.de Thu Nov 26 14:08:25 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Thu, 26 Nov 2009 14:08:25 +0100 Subject: [Openvas-discuss] Any missing deps and missing incs resolved(?) In-Reply-To: <20091126121539.GA14122@komma-nix.de> References: <200911261247.25664.Jan-Oliver.Wagner@greenbone.net> <20091126121539.GA14122@komma-nix.de> Message-ID: <4B0E7DC9.7090008@intevation.de> Michael Meyer wrote: > In a fresh installation (or after deleting the cache) you get warned > about slad.inc if you don't have SLAD installed. > > "slad.inc: Not able to open nor to locate it in include paths" > > Should we add a "dummy" slad.inc to the feed to avoid this warning? This issue is about to be fixed, I'm currently working on a general slad.inc which should enter the SVN and the feeds very soon. Regards Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From Jan-Oliver.Wagner at greenbone.net Thu Nov 26 14:54:51 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Thu, 26 Nov 2009 14:54:51 +0100 Subject: [Openvas-discuss] CPE to replace KB identifiers for products? Message-ID: <200911261454.53657.Jan-Oliver.Wagner@greenbone.net> Hi, some of you might have noticed that we introduced CPE based features such as Inventory and Policy checks. In cpe.inc you find a translation table from current KB entries to CPE. It will further grow. I am convinced that it makes sense to use CPE also internally whenever possible. A good thing about it is that CVEs are always associated with the respective CPEs so it should get even easier to generate/develop CVE-based alerts. Opinions, concerns are welcome before we go into writing a Change Request. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From Jan-Oliver.Wagner at greenbone.net Fri Nov 27 12:03:17 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Fri, 27 Nov 2009 12:03:17 +0100 Subject: [Openvas-discuss] Any missing deps and missing incs resolved(?) In-Reply-To: <2892E8836D1C426BBA95AC32800D6BB5@geoffPC> References: <200911261247.25664.Jan-Oliver.Wagner@greenbone.net> <2892E8836D1C426BBA95AC32800D6BB5@geoffPC> Message-ID: <200911271203.18658.Jan-Oliver.Wagner@greenbone.net> On Donnerstag, 26. November 2009, Geoff Galitz wrote: > I'd suggest that rather than removing it, changing the answer to something > like: "You are running an old version of OpenVAS with various licensing and > technical issues relating to legacy code. Please upgrade to OpenVAS 3.x > which does not have this issue." I don't think this is adequate. The general rule is: If you have NVTs that seem to have problems of any type, first thing is to ensure you have updated the Feed to the latest state -- because fixes and improvements come in on a daily basis. It never makes sense to complain about NVT problems with an outdated feed. > There are people who are still running OpenVAS 1.x without knowing it as > parts of older Linux distributions and older virtual applications; so > they'll still see these problems (as well as 2.x users) and this is a > straight-forward answer and will get them off of those older platforms. See above. You need a feed update! Apart from that, if you interested in running OpenVAS seriously, users should consider a platform that carries at least 2.0. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From Jan-Oliver.Wagner at greenbone.net Fri Nov 27 12:05:17 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Fri, 27 Nov 2009 12:05:17 +0100 Subject: [Openvas-discuss] Any missing deps and missing incs resolved(?) In-Reply-To: <3B3F1DB78DFE447688D88D9BCF72F656@geoffPC> References: <200911261247.25664.Jan-Oliver.Wagner@greenbone.net> <2892E8836D1C426BBA95AC32800D6BB5@geoffPC> <3B3F1DB78DFE447688D88D9BCF72F656@geoffPC> Message-ID: <200911271205.19610.Jan-Oliver.Wagner@greenbone.net> On Donnerstag, 26. November 2009, Geoff Galitz wrote: > So here is a question... do all of the new plugins still work in the older > OpenVAS versions all the way back to 1.x? 1.x retires January 14th 2010. Once this happened, the feed is open for changes that will break a 1.0 installation. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From michael.wiegand at intevation.de Fri Nov 27 15:27:24 2009 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Fri, 27 Nov 2009 15:27:24 +0100 Subject: [Openvas-discuss] Make download links on OpenVAS homepage more direct? In-Reply-To: <200911230837.10316.Jan-Oliver.Wagner@greenbone.net> References: <200911230837.10316.Jan-Oliver.Wagner@greenbone.net> Message-ID: <4B0FE1CC.8020200@intevation.de> Jan-Oliver Wagner wrote: > I think we should better make the download links > on the homepage directly link the tar.gz files. Since there were no objections I went ahead and changed most of the download links to point directly to the tarballs. The only place where I left the indirect link is the compendium since there are indeed multiple packages of the same version (source, HTML, PDF). Let me know if there are any issues. Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner