From michiele at info.nl Thu Oct 1 13:53:50 2009 From: michiele at info.nl (Michiel van Es) Date: Thu, 1 Oct 2009 13:53:50 +0200 Subject: [Openvas-discuss] Some OpenVAS questions Message-ID: <4AC4984E.9070802@info.nl> Hello, First of all I would like to say thank you for such a nice open source and free alternative for Nessus. I am using OpenVAS with the OpenVAS-client to scan my networks but are there any tools like Inprotect to manage these scans? I see Autonessus but is there also a tool which can create pie charts or pdf's. The html is very very nice but I want to create a report over the last month, year etc and pie charts and some nice graps help convincing my management ;) Thanks in advance and again: thanks for such a nice tool! Kind regards, Michiel From Jan-Oliver.Wagner at greenbone.net Thu Oct 1 17:01:07 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Thu, 1 Oct 2009 17:01:07 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4AC4984E.9070802@info.nl> References: <4AC4984E.9070802@info.nl> Message-ID: <200910011701.10458.Jan-Oliver.Wagner@greenbone.net> Hello, On Donnerstag, 1. Oktober 2009, Michiel van Es wrote: > First of all I would like to say thank you for such a nice open source > and free alternative for Nessus. thanks! > I am using OpenVAS with the OpenVAS-client to scan my networks but are > there any tools like Inprotect to manage these scans? > I see Autonessus but is there also a tool which can create pie charts or > pdf's. > The html is very very nice but I want to create a report over the last > month, year etc and pie charts and some nice graps help convincing my > management ;) Many OpenVAS users dump the results into a database and create their own reporting mechanism based on this. Greenbone is currently working on the "Greenbone Security Assistant" (gsa) which should support in this direction as a web front end. However, the backend for this is openvas-manager. All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From michiele at info.nl Thu Oct 1 17:11:30 2009 From: michiele at info.nl (Michiel van Es) Date: Thu, 1 Oct 2009 17:11:30 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <200910011701.10458.Jan-Oliver.Wagner@greenbone.net> References: <4AC4984E.9070802@info.nl> <200910011701.10458.Jan-Oliver.Wagner@greenbone.net> Message-ID: <4AC4C6A2.5050903@info.nl> -------- Original Message -------- Subject: Re: [Openvas-discuss] Some OpenVAS questions From: Jan-Oliver Wagner To: openvas-discuss at wald.intevation.org Date: 10/01/2009 05:01 PM > Hello, > > On Donnerstag, 1. Oktober 2009, Michiel van Es wrote: >> First of all I would like to say thank you for such a nice open source >> and free alternative for Nessus. > > thanks! :) > >> I am using OpenVAS with the OpenVAS-client to scan my networks but are >> there any tools like Inprotect to manage these scans? >> I see Autonessus but is there also a tool which can create pie charts or >> pdf's. >> The html is very very nice but I want to create a report over the last >> month, year etc and pie charts and some nice graps help convincing my >> management ;) > > Many OpenVAS users dump the results into a database and create their > own reporting mechanism based on this. Hmm would be nice if users share it with the community (so OpenVAS can grow bigger and have more potential). > > Greenbone is currently working on the "Greenbone Security Assistant" (gsa) > which should support in this direction as a web front end. > However, the backend for this is openvas-manager. Greenbone is a paid solution right? If so I can also pay a Nessus professional feed license and use Nessus with Inprotect. I am looking for a free as in free beer solution :) Sorry but my company is on a low budget that is why I am looking for free beer alternatives ;) > > All the best > Regards, Michiel > Jan > From tanishk.lakhaani at mca.gov.in Thu Oct 1 15:17:01 2009 From: tanishk.lakhaani at mca.gov.in (tanishk lakhaani) Date: Thu, 1 Oct 2009 18:47:01 +0530 Subject: [Openvas-discuss] unale to rsync NVT's Message-ID: <1818c8cd00001f07@mca.gov.in> Hi Everybody!!! I am unable to use the openvas-nvt-sync script to get the NVT's for my OpenVas Server from its upstream server. As a result of this my Scan results are not very much descriptive. Requested to suggest a remedy for this. Regards Tanishk Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20091001/d63b924f/attachment.html From michael.meyer at intevation.de Thu Oct 1 17:33:23 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Thu, 1 Oct 2009 17:33:23 +0200 Subject: [Openvas-discuss] unale to rsync NVT's In-Reply-To: <1818c8cd00001f07@mca.gov.in> References: <1818c8cd00001f07@mca.gov.in> Message-ID: <20091001153323.GA1690@komma-nix.de> Hi, *** tanishk lakhaani wrote: > I am unable to use the openvas-nvt-sync script to get the NVT's for my > OpenVas Server from its upstream server. Please give us more information. What exactly is your problem with openvas-nvt-sync? Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From Jan-Oliver.Wagner at greenbone.net Thu Oct 1 18:15:37 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Thu, 1 Oct 2009 18:15:37 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4AC4C6A2.5050903@info.nl> References: <4AC4984E.9070802@info.nl> <200910011701.10458.Jan-Oliver.Wagner@greenbone.net> <4AC4C6A2.5050903@info.nl> Message-ID: <200910011815.39004.Jan-Oliver.Wagner@greenbone.net> On Donnerstag, 1. Oktober 2009, Michiel van Es wrote: > >> I am using OpenVAS with the OpenVAS-client to scan my networks but are > >> there any tools like Inprotect to manage these scans? > >> I see Autonessus but is there also a tool which can create pie charts or > >> pdf's. > >> The html is very very nice but I want to create a report over the last > >> month, year etc and pie charts and some nice graps help convincing my > >> management ;) > > > > Many OpenVAS users dump the results into a database and create their > > own reporting mechanism based on this. > > Hmm would be nice if users share it with the community (so OpenVAS can > grow bigger and have more potential). usually, these are very specific solutions for the needs of the respective companies. > > Greenbone is currently working on the "Greenbone Security Assistant" (gsa) > > which should support in this direction as a web front end. > > However, the backend for this is openvas-manager. > > Greenbone is a paid solution right? gsa is released under GNU GPLv2+. Not all in public SVN yet, but in progress. But yes, Greenbone offers also a supported Feed (Greenbone Security Feed) and a supported platform (Greenbone Security Manager). > If so I can also pay a Nessus > professional feed license and use Nessus with Inprotect. Thats up to you. Apart from technical aspects, one difference is that Greenbone is strictly oriented towards Free Software. Buying Greenbone means to ensure support and have us produce more Free Software ;-) > I am looking for a free as in free beer solution :) > Sorry but my company is on a low budget that is why I am looking for > free beer alternatives ;) "Free beer" is relative. I hope you are paid for getting a scanner to work :-) Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From michiele at info.nl Thu Oct 1 18:17:45 2009 From: michiele at info.nl (Michiel van Es) Date: Thu, 1 Oct 2009 18:17:45 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <3559E9E82A6F7649839E87450376F49101449F@dc1.gsti.int> References: <4AC4984E.9070802@info.nl><200910011701.10458.Jan-Oliver.Wagner@greenbone.net> <4AC4C6A2.5050903@info.nl> <3559E9E82A6F7649839E87450376F49101449F@dc1.gsti.int> Message-ID: <4AC4D629.8020408@info.nl> -------- Original Message -------- Subject: [Openvas-discuss] Some OpenVAS questions From: Robert Rich To: Michiel van Es , Jan-Oliver Wagner Date: 10/01/2009 05:51 PM > I _think_ the reason for the dearth of options in this space is that as > soon as someone comes up with something interesting, they turn it into a > commercial service. Consider that Nessus has been around for over 10 > years and you still have very little to choose from. > > My suggestion would be to try out Inprotect and/or Autonessus to run the > scans, parse the results and store the data, and then use your own > reporting tools on top of that to get the output format and content you > are after. There are some incredibly advanced open source reporting and > business intelligence tools (Pentaho comes to mind), or you can use > whatever may already be in place at your organization. Regardless, > there *is* going to be some work on your end, possibly a significant > amount of it, but there are enough pieces and parts out there today that > you don't have to do it from scratch. Yes I will try to ask the Inprotect guys if they can change it or give mesome tips :) Alienvault is also using an Openvas web based tool , I can try them also. > > Good luck! > Thanks! Michiel > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org on behalf of Michiel > van Es > Sent: Thu 10/1/2009 11:11 AM > To: Jan-Oliver Wagner > Cc: openvas-discuss at wald.intevation.org > Subject: Re: [Openvas-discuss] Some OpenVAS questions > > > > -------- Original Message -------- > Subject: Re: [Openvas-discuss] Some OpenVAS questions > From: Jan-Oliver Wagner > To: openvas-discuss at wald.intevation.org > > Date: 10/01/2009 05:01 PM > >> Hello, >> >> On Donnerstag, 1. Oktober 2009, Michiel van Es wrote: >>> First of all I would like to say thank you for such a nice open source >>> and free alternative for Nessus. >> >> thanks! > > :) > >> >>> I am using OpenVAS with the OpenVAS-client to scan my networks but are >>> there any tools like Inprotect to manage these scans? >>> I see Autonessus but is there also a tool which can create pie charts or >>> pdf's. >>> The html is very very nice but I want to create a report over the last >>> month, year etc and pie charts and some nice graps help convincing my >>> management ;) >> >> Many OpenVAS users dump the results into a database and create their >> own reporting mechanism based on this. > > Hmm would be nice if users share it with the community (so OpenVAS can > grow bigger and have more potential). > >> >> Greenbone is currently working on the "Greenbone Security Assistant" (gsa) >> which should support in this direction as a web front end. >> However, the backend for this is openvas-manager. > > Greenbone is a paid solution right? If so I can also pay a Nessus > professional feed license and use Nessus with Inprotect. > I am looking for a free as in free beer solution :) > Sorry but my company is on a low budget that is why I am looking for > free beer alternatives ;) > >> >> All the best >> > Regards, > > Michiel > >> Jan >> > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > From michiele at info.nl Thu Oct 1 18:22:43 2009 From: michiele at info.nl (Michiel van Es) Date: Thu, 1 Oct 2009 18:22:43 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <200910011815.39004.Jan-Oliver.Wagner@greenbone.net> References: <4AC4984E.9070802@info.nl> <200910011701.10458.Jan-Oliver.Wagner@greenbone.net> <4AC4C6A2.5050903@info.nl> <200910011815.39004.Jan-Oliver.Wagner@greenbone.net> Message-ID: <4AC4D753.4040005@info.nl> -------- Original Message -------- Subject: Re: [Openvas-discuss] Some OpenVAS questions From: Jan-Oliver Wagner To: openvas-discuss at wald.intevation.org Date: 10/01/2009 06:15 PM > On Donnerstag, 1. Oktober 2009, Michiel van Es wrote: >>>> I am using OpenVAS with the OpenVAS-client to scan my networks but are >>>> there any tools like Inprotect to manage these scans? >>>> I see Autonessus but is there also a tool which can create pie charts or >>>> pdf's. >>>> The html is very very nice but I want to create a report over the last >>>> month, year etc and pie charts and some nice graps help convincing my >>>> management ;) >>> Many OpenVAS users dump the results into a database and create their >>> own reporting mechanism based on this. >> Hmm would be nice if users share it with the community (so OpenVAS can >> grow bigger and have more potential). > > usually, these are very specific solutions for the needs of the respective > companies. yes and no: a nice web interface for customers or users to scan their hosts is a universal thing: look at Inprotect. > >>> Greenbone is currently working on the "Greenbone Security Assistant" (gsa) >>> which should support in this direction as a web front end. >>> However, the backend for this is openvas-manager. >> Greenbone is a paid solution right? > > gsa is released under GNU GPLv2+. Not all in public SVN yet, but in progress. > > But yes, Greenbone offers also a supported Feed (Greenbone Security Feed) and a supported > platform (Greenbone Security Manager). Ah that sounds nice :) I wait for the svn version then :) > >> If so I can also pay a Nessus >> professional feed license and use Nessus with Inprotect. > > Thats up to you. > Apart from technical aspects, one difference is that Greenbone > is strictly oriented towards Free Software. Buying Greenbone > means to ensure support and have us produce more Free Software ;-) Offcourse I understand that, same with Red Hat. The problem is more the financial part that not every manager wants to pay but still wants to have a nice clean interface where he can see the scan results for free.. > >> I am looking for a free as in free beer solution :) >> Sorry but my company is on a low budget that is why I am looking for >> free beer alternatives ;) > > "Free beer" is relative. I hope you are paid for getting a scanner to work :-) I get paid yes ;) but my company decides to not invest in proferssional feeds and support and want a cheap solution. I can understand people saying: that is *bs* : want the best but don't want to pay. I am just saying that it would be nice to have an Inprotect alike interface for OpenVAS for users to make some nice graphs. If something goes wrong; they can pay for the support for example. I keep you guys also updated about my Inprotect work (when I got some spare time) > > Best Regards, Michiel > > Jan > From imac at netstatz.com Thu Oct 1 19:24:55 2009 From: imac at netstatz.com (Ian MacDonald) Date: Thu, 01 Oct 2009 13:24:55 -0400 Subject: [Openvas-discuss] How to resolve dependencies for W32.Sasser.Worm.nasl? Message-ID: <1254417895.8742.89.camel@n8-laptop.ianbmacdonald.com> Currently we are running OpenVAS on Debian Lenny; Worked great out of the box; Plugins are up-to-date per the nvt update script. Output showing versions and plugin state is at the end of this message. Initially when starting the server we received some messages that certain plugins would be ignored or invisible to the client. Most of these messages were resolved by installing dependencies after reviewing the .nasl files for "script_dependencies" and reviewing the tools used http://www.openvas.org/integrated-tools.html and installing some additional packages we thought might satisfy these dependencies #apt-get install nmap smbclient nikto snmp ovaldi pnscan netdiag ldap-utils Notably portbunny and amap are not packaged in .debs; However not even all the packaged dependencies above are "suggested or recommended" packages so perhaps a quick modification by the debian maintainers might be considered. After installing the related tools, we are now left with one message when we start the OpenVAS server that we can not seem to resolve. Does anyone know how we might get the W32.Sasser.Worm plugin to become active? The output we have is immediately below, senali:~# /etc/init.d/openvas-server start W32.Sasser.Worm.nasl could not be added to the cache and is likely to stay invisible to the client. openvasd. senali:~# Any help appreciated, cheers, Ian senali:~# dpkg -l | grep vas ii libopenvas2 2.0.4-1~bpo50+1 remote network security auditor - shared lib ii libopenvas2-dev 2.0.4-1~bpo50+1 remote network security auditor - static lib ii libopenvasnasl2 2.0.2-1~bpo50+1 OpenVAS shared libraries ii libopenvasnasl2-dev 2.0.2-1~bpo50+1 OpenVAS static libraries and headers ii openvas-server 2.0.3-2~bpo50+1 remote network security auditor - server senali:~# openvas-nvt-sync OpenVAS NVT Sync $ Configured NVT Feed: rsync://rsync.openvas.org:/nvt-feed Synchronized into: /var/openvas/plugins Searching for required system tools ... Synchonizing NVTs via RSYNC ... rsync server - Intevation GmbH, Germany All transactions are logged. Mail problems to admin at intevation.de. Please look at /ftp/mirrors.txt for a list of download mirrors. receiving file list ... 27120 files to consider sent 72 bytes received 432649 bytes 123634.57 bytes/sec total size is 55634603 speedup is 128.57 Synchronization successful. senali:~# From rrich at gsti.net Thu Oct 1 17:51:45 2009 From: rrich at gsti.net (Robert Rich) Date: Thu, 1 Oct 2009 11:51:45 -0400 Subject: [Openvas-discuss] Some OpenVAS questions References: <4AC4984E.9070802@info.nl><200910011701.10458.Jan-Oliver.Wagner@greenbone.net> <4AC4C6A2.5050903@info.nl> Message-ID: <3559E9E82A6F7649839E87450376F49101449F@dc1.gsti.int> I _think_ the reason for the dearth of options in this space is that as soon as someone comes up with something interesting, they turn it into a commercial service. Consider that Nessus has been around for over 10 years and you still have very little to choose from. My suggestion would be to try out Inprotect and/or Autonessus to run the scans, parse the results and store the data, and then use your own reporting tools on top of that to get the output format and content you are after. There are some incredibly advanced open source reporting and business intelligence tools (Pentaho comes to mind), or you can use whatever may already be in place at your organization. Regardless, there *is* going to be some work on your end, possibly a significant amount of it, but there are enough pieces and parts out there today that you don't have to do it from scratch. Good luck! -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org on behalf of Michiel van Es Sent: Thu 10/1/2009 11:11 AM To: Jan-Oliver Wagner Cc: openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] Some OpenVAS questions -------- Original Message -------- Subject: Re: [Openvas-discuss] Some OpenVAS questions From: Jan-Oliver Wagner To: openvas-discuss at wald.intevation.org Date: 10/01/2009 05:01 PM > Hello, > > On Donnerstag, 1. Oktober 2009, Michiel van Es wrote: >> First of all I would like to say thank you for such a nice open source >> and free alternative for Nessus. > > thanks! :) > >> I am using OpenVAS with the OpenVAS-client to scan my networks but are >> there any tools like Inprotect to manage these scans? >> I see Autonessus but is there also a tool which can create pie charts or >> pdf's. >> The html is very very nice but I want to create a report over the last >> month, year etc and pie charts and some nice graps help convincing my >> management ;) > > Many OpenVAS users dump the results into a database and create their > own reporting mechanism based on this. Hmm would be nice if users share it with the community (so OpenVAS can grow bigger and have more potential). > > Greenbone is currently working on the "Greenbone Security Assistant" (gsa) > which should support in this direction as a web front end. > However, the backend for this is openvas-manager. Greenbone is a paid solution right? If so I can also pay a Nessus professional feed license and use Nessus with Inprotect. I am looking for a free as in free beer solution :) Sorry but my company is on a low budget that is why I am looking for free beer alternatives ;) > > All the best > Regards, Michiel > Jan > _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20091001/4ebcb6b2/attachment.html From Jan-Oliver.Wagner at greenbone.net Thu Oct 1 22:07:47 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Thu, 1 Oct 2009 22:07:47 +0200 Subject: [Openvas-discuss] How to resolve dependencies for W32.Sasser.Worm.nasl? In-Reply-To: <1254417895.8742.89.camel@n8-laptop.ianbmacdonald.com> References: <1254417895.8742.89.camel@n8-laptop.ianbmacdonald.com> Message-ID: <200910012207.47431.Jan-Oliver.Wagner@greenbone.net> On Thursday 01 October 2009 19:24:55 Ian MacDonald wrote: > Notably portbunny and amap are not packaged in .debs; However not even > all the packaged dependencies above are "suggested or recommended" > packages so perhaps a quick modification by the debian maintainers might > be considered. this reminds me that we need to kick amap out as it is not real Free Software. Thats essentially the reason why you won't find it in Debian. > After installing the related tools, we are now left with one message > when we start the OpenVAS server that we can not seem to resolve. Does > anyone know how we might get the W32.Sasser.Worm plugin to become > active? The output we have is immediately below, > > senali:~# /etc/init.d/openvas-server start > W32.Sasser.Worm.nasl could not be added to the cache and is likely to > stay invisible to the client. > openvasd. > senali:~# > > Any help appreciated, we work on it :-) Background: Initially, OpenVAS inherited the Nessus behaviour of silently ignoring some Plugins if they think they can't run properly. We added a test and error message for this situation and thats why you see them now. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck AG Osnabr?ck, HR B 202460 | Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From michael.meyer at intevation.de Fri Oct 2 09:14:17 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Fri, 2 Oct 2009 09:14:17 +0200 Subject: [Openvas-discuss] How to resolve dependencies for W32.Sasser.Worm.nasl? In-Reply-To: <1254417895.8742.89.camel@n8-laptop.ianbmacdonald.com> References: <1254417895.8742.89.camel@n8-laptop.ianbmacdonald.com> Message-ID: <20091002071417.GB2391@komma-nix.de> Hello, *** Ian MacDonald wrote: > senali:~# /etc/init.d/openvas-server start > W32.Sasser.Worm.nasl could not be added to the cache and is likely to > stay invisible to the client. W32.Sasser.Worm.nasl could not be loaded because of an 'exit(0); # moved into smb_virii.nasl' at the first line. Think we have to remove this Plugin from feed and svn. Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From felix.wolfsteller at intevation.de Fri Oct 2 09:20:39 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Fri, 2 Oct 2009 09:20:39 +0200 Subject: [Openvas-discuss] How to resolve dependencies for W32.Sasser.Worm.nasl? In-Reply-To: <200910012207.47431.Jan-Oliver.Wagner@greenbone.net> References: <1254417895.8742.89.camel@n8-laptop.ianbmacdonald.com> <200910012207.47431.Jan-Oliver.Wagner@greenbone.net> Message-ID: <200910020920.39785.felix.wolfsteller@intevation.de> Hi Ian On Thursday 01 October 2009 22:07:47 Jan-Oliver Wagner wrote: > > senali:~# /etc/init.d/openvas-server start > > W32.Sasser.Worm.nasl could not be added to the cache and is likely to > > stay invisible to the client. > > openvasd. > > senali:~# > > > > Any help appreciated, "W32.Sasser.Worm.nasl" is superseded by "smb_virii.nasl" and was invalidated for that reason (there is no way anymore to execute it). You can savely remove it from your plugin directory and the message should be gone. I think it is not shipped with the NVT Feed anymore, but the script to sync with the feed can only update scripts (in contrast to deleting them). Enjoy -- felix -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From imac at netstatz.com Fri Oct 2 15:57:59 2009 From: imac at netstatz.com (Ian MacDonald) Date: Fri, 02 Oct 2009 09:57:59 -0400 Subject: [Openvas-discuss] How to resolve dependencies for W32.Sasser.Worm.nasl In-Reply-To: References: Message-ID: <1254491879.6595.56.camel@n8-laptop.ianbmacdonald.com> Gents, We successfully removed W32.Sasser.Worm.nasl and performed an nvt sync and restart with no output related to non-functioning plugins. I did however note that the restart I issued immediately following the updates failed initially with an ERROR; I went and immediately checked the messages and dump files located in /var/log/openvas only to discover that when I tried again a few minutes later, it started fine. (initial output below) We are assuming that the process had not actually stopped when the initial 'stop' was executed. There might be a little more that can be done around ensuring that the processes have exited prior to stop. cheers, Ian On Fri, 2009-10-02 at 09:20 +0200, openvas-discuss-request at wald.intevation.org wrote: > "W32.Sasser.Worm.nasl" is superseded by "smb_virii.nasl" and was > invalidated > for that reason (there is no way anymore to execute it). > You can savely remove it from your plugin directory and the message > should be > gone. > > I think it is not shipped with the NVT Feed anymore, but the script to > sync > with the feed can only update scripts (in contrast to deleting them). senali:/var/openvas/plugins# rm W32.Sasser.Worm.nasl* senali:/var/openvas/plugins# openvas-nvt-sync OpenVAS NVT Sync $ Configured NVT Feed: rsync://rsync.openvas.org:/nvt-feed Synchronized into: /var/openvas/plugins Searching for required system tools ... Synchonizing NVTs via RSYNC ... rsync server - Intevation GmbH, Germany All transactions are logged. Mail problems to admin at intevation.de. Please look at /ftp/mirrors.txt for a list of download mirrors. receiving file list ... 27120 files to consider ./ sent 72 bytes received 432649 bytes 96160.22 bytes/sec total size is 55634603 speedup is 128.57 Synchronization successful. senali:/var/openvas/plugins# /etc/init.d/openvas-server restart Restarting OpenVAS daemon: ERROR. senali:/var/openvas/plugins# /etc/init.d/openvas-server stop Stopping OpenVAS daemon: openvasd. senali:/var/openvas/plugins# /etc/init.d/openvas-server start Starting OpenVAS daemon: ERROR. From jitensuperman at gmail.com Mon Oct 5 08:00:27 2009 From: jitensuperman at gmail.com (jiten pathy) Date: Mon, 5 Oct 2009 11:30:27 +0530 Subject: [Openvas-discuss] How to resolve dependencies for W32.Sasser.Worm.nasl? In-Reply-To: <200910020920.39785.felix.wolfsteller@intevation.de> References: <1254417895.8742.89.camel@n8-laptop.ianbmacdonald.com> <200910012207.47431.Jan-Oliver.Wagner@greenbone.net> <200910020920.39785.felix.wolfsteller@intevation.de> Message-ID: <6ba78e2e0910042300v7600ef2g1071778cc719e3a9@mail.gmail.com> i have another problem while openvas-nvt-sync it says error connection refused but when i telnet i get connected but how can i nvt sync after i get connected through telnet???????? any help appreciated.......... On 10/2/09, Felix Wolfsteller wrote: > Hi Ian > > On Thursday 01 October 2009 22:07:47 Jan-Oliver Wagner wrote: >> > senali:~# /etc/init.d/openvas-server start >> > W32.Sasser.Worm.nasl could not be added to the cache and is likely to >> > stay invisible to the client. >> > openvasd. >> > senali:~# >> > >> > Any help appreciated, > > "W32.Sasser.Worm.nasl" is superseded by "smb_virii.nasl" and was invalidated > for that reason (there is no way anymore to execute it). > You can savely remove it from your plugin directory and the message should > be > gone. > > I think it is not shipped with the NVT Feed anymore, but the script to sync > with the feed can only update scripts (in contrast to deleting them). > > > Enjoy > -- felix > > -- > Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ > PGP Key: 39DE0100 > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > From tanishk.lakhaani at mca.gov.in Mon Oct 5 10:01:02 2009 From: tanishk.lakhaani at mca.gov.in (tanishk lakhaani) Date: Mon, 5 Oct 2009 13:31:02 +0530 Subject: [Openvas-discuss] unale to rsync NVT's In-Reply-To: <20091001153323.GA1690@komma-nix.de> Message-ID: <2b9115b200002ebb@mca.gov.in> Hi Micheal, I have successfuklly deployed OpenVAS, but it is not producing the descriptive results as Nessus Does. The Probabale reason for this is that, OpenVAS has 11563 NVT's or plugins preloaded with the installation package, & we need to get rest of the NVT's approx (20563)using this script "openvas-nvt-sync". The problem that I am facing is that, I am unable to run "openvas-nvt-sync" script to get the rest of the NVT's. Rgds Tanishk -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Michael Meyer Sent: Thursday, October 01, 2009 9:03 PM To: openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] unale to rsync NVT's Hi, *** tanishk lakhaani wrote: > I am unable to use the openvas-nvt-sync script to get the NVT's for my > OpenVas Server from its upstream server. Please give us more information. What exactly is your problem with openvas-nvt-sync? Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you From bchandra at secpod.com Mon Oct 5 10:10:51 2009 From: bchandra at secpod.com (Chandrashekhar B) Date: Mon, 5 Oct 2009 13:40:51 +0530 Subject: [Openvas-discuss] unale to rsync NVT's In-Reply-To: <2b9115b200002ebb@mca.gov.in> References: <20091001153323.GA1690@komma-nix.de> <2b9115b200002ebb@mca.gov.in> Message-ID: <8B4CA487A5294CEC94B1470834B9BA11@bchandra> Tanishk, By "unable to run..." you mean, you can't find the script "openvas-nvt-synch" or you get errors when you run the command? By the way, openvas now has 13581 plugins only. Chandra. -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of tanishk lakhaani Sent: Monday, October 05, 2009 1:31 PM To: 'Michael Meyer'; openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] unale to rsync NVT's Hi Micheal, I have successfuklly deployed OpenVAS, but it is not producing the descriptive results as Nessus Does. The Probabale reason for this is that, OpenVAS has 11563 NVT's or plugins preloaded with the installation package, & we need to get rest of the NVT's approx (20563)using this script "openvas-nvt-sync". The problem that I am facing is that, I am unable to run "openvas-nvt-sync" script to get the rest of the NVT's. Rgds Tanishk -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Michael Meyer Sent: Thursday, October 01, 2009 9:03 PM To: openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] unale to rsync NVT's Hi, *** tanishk lakhaani wrote: > I am unable to use the openvas-nvt-sync script to get the NVT's for my > OpenVas Server from its upstream server. Please give us more information. What exactly is your problem with openvas-nvt-sync? Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss From tanishk.lakhaani at mca.gov.in Mon Oct 5 10:49:20 2009 From: tanishk.lakhaani at mca.gov.in (tanishk lakhaani) Date: Mon, 5 Oct 2009 14:19:20 +0530 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <8B4CA487A5294CEC94B1470834B9BA11@bchandra> Message-ID: <2bbd475b00002f3c@mca.gov.in> Hi Chandrashekhar, Thanks for your concern. I have that script with the package, but when I run it, it gives an error. Regards Tanishk -----Original Message----- From: Chandrashekhar B [mailto:bchandra at secpod.com] Sent: Monday, October 05, 2009 1:41 PM To: 'tanishk lakhaani'; 'Michael Meyer'; openvas-discuss at wald.intevation.org Subject: RE: [Openvas-discuss] unale to rsync NVT's Tanishk, By "unable to run..." you mean, you can't find the script "openvas-nvt-synch" or you get errors when you run the command? By the way, openvas now has 13581 plugins only. Chandra. -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of tanishk lakhaani Sent: Monday, October 05, 2009 1:31 PM To: 'Michael Meyer'; openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] unale to rsync NVT's Hi Micheal, I have successfuklly deployed OpenVAS, but it is not producing the descriptive results as Nessus Does. The Probabale reason for this is that, OpenVAS has 11563 NVT's or plugins preloaded with the installation package, & we need to get rest of the NVT's approx (20563)using this script "openvas-nvt-sync". The problem that I am facing is that, I am unable to run "openvas-nvt-sync" script to get the rest of the NVT's. Rgds Tanishk -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Michael Meyer Sent: Thursday, October 01, 2009 9:03 PM To: openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] unale to rsync NVT's Hi, *** tanishk lakhaani wrote: > I am unable to use the openvas-nvt-sync script to get the NVT's for my > OpenVas Server from its upstream server. Please give us more information. What exactly is your problem with openvas-nvt-sync? Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you From michael.meyer at intevation.de Mon Oct 5 11:48:44 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Mon, 5 Oct 2009 11:48:44 +0200 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <2bbd475b00002f3c@mca.gov.in> References: <8B4CA487A5294CEC94B1470834B9BA11@bchandra> <2bbd475b00002f3c@mca.gov.in> Message-ID: <20091005094844.GA10713@komma-nix.de> *** tanishk lakhaani wrote: > Thanks for your concern. I have that script with the package, but when I run > it, it gives an error. What is the *exact* error message? Please give us more information or we can't help. Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jitensuperman at gmail.com Mon Oct 5 13:27:11 2009 From: jitensuperman at gmail.com (jiten pathy) Date: Mon, 5 Oct 2009 16:57:11 +0530 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <20091005094844.GA10713@komma-nix.de> References: <8B4CA487A5294CEC94B1470834B9BA11@bchandra> <2bbd475b00002f3c@mca.gov.in> <20091005094844.GA10713@komma-nix.de> Message-ID: <6ba78e2e0910050427h2662e77fs91dc5a86d1771820@mail.gmail.com> i am having same problem i get connection refused error On 10/5/09, Michael Meyer wrote: > *** tanishk lakhaani wrote: > >> Thanks for your concern. I have that script with the package, but when I >> run >> it, it gives an error. > > What is the *exact* error message? Please give us more information or we > can't help. > > Micha > > -- > Michael Meyer OpenPGP Key: 76E050B9 > http://www.intevation.de > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > From tanishk.lakhaani at mca.gov.in Mon Oct 5 13:48:34 2009 From: tanishk.lakhaani at mca.gov.in (tanishk lakhaani) Date: Mon, 5 Oct 2009 17:18:34 +0530 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <6ba78e2e0910050427h2662e77fs91dc5a86d1771820@mail.gmail.com> Message-ID: <2c6164d8000031a4@mca.gov.in> Yes exactly, even I get the same error: " Unknown Service" "Connection Refused" Please help Regards Tanishk -----Original Message----- From: jiten pathy [mailto:jitensuperman at gmail.com] Sent: Monday, October 05, 2009 4:57 PM To: openvas-discuss at wald.intevation.org; tanishk.lakhaani at mca.gov.in Subject: Re: [Openvas-discuss] unable to rsync NVT's i am having same problem i get connection refused error On 10/5/09, Michael Meyer wrote: > *** tanishk lakhaani wrote: > >> Thanks for your concern. I have that script with the package, but when I >> run >> it, it gives an error. > > What is the *exact* error message? Please give us more information or we > can't help. > > Micha > > -- > Michael Meyer OpenPGP Key: 76E050B9 > http://www.intevation.de > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you From bchandra at secpod.com Mon Oct 5 14:12:40 2009 From: bchandra at secpod.com (Chandrashekhar B) Date: Mon, 5 Oct 2009 17:42:40 +0530 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <2c6164d8000031a4@mca.gov.in> References: <6ba78e2e0910050427h2662e77fs91dc5a86d1771820@mail.gmail.com> <2c6164d8000031a4@mca.gov.in> Message-ID: You should have rsync and your firewall should allow rsync port (TCP 873). Chandra. -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of tanishk lakhaani Sent: Monday, October 05, 2009 5:19 PM To: 'jiten pathy'; openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] unable to rsync NVT's Yes exactly, even I get the same error: " Unknown Service" "Connection Refused" Please help Regards Tanishk -----Original Message----- From: jiten pathy [mailto:jitensuperman at gmail.com] Sent: Monday, October 05, 2009 4:57 PM To: openvas-discuss at wald.intevation.org; tanishk.lakhaani at mca.gov.in Subject: Re: [Openvas-discuss] unable to rsync NVT's i am having same problem i get connection refused error On 10/5/09, Michael Meyer wrote: > *** tanishk lakhaani wrote: > >> Thanks for your concern. I have that script with the package, but when I >> run >> it, it gives an error. > > What is the *exact* error message? Please give us more information or we > can't help. > > Micha > > -- > Michael Meyer OpenPGP Key: 76E050B9 > http://www.intevation.de > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss From michael.meyer at intevation.de Mon Oct 5 14:12:03 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Mon, 5 Oct 2009 14:12:03 +0200 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <2c6164d8000031a4@mca.gov.in> References: <6ba78e2e0910050427h2662e77fs91dc5a86d1771820@mail.gmail.com> <2c6164d8000031a4@mca.gov.in> Message-ID: <20091005121203.GA3435@komma-nix.de> Hello tanishk, Hello jiten, *** tanishk lakhaani wrote: [openvas-nvt-sync] > "Connection Refused" You are behind a firewall? Try 'telnet rsync.openvas.org 873'. ,---| | mime at kira:~ % telnet rsync.openvas.org 873 | Trying 212.95.126.13... | Connected to rsync.openvas.org. | Escape character is '^]'. | @RSYNCD: 26 | rsync server - Intevation GmbH, Germany | All transactions are logged. Mail problems to admin at intevation.de. | | Please look at /ftp/mirrors.txt for a list of download mirrors. `---| What did you get? If you get nothing, you should check your firewall settings. Rsync with "rsync.openvas.org" (Port 873/tcp) must be allowed for openvas-nvt-sync. Alternatively, you could download the feed content on a different system, outside that firewall, and then copy the files (scp) to your openVas installation. http://forums.exabytes.com/linux-control-panel-cpanel/102-using-rsync-through-firewall.html Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jitensuperman at gmail.com Mon Oct 5 14:15:19 2009 From: jitensuperman at gmail.com (jiten pathy) Date: Mon, 5 Oct 2009 17:45:19 +0530 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: References: <6ba78e2e0910050427h2662e77fs91dc5a86d1771820@mail.gmail.com> <2c6164d8000031a4@mca.gov.in> Message-ID: <6ba78e2e0910050515i7df98774td1dc8011153964f2@mail.gmail.com> i have rsync and i can telnet rsync.openvas.org 21 but i cant do that via rsync On 10/5/09, Chandrashekhar B wrote: > You should have rsync and your firewall should allow rsync port (TCP 873). > > Chandra. > > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of tanishk > lakhaani > Sent: Monday, October 05, 2009 5:19 PM > To: 'jiten pathy'; openvas-discuss at wald.intevation.org > Subject: Re: [Openvas-discuss] unable to rsync NVT's > > Yes exactly, even I get the same error: > > " Unknown Service" > "Connection Refused" > > Please help > > Regards > Tanishk > > -----Original Message----- > From: jiten pathy [mailto:jitensuperman at gmail.com] > Sent: Monday, October 05, 2009 4:57 PM > To: openvas-discuss at wald.intevation.org; tanishk.lakhaani at mca.gov.in > Subject: Re: [Openvas-discuss] unable to rsync NVT's > > i am having same problem i get connection refused error > > > On 10/5/09, Michael Meyer wrote: >> *** tanishk lakhaani wrote: >> >>> Thanks for your concern. I have that script with the package, but when I >>> run >>> it, it gives an error. >> >> What is the *exact* error message? Please give us more information or we >> can't help. >> >> Micha >> >> -- >> Michael Meyer OpenPGP Key: > 76E050B9 >> http://www.intevation.de >> Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B > 18998 >> Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver > Wagner >> _______________________________________________ >> Openvas-discuss mailing list >> Openvas-discuss at wald.intevation.org >> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss >> > > Notice: The information contained in this e-mail message and/or attachments > to it may contain confidential or privileged information. If you are not the > intended recipient, any dissemination, use, review, distribution, printing > or copying of the information contained in this e-mail message and/or > attachments to it are strictly prohibited. If you have received this > communication in error, please notify us by reply e-mail or telephone and > immediately and permanently delete the message and any attachments. Thank > you > > > Notice: The information contained in this e-mail message and/or attachments > to it may contain confidential or privileged information. If you are not the > intended recipient, any dissemination, use, review, distribution, printing > or copying of the information contained in this e-mail message and/or > attachments to it are strictly prohibited. If you have received this > communication in error, please notify us by reply e-mail or telephone and > immediately and permanently delete the message and any attachments. Thank > you > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > > From tanishk.lakhaani at mca.gov.in Mon Oct 5 14:54:22 2009 From: tanishk.lakhaani at mca.gov.in (tanishk lakhaani) Date: Mon, 5 Oct 2009 18:24:22 +0530 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <20091005121203.GA3435@komma-nix.de> Message-ID: <2c9da41000003269@mca.gov.in> HI Micheal, I tried what u said, but this is the error that I receive telnet rsync.openvas.org 873 Connecting to rsync.openvas.or...Could not open connection to the host, o port 873: Connect failed. Regards Tanishk -----Original Message----- From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Michael Meyer Sent: Monday, October 05, 2009 5:42 PM To: openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] unable to rsync NVT's Hello tanishk, Hello jiten, *** tanishk lakhaani wrote: [openvas-nvt-sync] > "Connection Refused" You are behind a firewall? Try 'telnet rsync.openvas.org 873'. ,---| | mime at kira:~ % telnet rsync.openvas.org 873 | Trying 212.95.126.13... | Connected to rsync.openvas.org. | Escape character is '^]'. | @RSYNCD: 26 | rsync server - Intevation GmbH, Germany | All transactions are logged. Mail problems to admin at intevation.de. | | Please look at /ftp/mirrors.txt for a list of download mirrors. `---| What did you get? If you get nothing, you should check your firewall settings. Rsync with "rsync.openvas.org" (Port 873/tcp) must be allowed for openvas-nvt-sync. Alternatively, you could download the feed content on a different system, outside that firewall, and then copy the files (scp) to your openVas installation. http://forums.exabytes.com/linux-control-panel-cpanel/102-using-rsync-throug h-firewall.html Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you From michael.meyer at intevation.de Mon Oct 5 16:20:16 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Mon, 5 Oct 2009 16:20:16 +0200 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <2c9da41000003269@mca.gov.in> References: <20091005121203.GA3435@komma-nix.de> <2c9da41000003269@mca.gov.in> Message-ID: <20091005142016.GA5504@komma-nix.de> *** tanishk lakhaani wrote: > I tried what u said, but this is the error that I receive > > telnet rsync.openvas.org 873 > > Connecting to rsync.openvas.or...Could not open connection to the host, o > port 873: Connect failed. Looks for me like a problem with your firewall. Do you have a local firewall? If yes, please disable and try again. Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From timb at openvas.org Mon Oct 5 22:46:50 2009 From: timb at openvas.org (Tim Brown) Date: Mon, 5 Oct 2009 21:46:50 +0100 Subject: [Openvas-discuss] [Openvas-devel] [Openvas-commits] r5349 - in trunk/openvas-plugins: . scripts In-Reply-To: <4ACA500B.1030106@securityspace.com> References: <20091001165734.70DD5852AD1D@pyrosoma.intevation.org> <4ACA500B.1030106@securityspace.com> Message-ID: <200910052146.54243.timb@openvas.org> On Monday 05 October 2009 20:59:07 you wrote: > > trunk/openvas-plugins/scripts/ms_smb2_highid.nasl > > > > + script_category(ACT_GATHER_INFO); > > > > +data = > > raw_string(0x00,0x00,0x00,0x90,0xff,0x53,0x4d,0x42,0x72,0x00,0x00,0x00,0x > >00,0x18,0x53,0xc8, + > > 0x00,0x26,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0xf > >f,0xfe, + > > 0x00,0x00,0x00,0x00,0x00,0x6d,0x00,0x02,0x50,0x43,0x20,0x4e,0x45,0x54,0x5 > >7,0x4f, + > > 0x52,0x4b,0x20,0x50,0x52,0x4f,0x47,0x52,0x41,0x4d,0x20,0x31,0x2e,0x30,0x0 > >0,0x02, + > > 0x4c,0x41,0x4e,0x4d,0x41,0x4e,0x31,0x2e,0x30,0x00,0x02,0x57,0x69,0x6e,0x6 > >4,0x6f, + > > 0x77,0x73,0x20,0x66,0x6f,0x72,0x20,0x57,0x6f,0x72,0x6b,0x67,0x72,0x6f,0x7 > >5,0x70, + > > 0x73,0x20,0x33,0x2e,0x31,0x61,0x00,0x02,0x4c,0x4d,0x31,0x2e,0x32,0x58,0x3 > >0,0x30, + > > 0x32,0x00,0x02,0x4c,0x41,0x4e,0x4d,0x41,0x4e,0x32,0x2e,0x31,0x00,0x02,0x4 > >e,0x54, + > > 0x20,0x4c,0x4d,0x20,0x30,0x2e,0x31,0x32,0x00,0x02,0x53,0x4d,0x42,0x20,0x3 > >2,0x2e, + 0x30,0x30,0x32,0x00); # Tested against 2008 > > Server. A vulnerable Server doing a reboot. I'm not happy with that, but > > a the moment i have no idea how to detect this vulnerability without > > exploiting it. + > > I suspect this script should be classified as ACT_DENIAL > rather than ACT_GATHER_INFO, given that it causes the > vulnerable server to reboot. The /safe/ version of the check would be just to check for SMBv2 support and flag it as a possible issue. It's not perfect but AFAIk it is all that can be done at the moment. You might also be able to fix up the packet so that it uses values that are unlikely to trigger the crash but I haven't investigated that in any detail. Tim -- Tim Brown From jitensuperman at gmail.com Wed Oct 7 21:13:15 2009 From: jitensuperman at gmail.com (jiten pathy) Date: Thu, 8 Oct 2009 00:43:15 +0530 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <20091005142016.GA5504@komma-nix.de> References: <20091005121203.GA3435@komma-nix.de> <2c9da41000003269@mca.gov.in> <20091005142016.GA5504@komma-nix.de> Message-ID: <6ba78e2e0910071213l61f2b57t278b91a9075cf2c2@mail.gmail.com> hello i got this one telnet rsync.openvas.org 21 Trying 212.95.126.13... Connected to doto.intevation.de. Escape character is '^]'. 220-Ftp Server Intevation GmbH, Germany 220-All transactions are logged. Mail problems to admin at intevation.de. 220- 220-This server is primarily for developers and mirrors. 220-Please be gentle and choose a mirror site from mirrors.txt for downloads. 220- 220-Check out the http://freegis.org/ webpages. 220- 220-http access to these files: http://ftp.intevation.de/ 220-rsync access to these files: rsync://intevation.de/ftp/ 220 quit 221 Bye! It was nice talking to you! Connection closed by foreign host. but when i telnet through port 873 i get this telnet rsync.openvas.org 873 Trying 212.95.126.13... telnet: Unable to connect to remote host: Connection timed out what may be the problem???? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20091008/e34b62c7/attachment.html From michael.meyer at intevation.de Wed Oct 7 21:30:53 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Wed, 7 Oct 2009 21:30:53 +0200 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <6ba78e2e0910071213l61f2b57t278b91a9075cf2c2@mail.gmail.com> References: <20091005121203.GA3435@komma-nix.de> <2c9da41000003269@mca.gov.in> <20091005142016.GA5504@komma-nix.de> <6ba78e2e0910071213l61f2b57t278b91a9075cf2c2@mail.gmail.com> Message-ID: <20091007193053.GA25125@komma-nix.de> *** jiten pathy wrote: > telnet rsync.openvas.org 873 > Trying 212.95.126.13... > telnet: Unable to connect to remote host: Connection timed out > what may be the problem???? Maybe a firewall, somewhere... Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From jitensuperman at gmail.com Thu Oct 8 15:32:01 2009 From: jitensuperman at gmail.com (jiten pathy) Date: Thu, 8 Oct 2009 19:02:01 +0530 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <20091007193053.GA25125@komma-nix.de> References: <20091005121203.GA3435@komma-nix.de> <2c9da41000003269@mca.gov.in> <20091005142016.GA5504@komma-nix.de> <6ba78e2e0910071213l61f2b57t278b91a9075cf2c2@mail.gmail.com> <20091007193053.GA25125@komma-nix.de> Message-ID: <6ba78e2e0910080632k1a3dc9eeq5a80f6c63fb6c06b@mail.gmail.com> > > > i am using bt4 how can i find firewall blocking it i think i dont have any kind of firewall installed...............plz help me -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20091008/76c22845/attachment.html From glenn.s.bell at gmail.com Fri Oct 9 16:47:28 2009 From: glenn.s.bell at gmail.com (Glenn Bell) Date: Fri, 09 Oct 2009 10:47:28 -0400 Subject: [Openvas-discuss] unable to rsync NVT's In-Reply-To: <20091005142016.GA5504@komma-nix.de> References: <20091005121203.GA3435@komma-nix.de> <2c9da41000003269@mca.gov.in> <20091005142016.GA5504@komma-nix.de> Message-ID: <4ACF4D00.80505@gmail.com> Do you have a proxy server? If so, you can set RSYNC_PROXY. From the rsync(1) man page: You may establish the connection via a web proxy by setting the environment variable RSYNC_PROXY to a hostname:port pair pointing to your web proxy. Note that your web proxy?s configuration must support proxy connections to port 873. export RSYNC_PROXY="proxy.mydomain.org:8080" You may also establish a daemon connection using a program as a proxy by setting the environment variable RSYNC_CONNECT_PROG to the commands you wish to run in place of making a direct socket connection. The string may contain the escape ?%H? to represent the hostname specified in the rsync command (so use ?%%? if you need a single ?%? in your string). For example: export RSYNC_CONNECT_PROG=?ssh proxyhost nc %H 873? rsync -av targethost1::module/src/ /dest/ rsync -av rsync:://targethost2/module/src/ /dest/ The command specified above uses ssh to run nc (netcat) on a proxyhost, which forwards all data to port 873 (the rsync daemon) on the targethost (%H). My proxy server supports port 873, so the first method worked for me. The second method assumes a host that accepts ssh connections from the inside and has Internet connectivity on port 873. I would explore these methods before disabling your firewall, after all we are trying to improve overall security :) -Glenn Michael Meyer wrote: > *** tanishk lakhaani wrote: >> I tried what u said, but this is the error that I receive >> >> telnet rsync.openvas.org 873 >> >> Connecting to rsync.openvas.or...Could not open connection to the host, o >> port 873: Connect failed. > > Looks for me like a problem with your firewall. Do you have a local > firewall? If yes, please disable and try again. > > Micha > From info at secinfy.com Sun Oct 11 21:39:27 2009 From: info at secinfy.com (SECInfy Team) Date: Sun, 11 Oct 2009 15:39:27 -0400 Subject: [Openvas-discuss] OpenVAS - SSL Error Message-ID: <4AD2346F.1020703@secinfy.com> Hi, I am using OpenVas 2.0.1 and I have installed openssl-0.9.8k I have configured no SSL in SSL server configuration y setting following options # vi /etc/openvas/openvasd.conf ssl_version=none When I try to connect to server with following command from command line openvas client, I get error OpenVAS-Client --batch-mode="10.184.155.159" "9390" "openvas" "openvas" "/root/inputdir/tst1_1011091505226389759381372567510.txt" "/root/reportdir/tst1_101109150522.xml" --output-type=xml -x -V I get following error [11989] SSL_connect: error:00000000:lib(0):func(0):reason(0) OpenVAS-Client : SSL error Can someone please help me in troubleshooting this issue. Please let me know if you need any further information. Regards Hemil From lists at securityspace.com Sun Oct 11 22:23:01 2009 From: lists at securityspace.com (Thomas Reinke) Date: Sun, 11 Oct 2009 16:23:01 -0400 Subject: [Openvas-discuss] OpenVAS - SSL Error In-Reply-To: <4AD2346F.1020703@secinfy.com> References: <4AD2346F.1020703@secinfy.com> Message-ID: <4AD23EA5.5090104@securityspace.com> Not 100% sure, but I thought that the ability to do client server connections in plaintext had been removed in favour of forcing all protocol communications over SSL. If I'm right, it would mean the "ssl_version=none" config item shouldn't be allowed anymore, and it would explain why you are getting the SSL connect errors. Thomas SECInfy Team wrote: > Hi, > > I am using OpenVas 2.0.1 and I have installed openssl-0.9.8k > > I have configured no SSL in SSL server configuration y setting following > options > > # vi /etc/openvas/openvasd.conf > ssl_version=none > > When I try to connect to server with following command from command line > openvas client, I get error > > OpenVAS-Client --batch-mode="10.184.155.159" "9390" "openvas" "openvas" > "/root/inputdir/tst1_1011091505226389759381372567510.txt" > "/root/reportdir/tst1_101109150522.xml" --output-type=xml -x -V > > I get following error > [11989] SSL_connect: error:00000000:lib(0):func(0):reason(0) > OpenVAS-Client : SSL error > > Can someone please help me in troubleshooting this issue. > > Please let me know if you need any further information. > > Regards > Hemil > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > From info at secinfy.com Tue Oct 13 00:43:47 2009 From: info at secinfy.com (SECInfy Team) Date: Mon, 12 Oct 2009 18:43:47 -0400 Subject: [Openvas-discuss] OpenVAS - SSL Error In-Reply-To: <4AD23EA5.5090104@securityspace.com> References: <4AD2346F.1020703@secinfy.com> <4AD23EA5.5090104@securityspace.com> Message-ID: <4AD3B123.7090400@secinfy.com> Hi Thomas, Thank you very much for the response. Does this mean that I should set default value to ssl_version in configuration file? Any idea about solving this error? Regards Hemil Thomas Reinke wrote: > Not 100% sure, but I thought that the ability to do client > server connections in plaintext had been removed in favour > of forcing all protocol communications over SSL. If I'm > right, it would mean the "ssl_version=none" config item > shouldn't be allowed anymore, and it would explain why you are > getting the SSL connect errors. > > Thomas > > SECInfy Team wrote: >> Hi, >> >> I am using OpenVas 2.0.1 and I have installed openssl-0.9.8k >> >> I have configured no SSL in SSL server configuration y setting >> following options >> >> # vi /etc/openvas/openvasd.conf >> ssl_version=none >> >> When I try to connect to server with following command from command >> line openvas client, I get error >> >> OpenVAS-Client --batch-mode="10.184.155.159" "9390" "openvas" >> "openvas" "/root/inputdir/tst1_1011091505226389759381372567510.txt" >> "/root/reportdir/tst1_101109150522.xml" --output-type=xml -x -V >> >> I get following error >> [11989] SSL_connect: error:00000000:lib(0):func(0):reason(0) >> OpenVAS-Client : SSL error >> >> Can someone please help me in troubleshooting this issue. >> >> Please let me know if you need any further information. >> >> Regards >> Hemil >> _______________________________________________ >> Openvas-discuss mailing list >> Openvas-discuss at wald.intevation.org >> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss >> > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.421 / Virus Database: 270.14.9/2428 - Release Date: 10/11/09 06:39:00 > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20091012/d4b75989/attachment.htm From jan-oliver.wagner at intevation.de Wed Oct 14 00:48:45 2009 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Wed, 14 Oct 2009 00:48:45 +0200 Subject: [Openvas-discuss] OpenVAS - SSL Error In-Reply-To: <4AD23EA5.5090104@securityspace.com> References: <4AD2346F.1020703@secinfy.com> <4AD23EA5.5090104@securityspace.com> Message-ID: <200910140048.59222.jan-oliver.wagner@intevation.de> Thomas, On Sunday 11 October 2009 22:23:01 Thomas Reinke wrote: > Not 100% sure, but I thought that the ability to do client > server connections in plaintext had been removed in favour > of forcing all protocol communications over SSL. you are correct. > If I'm right, it would mean the "ssl_version=none" config item > shouldn't be allowed anymore, and it would explain why you are > getting the SSL connect errors. Indeed. I just fixed this in trunk. Thanks! Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From info at secinfy.com Fri Oct 16 02:48:44 2009 From: info at secinfy.com (SECInfy Team) Date: Thu, 15 Oct 2009 20:48:44 -0400 Subject: [Openvas-discuss] OpenVAS - SSL Error In-Reply-To: <200910140048.59222.jan-oliver.wagner@intevation.de> References: <4AD2346F.1020703@secinfy.com> <4AD23EA5.5090104@securityspace.com> <200910140048.59222.jan-oliver.wagner@intevation.de> Message-ID: <4AD7C2EC.7090801@secinfy.com> Any idea what is the fix of this error? How can I make it work now? Thanks Hemil Jan-Oliver Wagner wrote: > Thomas, > > On Sunday 11 October 2009 22:23:01 Thomas Reinke wrote: > >> Not 100% sure, but I thought that the ability to do client >> server connections in plaintext had been removed in favour >> of forcing all protocol communications over SSL. >> > > you are correct. > > >> If I'm right, it would mean the "ssl_version=none" config item >> shouldn't be allowed anymore, and it would explain why you are >> getting the SSL connect errors. >> > > Indeed. I just fixed this in trunk. > Thanks! > > Best > > Jan > > > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.421 / Virus Database: 270.14.15/2434 - Release Date: 10/13/09 19:11:00 > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20091015/e7a3c4eb/attachment.htm From michiele at info.nl Mon Oct 19 15:22:41 2009 From: michiele at info.nl (Michiel van Es) Date: Mon, 19 Oct 2009 15:22:41 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4AC4D753.4040005@info.nl> References: <4AC4984E.9070802@info.nl> <200910011701.10458.Jan-Oliver.Wagner@greenbone.net> <4AC4C6A2.5050903@info.nl> <200910011815.39004.Jan-Oliver.Wagner@greenbone.net> <4AC4D753.4040005@info.nl> Message-ID: <4ADC6821.9020305@info.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 To keep this project *up*: Isn't it possible to dump the results in a sql database and use jgraph to create nice pie graphs? Kind regards, Michiel - -- old discussion -- - -------- Original Message -------- Subject: [Openvas-discuss] Some OpenVAS questions From: Michiel van Es To: Jan-Oliver Wagner Date: 10/01/2009 06:22 PM > > -------- Original Message -------- > Subject: Re: [Openvas-discuss] Some OpenVAS questions > From: Jan-Oliver Wagner > To: openvas-discuss at wald.intevation.org > > Date: 10/01/2009 06:15 PM > >> On Donnerstag, 1. Oktober 2009, Michiel van Es wrote: >>>>> I am using OpenVAS with the OpenVAS-client to scan my networks but are >>>>> there any tools like Inprotect to manage these scans? >>>>> I see Autonessus but is there also a tool which can create pie charts or >>>>> pdf's. >>>>> The html is very very nice but I want to create a report over the last >>>>> month, year etc and pie charts and some nice graps help convincing my >>>>> management ;) >>>> Many OpenVAS users dump the results into a database and create their >>>> own reporting mechanism based on this. >>> Hmm would be nice if users share it with the community (so OpenVAS can >>> grow bigger and have more potential). >> usually, these are very specific solutions for the needs of the respective >> companies. > > yes and no: a nice web interface for customers or users to scan their > hosts is a universal thing: look at Inprotect. > >> >>>> Greenbone is currently working on the "Greenbone Security Assistant" (gsa) >>>> which should support in this direction as a web front end. >>>> However, the backend for this is openvas-manager. >>> Greenbone is a paid solution right? >> gsa is released under GNU GPLv2+. Not all in public SVN yet, but in progress. >> >> But yes, Greenbone offers also a supported Feed (Greenbone Security Feed) and a supported >> platform (Greenbone Security Manager). > > Ah that sounds nice :) > I wait for the svn version then :) > >>> If so I can also pay a Nessus >>> professional feed license and use Nessus with Inprotect. >> Thats up to you. >> Apart from technical aspects, one difference is that Greenbone >> is strictly oriented towards Free Software. Buying Greenbone >> means to ensure support and have us produce more Free Software ;-) > > Offcourse I understand that, same with Red Hat. > The problem is more the financial part that not every manager wants to > pay but still wants to have a nice clean interface where he can see the > scan results for free.. > >>> I am looking for a free as in free beer solution :) >>> Sorry but my company is on a low budget that is why I am looking for >>> free beer alternatives ;) >> "Free beer" is relative. I hope you are paid for getting a scanner to work :-) > > I get paid yes ;) but my company decides to not invest in proferssional > feeds and support and want a cheap solution. > I can understand people saying: that is *bs* : want the best but don't > want to pay. > I am just saying that it would be nice to have an Inprotect alike > interface for OpenVAS for users to make some nice graphs. > If something goes wrong; they can pay for the support for example. > > I keep you guys also updated about my Inprotect work (when I got some > spare time) > >> Best > Regards, > > Michiel >> Jan >> > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkrcaCEACgkQSU+5fmlaNkO/qgCeMxiRA/b5HATctox7y1PJVvDI ac8AnR/5wL1/iTQJSLQL8lKYxDRD+6d9 =KARW -----END PGP SIGNATURE----- From michiele at info.nl Mon Oct 19 17:34:17 2009 From: michiele at info.nl (Michiel van Es) Date: Mon, 19 Oct 2009 17:34:17 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4e0e17360910190830j1b7e5655o3fedd88a0c1e37e7@mail.gmail.com> References: <4AC4984E.9070802@info.nl> <4e0e17360910190830j1b7e5655o3fedd88a0c1e37e7@mail.gmail.com> Message-ID: <4ADC86F9.3040108@info.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Scott, Isn't it possible to just provide the tools and frontend? I mean: I really don't want to run an extra server with freebsd which I don't know that well to maintain :) And it would be nice to use the OpenVAS 2.* version (or latest stable version). Kind regards, Michiel - -------- Original Message -------- Subject: [Openvas-discuss] Some OpenVAS questions From: Scott Algatt To: openvas-discuss at wald.intevation.org Date: 10/19/2009 05:30 PM > I have been messing around with just such an interface. It is over at > www.turtleshell.net and it is called the MiniVM. I have it prebuilt > into a VMware image. I welcome anyone to download it, toy with it, > and complain about it so that I can fix any bugs. It grew out of a > need in a previous life and I just never let go it. I made sure to > add pretty graphs and a dashboard with some basic data and stats. > > It is running on a trimmed FreeBSD OS and currently only runs OpenVAS > 1.x since the FreeBSD compile and I were having some issues. I have > an update feature built into it so updates can be propagated pretty > quickly. Take a peak and let me know how I can make it better for > all! > > -Scott > > On Thu, Oct 1, 2009 at 07:53, Michiel van Es wrote: >> Hello, >> >> First of all I would like to say thank you for such a nice open source >> and free alternative for Nessus. >> I am using OpenVAS with the OpenVAS-client to scan my networks but are >> there any tools like Inprotect to manage these scans? >> I see Autonessus but is there also a tool which can create pie charts or >> pdf's. >> The html is very very nice but I want to create a report over the last >> month, year etc and pie charts and some nice graps help convincing my >> management ;) >> >> Thanks in advance and again: thanks for such a nice tool! >> >> Kind regards, >> >> Michiel >> _______________________________________________ >> Openvas-discuss mailing list >> Openvas-discuss at wald.intevation.org >> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss >> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkrchvkACgkQSU+5fmlaNkNkgwCfemgzw8YFt+QHNKCQNwe9XNDj gaIAniaC2+9m5TptBENKJeoMcF1c7h+0 =oBHx -----END PGP SIGNATURE----- From salgatt at turtleshell.net Mon Oct 19 17:30:12 2009 From: salgatt at turtleshell.net (Scott Algatt) Date: Mon, 19 Oct 2009 11:30:12 -0400 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4AC4984E.9070802@info.nl> References: <4AC4984E.9070802@info.nl> Message-ID: <4e0e17360910190830j1b7e5655o3fedd88a0c1e37e7@mail.gmail.com> I have been messing around with just such an interface. It is over at www.turtleshell.net and it is called the MiniVM. I have it prebuilt into a VMware image. I welcome anyone to download it, toy with it, and complain about it so that I can fix any bugs. It grew out of a need in a previous life and I just never let go it. I made sure to add pretty graphs and a dashboard with some basic data and stats. It is running on a trimmed FreeBSD OS and currently only runs OpenVAS 1.x since the FreeBSD compile and I were having some issues. I have an update feature built into it so updates can be propagated pretty quickly. Take a peak and let me know how I can make it better for all! -Scott On Thu, Oct 1, 2009 at 07:53, Michiel van Es wrote: > Hello, > > First of all I would like to say thank you for such a nice open source > and free alternative for Nessus. > I am using OpenVAS with the OpenVAS-client to scan my networks but are > there any tools like Inprotect to manage these scans? > I see Autonessus but is there also a tool which can create pie charts or > ?pdf's. > The html is very very nice but I want to create a report over the last > month, year etc and pie charts and some nice graps help convincing my > management ;) > > Thanks in advance and again: thanks for such a nice tool! > > Kind regards, > > Michiel > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > From salgatt at turtleshell.net Mon Oct 19 18:07:20 2009 From: salgatt at turtleshell.net (Scott Algatt) Date: Mon, 19 Oct 2009 12:07:20 -0400 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4ADC86F9.3040108@info.nl> References: <4AC4984E.9070802@info.nl> <4e0e17360910190830j1b7e5655o3fedd88a0c1e37e7@mail.gmail.com> <4ADC86F9.3040108@info.nl> Message-ID: <4e0e17360910190907i12e1ba37p265c1ac1323edfde@mail.gmail.com> The whole thing is a web based system so you wouldn't really need to know FreeBSD. I agree, it would be nice to move to OpenVAS 2.x but I haven't been able to get over to recompile recently...Its on the todo. On Mon, Oct 19, 2009 at 11:34, Michiel van Es wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi Scott, > > Isn't it possible to just provide the tools and frontend? > I mean: I really don't want to run an extra server with freebsd which I > don't know that well to maintain :) > And it would be nice to use the OpenVAS 2.* version (or latest stable > version). > > Kind regards, > > Michiel > > > - -------- Original Message -------- > Subject: [Openvas-discuss] Some OpenVAS questions > From: Scott Algatt > To: openvas-discuss at wald.intevation.org > > Date: 10/19/2009 05:30 PM > >> I have been messing around with just such an interface. ?It is over at >> www.turtleshell.net and it is called the MiniVM. ?I have it prebuilt >> into a VMware image. ?I welcome anyone to download it, toy with it, >> and complain about it so that I can fix any bugs. ?It grew out of a >> need in a previous life and I just never let go it. ?I made sure to >> add pretty graphs and a dashboard with some basic data and stats. >> >> It is running on a trimmed FreeBSD OS and currently only runs OpenVAS >> 1.x since the FreeBSD compile and I were having some issues. ?I have >> an update feature built into it so updates can be propagated pretty >> quickly. ?Take a peak and let me know how I can make it better for >> all! >> >> -Scott >> >> On Thu, Oct 1, 2009 at 07:53, Michiel van Es wrote: >>> Hello, >>> >>> First of all I would like to say thank you for such a nice open source >>> and free alternative for Nessus. >>> I am using OpenVAS with the OpenVAS-client to scan my networks but are >>> there any tools like Inprotect to manage these scans? >>> I see Autonessus but is there also a tool which can create pie charts or >>> ?pdf's. >>> The html is very very nice but I want to create a report over the last >>> month, year etc and pie charts and some nice graps help convincing my >>> management ;) >>> >>> Thanks in advance and again: thanks for such a nice tool! >>> >>> Kind regards, >>> >>> Michiel >>> _______________________________________________ >>> Openvas-discuss mailing list >>> Openvas-discuss at wald.intevation.org >>> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss >>> > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkrchvkACgkQSU+5fmlaNkNkgwCfemgzw8YFt+QHNKCQNwe9XNDj > gaIAniaC2+9m5TptBENKJeoMcF1c7h+0 > =oBHx > -----END PGP SIGNATURE----- > From Jan-Oliver.Wagner at greenbone.net Tue Oct 20 13:48:43 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Tue, 20 Oct 2009 13:48:43 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4ADC6821.9020305@info.nl> References: <4AC4984E.9070802@info.nl> <4AC4D753.4040005@info.nl> <4ADC6821.9020305@info.nl> Message-ID: <200910201348.44215.Jan-Oliver.Wagner@greenbone.net> On Monday 19 October 2009 15:22:41 Michiel van Es wrote: > To keep this project *up*: > > Isn't it possible to dump the results in a sql database and use jgraph > to create nice pie graphs? OpenVAS-Client has options to create sql. Try OpneVAS-Client --help for more and watch out for option "--sqlize-output". Haven't tested this feature myself though. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck AG Osnabr?ck, HR B 202460 | Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From Jan-Oliver.Wagner at greenbone.net Tue Oct 20 13:52:41 2009 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Tue, 20 Oct 2009 13:52:41 +0200 Subject: [Openvas-discuss] OpenVAS - SSL Error In-Reply-To: <4AD7C2EC.7090801@secinfy.com> References: <4AD2346F.1020703@secinfy.com> <200910140048.59222.jan-oliver.wagner@intevation.de> <4AD7C2EC.7090801@secinfy.com> Message-ID: <200910201352.41510.Jan-Oliver.Wagner@greenbone.net> On Friday 16 October 2009 02:48:44 SECInfy Team wrote: > Any idea what is the fix of this error? How can I make it work now? it was wrong that "none" was handled in some way. It is not possible use plaintext communication. You can access the scanner e.g. via OpenVAS-Client. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck AG Osnabr?ck, HR B 202460 | Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From michiele at info.nl Wed Oct 21 11:45:33 2009 From: michiele at info.nl (Michiel van Es) Date: Wed, 21 Oct 2009 11:45:33 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <200910201348.44215.Jan-Oliver.Wagner@greenbone.net> References: <4AC4984E.9070802@info.nl> <4AC4D753.4040005@info.nl> <4ADC6821.9020305@info.nl> <200910201348.44215.Jan-Oliver.Wagner@greenbone.net> Message-ID: <4ADED83D.7080400@info.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------- Original Message -------- Subject: [Openvas-discuss] Some OpenVAS questions From: Jan-Oliver Wagner To: openvas-discuss at wald.intevation.org Date: 10/20/2009 01:48 PM > On Monday 19 October 2009 15:22:41 Michiel van Es wrote: >> To keep this project *up*: >> >> Isn't it possible to dump the results in a sql database and use jgraph >> to create nice pie graphs? > > OpenVAS-Client has options to create sql. > Try > OpneVAS-Client --help > for more and watch out for option "--sqlize-output". > > Haven't tested this feature myself though. Hi Jan, Yes I saw that option but I was wondering if people got any experience with that option? Do I get an .sql file and can I import it in a mysql table/db for example? ANd then use php/jpgraph to plot some nice graphs. > > Best > Kind regards, Michiel > Jan > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkre2D0ACgkQSU+5fmlaNkOHDACcD/DE9GGl8PZdh4zB0bZNGAIw LYMAoLXVKrgA6ui4ZXrn3tiMdKJd2yfS =QvYv -----END PGP SIGNATURE----- From michiele at info.nl Wed Oct 21 17:37:54 2009 From: michiele at info.nl (Michiel van Es) Date: Wed, 21 Oct 2009 17:37:54 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <200910201348.44215.Jan-Oliver.Wagner@greenbone.net> References: <4AC4984E.9070802@info.nl> <4AC4D753.4040005@info.nl> <4ADC6821.9020305@info.nl> <200910201348.44215.Jan-Oliver.Wagner@greenbone.net> Message-ID: <4ADF2AD2.60707@info.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------- Original Message -------- Subject: [Openvas-discuss] Some OpenVAS questions From: Jan-Oliver Wagner To: openvas-discuss at wald.intevation.org Date: 10/20/2009 01:48 PM > On Monday 19 October 2009 15:22:41 Michiel van Es wrote: >> To keep this project *up*: >> >> Isn't it possible to dump the results in a sql database and use jgraph >> to create nice pie graphs? > Hi Jan > OpenVAS-Client has options to create sql. > Try > OpneVAS-Client --help > for more and watch out for option "--sqlize-output". > > Haven't tested this feature myself though. I tried it but I can not get the results in sql format?! I ran it like: OpenVAS-Client -q 127.0.0.1 9390 admin geheim007 /root/scripts/audits/networks/bcm.txt -p -P -S bcm_results.sql But I don't get an .sql file..maybe I use it the wrong way? Anybody of the OpenVAS team can shed their light on this matter? > > Best > > Jan > Michiel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkrfKtIACgkQSU+5fmlaNkNCxQCgwb0YTzk/UfO4wKu9C8YVRu8B PKgAoKn0dBs++I/yjXL8gb+fu71+XC4A =NbSA -----END PGP SIGNATURE----- From michael.meyer at intevation.de Wed Oct 21 17:57:29 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Wed, 21 Oct 2009 17:57:29 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4ADF2AD2.60707@info.nl> References: <4AC4984E.9070802@info.nl> <4AC4D753.4040005@info.nl> <4ADC6821.9020305@info.nl> <200910201348.44215.Jan-Oliver.Wagner@greenbone.net> <4ADF2AD2.60707@info.nl> Message-ID: <20091021155729.GA15457@komma-nix.de> Hello, *** Michiel van Es wrote: > From: Jan-Oliver Wagner > > OpenVAS-Client has options to create sql. > > Try > > OpneVAS-Client --help > > for more and watch out for option "--sqlize-output". > > > > Haven't tested this feature myself though. > > I tried it but I can not get the results in sql format?! > I ran it like: > OpenVAS-Client -q 127.0.0.1 9390 admin geheim007 > /root/scripts/audits/networks/bcm.txt -p -P -S bcm_results.sql ,---[ OpenVAS-Client --help ] | -p, --list-plugins Obtain list of plugins installed on the server | -P, --list-prefs Obtain list of server and plugin preferences | | [...] | | -S, --sqlize-output Issue SQL output for -p and -P (experimental) `---| As you can see '-S' is only valid for '-p' and/or '-P'. > But I don't get an .sql file..maybe I use it the wrong way? You can use '-T xml', parse the XML-Report e.g. with perl and *then* store the results in your database. http://search.cpan.org/~grantm/XML-Simple-2.18/lib/XML/Simple.pm Maybe worth a look... http://search.cpan.org/~dkyger/Parse-Nessus-NBE-1.1/NBE.pm http://search.cpan.org/~rbow/Parse-Nessus-XML-1.14/lib/Parse/Nessus/XML.pm Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From michiele at info.nl Wed Oct 21 18:03:51 2009 From: michiele at info.nl (Michiel van Es) Date: Wed, 21 Oct 2009 18:03:51 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <20091021155729.GA15457@komma-nix.de> References: <4AC4984E.9070802@info.nl> <4AC4D753.4040005@info.nl> <4ADC6821.9020305@info.nl> <200910201348.44215.Jan-Oliver.Wagner@greenbone.net> <4ADF2AD2.60707@info.nl> <20091021155729.GA15457@komma-nix.de> Message-ID: <4ADF30E7.5010800@info.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------- Original Message -------- Subject: [Openvas-discuss] Some OpenVAS questions From: Michael Meyer To: openvas-discuss at wald.intevation.org Date: 10/21/2009 05:57 PM > Hello, Hi, > > *** Michiel van Es wrote: >> From: Jan-Oliver Wagner > >>> OpenVAS-Client has options to create sql. >>> Try >>> OpneVAS-Client --help >>> for more and watch out for option "--sqlize-output". >>> >>> Haven't tested this feature myself though. >> I tried it but I can not get the results in sql format?! >> I ran it like: >> OpenVAS-Client -q 127.0.0.1 9390 admin geheim007 >> /root/scripts/audits/networks/bcm.txt -p -P -S bcm_results.sql > > ,---[ OpenVAS-Client --help ] > | -p, --list-plugins Obtain list of plugins installed on the server > | -P, --list-prefs Obtain list of server and plugin preferences > | > | [...] > | > | -S, --sqlize-output Issue SQL output for -p and -P (experimental) > `---| > > As you can see '-S' is only valid for '-p' and/or '-P'. I see but Iuse them both as you can see.. > >> But I don't get an .sql file..maybe I use it the wrong way? > > You can use '-T xml', parse the XML-Report e.g. with perl and *then* > store the results in your database. I tried it with: OpenVAS-Client -q 127.0.0.1 9390 admin geheim007 /root/scripts/audits/networks/bcm.txt -p -P -S -T xml bcm_results.xml But got no bcm_results.xml :( Only ouput to screen > > http://search.cpan.org/~grantm/XML-Simple-2.18/lib/XML/Simple.pm > > Maybe worth a look... > > http://search.cpan.org/~dkyger/Parse-Nessus-NBE-1.1/NBE.pm > http://search.cpan.org/~rbow/Parse-Nessus-XML-1.14/lib/Parse/Nessus/XML.pm Thanks, I will certainly make something out of the xml file :) > > Micha > Michiel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkrfMOcACgkQSU+5fmlaNkMT3QCgibM5Stp1bEvUfjtmRuS6TTVT Jq4An1OGqyCKllP1QneImekOD+zDXqU3 =evMO -----END PGP SIGNATURE----- From michiele at info.nl Wed Oct 21 18:16:56 2009 From: michiele at info.nl (Michiel van Es) Date: Wed, 21 Oct 2009 18:16:56 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4ADF30E7.5010800@info.nl> References: <4AC4984E.9070802@info.nl> <4AC4D753.4040005@info.nl> <4ADC6821.9020305@info.nl> <200910201348.44215.Jan-Oliver.Wagner@greenbone.net> <4ADF2AD2.60707@info.nl> <20091021155729.GA15457@komma-nix.de> <4ADF30E7.5010800@info.nl> Message-ID: <4ADF33F8.6000403@info.nl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------- Original Message -------- Subject: [Openvas-discuss] Some OpenVAS questions From: Michiel van Es To: openvas-discuss at wald.intevation.org Date: 10/21/2009 06:03 PM > > > -------- Original Message -------- > Subject: [Openvas-discuss] Some OpenVAS questions > From: Michael Meyer > To: openvas-discuss at wald.intevation.org > > Date: 10/21/2009 05:57 PM > >> Hello, > > Hi, > >> *** Michiel van Es wrote: >>> From: Jan-Oliver Wagner > >>>> OpenVAS-Client has options to create sql. >>>> Try >>>> OpneVAS-Client --help >>>> for more and watch out for option "--sqlize-output". >>>> >>>> Haven't tested this feature myself though. >>> I tried it but I can not get the results in sql format?! >>> I ran it like: >>> OpenVAS-Client -q 127.0.0.1 9390 admin geheim007 >>> /root/scripts/audits/networks/bcm.txt -p -P -S bcm_results.sql >> ,---[ OpenVAS-Client --help ] >> | -p, --list-plugins Obtain list of plugins installed on the server >> | -P, --list-prefs Obtain list of server and plugin preferences >> | >> | [...] >> | >> | -S, --sqlize-output Issue SQL output for -p and -P (experimental) >> `---| > >> As you can see '-S' is only valid for '-p' and/or '-P'. > > I see but Iuse them both as you can see.. > >>> But I don't get an .sql file..maybe I use it the wrong way? >> You can use '-T xml', parse the XML-Report e.g. with perl and *then* >> store the results in your database. > > I tried it with: > OpenVAS-Client -q 127.0.0.1 9390 admin geheim007 > /root/scripts/audits/networks/bcm.txt -p -P -S -T xml bcm_results.xml > > But got no bcm_results.xml :( > Only ouput to screen > >> http://search.cpan.org/~grantm/XML-Simple-2.18/lib/XML/Simple.pm > >> Maybe worth a look... > >> http://search.cpan.org/~dkyger/Parse-Nessus-NBE-1.1/NBE.pm >> http://search.cpan.org/~rbow/Parse-Nessus-XML-1.14/lib/Parse/Nessus/XML.pm > > Thanks, I will certainly make something out of the xml file :) Ah stupid me, I don't need the -P and -p ouput for now I can jut use the - -T xml output . But if I get it right I see the sql ouput is available for the plugins but not for the results? So I can have an .xml file with the results and a .sql file with the loaded plugins? To combine them both I have to run a perl script to parse the xml files in to sql files right? Regards, Michiel > >> Micha > > Michiel _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkrfM/gACgkQSU+5fmlaNkPo3wCfRSCseRBR2gw6V+X5idvTII9N +L0AoJVR67X4LgCxNPBPyZXaQb/65SKG =3Qw/ -----END PGP SIGNATURE----- From michael.meyer at intevation.de Wed Oct 21 19:03:24 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Wed, 21 Oct 2009 19:03:24 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4ADF30E7.5010800@info.nl> References: <4AC4984E.9070802@info.nl> <4AC4D753.4040005@info.nl> <4ADC6821.9020305@info.nl> <200910201348.44215.Jan-Oliver.Wagner@greenbone.net> <4ADF2AD2.60707@info.nl> <20091021155729.GA15457@komma-nix.de> <4ADF30E7.5010800@info.nl> Message-ID: <20091021170324.GB15457@komma-nix.de> *** Michiel van Es wrote: > From: Michael Meyer > >> But I don't get an .sql file..maybe I use it the wrong way? > > > > You can use '-T xml', parse the XML-Report e.g. with perl and *then* > > store the results in your database. > > I tried it with: > OpenVAS-Client -q 127.0.0.1 9390 admin geheim007 > /root/scripts/audits/networks/bcm.txt -p -P -S -T xml bcm_results.xml > > But got no bcm_results.xml :( > Only ouput to screen ,---| | OpenVAS-Client -T xml -q 127.0.0.1 9390 /path/to/targetFile /path/to/result.xml `---| and you get a result.xml. ,---[ result.xml ] | | | | | | | 3.0.0.beta4 | 3.0.0.beta4 | fork | | [...] `---| It seems not to be possible to use both '-p' and '-P' at the same time. If i use both i only get the list of server and plugin preferences. '-S' seems also not to work with '-P'. I get non-SQL output for '-S -P'. '-S -p' works as expected. ,---| | mime at kira:~ % OpenVAS-Client -p -S -q 127.0.0.1 9390 | DROP TABLE IF EXISTS plugins; | CREATE TABLE plugins ( | [...] `---| Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From felix.wolfsteller at intevation.de Thu Oct 22 09:30:40 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Thu, 22 Oct 2009 09:30:40 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <4ADF2AD2.60707@info.nl> References: <4AC4984E.9070802@info.nl> <200910201348.44215.Jan-Oliver.Wagner@greenbone.net> <4ADF2AD2.60707@info.nl> Message-ID: <200910220930.40881.felix.wolfsteller@intevation.de> On Wednesday 21 October 2009 17:37:54 Michiel van Es wrote: > > OpenVAS-Client has options to create sql. > > Try > > OpneVAS-Client --help > > for more and watch out for option "--sqlize-output". > > > > Haven't tested this feature myself though. > > I tried it but I can not get the results in sql format?! > I ran it like: > OpenVAS-Client -q 127.0.0.1 9390 admin geheim007 > /root/scripts/audits/networks/bcm.txt -p -P -S bcm_results.sql > > But I don't get an .sql file..maybe I use it the wrong way? > > Anybody of the OpenVAS team can shed their light on this matter? If anything does not work as stated in the help (OpenVAS-Client --help), please file a bug report on http://bugs.intevation.de. Also, if the output of --help can be clarified in any way, feel free to drop an email with a suggestion for improvement here. enjoy, -- felix -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From felix.wolfsteller at intevation.de Thu Oct 22 10:13:07 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Thu, 22 Oct 2009 10:13:07 +0200 Subject: [Openvas-discuss] Some OpenVAS questions In-Reply-To: <200910220930.40881.felix.wolfsteller@intevation.de> References: <4AC4984E.9070802@info.nl> <4ADF2AD2.60707@info.nl> <200910220930.40881.felix.wolfsteller@intevation.de> Message-ID: <200910221013.07569.felix.wolfsteller@intevation.de> On Thursday 22 October 2009 09:30:40 Felix Wolfsteller wrote: > > If anything does not work as stated in the help (OpenVAS-Client --help), > please file a bug report on http://bugs.intevation.de. excuse me, read: http://bugs.openvas.org -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From angelo.compagnucci at gmail.com Wed Oct 28 11:40:18 2009 From: angelo.compagnucci at gmail.com (Angelo Compagnucci) Date: Wed, 28 Oct 2009 11:40:18 +0100 Subject: [Openvas-discuss] OpenVAS and Nikto Message-ID: <777f2ade0910280340m31e92bcaj47d8348aa59fa30d@mail.gmail.com> Hello list, I'm having a trouble using OpenVAS and Nikto. If I run nikto manually, It returns some results ( Example Joomla My_eGallery installed) which are true. But when It runs from OpenVAS this results are not displayed in the final report. I'm sure that Nikto was running from OpenVAS because I followed interactively OpenVAS spawning processes from htop. Thanks in advance! From geoff at galitz.org Wed Oct 28 11:52:34 2009 From: geoff at galitz.org (Geoff Galitz) Date: Wed, 28 Oct 2009 03:52:34 -0700 Subject: [Openvas-discuss] OpenVAS and Nikto Message-ID: <23004.1256727154@sonic.net> ? I've seen similar behavior in the past.? I believe, but have not verified, that the nikto wrapper is not properly detecting https ports are open in certain conditions.??Does your scan involve https rather than just http? -geoff ----------------------------------------- Geoff Galitz Blankenheim, Germany http://www.galitz.org On Wed 28/10/09 11:40 , "Angelo Compagnucci" angelo.compagnucci at gmail.com sent: Hello list, I'm having a trouble using OpenVAS and Nikto. If I run nikto manually, It returns some results ( Example Joomla My_eGallery installed) which are true. But when It runs from OpenVAS this results are not displayed in the final report. I'm sure that Nikto was running from OpenVAS because I followed interactively OpenVAS spawning processes from htop. Thanks in advance! _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20091028/497354e6/attachment.htm From michael.meyer at intevation.de Wed Oct 28 11:55:59 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Wed, 28 Oct 2009 11:55:59 +0100 Subject: [Openvas-discuss] OpenVAS and Nikto In-Reply-To: <777f2ade0910280340m31e92bcaj47d8348aa59fa30d@mail.gmail.com> References: <777f2ade0910280340m31e92bcaj47d8348aa59fa30d@mail.gmail.com> Message-ID: <20091028105559.GB1541@komma-nix.de> Hello, *** Angelo Compagnucci wrote: > I'm having a trouble using OpenVAS and Nikto. > > If I run nikto manually, It returns some results ( Example Joomla > My_eGallery installed) which are true. > > But when It runs from OpenVAS this results are not displayed in the > final report. please try: /bin/openvas-nasl -X -t /lib/openvas/plugins/nikto.nasl Did you get any output? Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From angelo.compagnucci at gmail.com Wed Oct 28 12:52:35 2009 From: angelo.compagnucci at gmail.com (Angelo Compagnucci) Date: Wed, 28 Oct 2009 12:52:35 +0100 Subject: [Openvas-discuss] OpenVAS and Nikto In-Reply-To: <20091028105559.GB1541@komma-nix.de> References: <777f2ade0910280340m31e92bcaj47d8348aa59fa30d@mail.gmail.com> <20091028105559.GB1541@komma-nix.de> Message-ID: <777f2ade0910280452m5112edd8pbf68b261da867ffb@mail.gmail.com> OK, I've tried with your suggestion, this is the output: Here is the Nikto report: - Nikto v2.1.0/2.1.0 --------------------------------------------------------------------------- + Target IP: + Target Hostname: + Target Port: 80 + Start Time: 2009-10-29 12:25:07 --------------------------------------------------------------------------- + Server: Apache + No CGI Directories found (use '-C all' to force check all possible dirs) + OSVDB-0: Allowed HTTP Methods: GET, HEAD, POST, OPTIONS + OSVDB-6694: /.DS_Store: Apache on Mac OSX will serve the .DS_Store file, which contains sensitive information. Configure Apache to ignore this file or upgrade to a newer version. + OSVDB-3268: /icons/: Directory indexing is enabled: /icons + OSVDB-6694: /.DS_Store: Apache on Mac OSX will serve the .DS_Store file, which contains sensitive information. Configure Apache to ignore this file or upgrade to a newer version. + OSVDB-3233: /icons/README: Apache default file found. + 3582 items checked: 5 item(s) reported on remote host + End Time: 2009-10-29 12:35:33 (626 seconds) --------------------------------------------------------------------------- + 1 host(s) tested [29498] plug_set_key:internal_send(0)['1 SentData/(null)/INFO=Here is the Nikto report:\n- Nikto v2.1.0/2.1.0\n---------------------------------------------------------------------------\n+ Target IP: \n+ Target Hostname: \n+ Target Port: 80\n+ Start Time: 2009-10-29 12:25:07\n---------------------------------------------------------------------------\n+ Server: Apache\n+ No CGI Directories found (use '-C all' to force check all possible dirs)\n+ OSVDB-0: Allowed HTTP Methods: GET, HEAD, POST, OPTIONS \n+ OSVDB-6694: /.DS_Store: Apache on Mac OSX will serve the .DS_Store file, which contains sensitive information. Configure Apache to ignore this file or upgrade to a newer version.\n+ OSVDB-3268: /icons/: Directory indexing is enabled: /icons\n+ OSVDB-6694: /.DS_Store: Apache on Mac OSX will serve the .DS_Store file, which contains sensitive information. Configure Apache to ignore this file or upgrade to a newer version.\n+ OSVDB-3233: /icons/README: Apache default file found.\n+ 3582 items checked: 5 item(s) reported on remote host\n+ End Time: 2009-10-29 12:35:33 (626 seconds)\n---------------------------------------------------------------------------\n+ 1 host(s) tested\n; ']: Socket operation on non-socket [29498] plug_set_key:internal_send(0)['3 Success/(null)=1; ']: Socket operation on non-socket The plugin seems to work well and the report variable is correctly populated. The results differs from what I'm expected beacuse I cannot pass the same parameters that OpenVAS passes to the plugin during the test phase ( -vhost parameter). Thanks 2009/10/28 Michael Meyer : > Hello, > > *** Angelo Compagnucci wrote: >> I'm having a trouble using OpenVAS and Nikto. >> >> If I run nikto manually, It returns some results ( Example Joomla >> My_eGallery installed) which are true. >> >> But when It runs from OpenVAS this results are not displayed in the >> final report. > > please try: > > /bin/openvas-nasl -X -t /lib/openvas/plugins/nikto.nasl > > Did you get any output? > > Micha > > -- > Michael Meyer ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? OpenPGP Key: 76E050B9 > http://www.intevation.de > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: ? Frank Koormann, ?Bernhard Reiter, ?Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > From bchandra at secpod.com Wed Oct 28 13:17:05 2009 From: bchandra at secpod.com (Chandrashekhar B) Date: Wed, 28 Oct 2009 17:47:05 +0530 Subject: [Openvas-discuss] OpenVAS and Nikto In-Reply-To: <777f2ade0910280452m5112edd8pbf68b261da867ffb@mail.gmail.com> References: <777f2ade0910280340m31e92bcaj47d8348aa59fa30d@mail.gmail.com> <20091028105559.GB1541@komma-nix.de> <777f2ade0910280452m5112edd8pbf68b261da867ffb@mail.gmail.com> Message-ID: Hello Angelo, > The plugin seems to work well and the report variable is > correctly populated. > > The results differs from what I'm expected beacuse I cannot > pass the same parameters that OpenVAS passes to the plugin > during the test phase ( -vhost parameter). > > Thanks When you run from openvas-nasl, the KB items (http/80) are not set and that's why -vhost option hasn't worked. But, when you launch OpenVAS scanning, this should have worked since the plugin is working as expected. You see no report at all specific to Nikto or the report is partial? Chandra. From michael.meyer at intevation.de Wed Oct 28 13:50:35 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Wed, 28 Oct 2009 13:50:35 +0100 Subject: [Openvas-discuss] OpenVAS and Nikto In-Reply-To: <777f2ade0910280452m5112edd8pbf68b261da867ffb@mail.gmail.com> References: <777f2ade0910280340m31e92bcaj47d8348aa59fa30d@mail.gmail.com> <20091028105559.GB1541@komma-nix.de> <777f2ade0910280452m5112edd8pbf68b261da867ffb@mail.gmail.com> Message-ID: <20091028125035.GA2873@komma-nix.de> Hello, *** Angelo Compagnucci wrote: > + Start Time: 2009-10-29 12:25:07 > + End Time: 2009-10-29 12:35:33 (626 seconds) 10 Minutes. So nikto.nasl was maybe killed by openvasd. Please do: grep killing /var/log/openvas/openvasd.messages Any output? Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From angelo.compagnucci at gmail.com Wed Oct 28 13:59:21 2009 From: angelo.compagnucci at gmail.com (Angelo Compagnucci) Date: Wed, 28 Oct 2009 13:59:21 +0100 Subject: [Openvas-discuss] OpenVAS and Nikto In-Reply-To: <20091028125035.GA2873@komma-nix.de> References: <777f2ade0910280340m31e92bcaj47d8348aa59fa30d@mail.gmail.com> <20091028105559.GB1541@komma-nix.de> <777f2ade0910280452m5112edd8pbf68b261da867ffb@mail.gmail.com> <20091028125035.GA2873@komma-nix.de> Message-ID: <777f2ade0910280559k69c20b5cgacab90743290418@mail.gmail.com> 2009/10/28 Michael Meyer : > Hello, > > *** Angelo Compagnucci wrote: > >> + Start Time: ? ? ? ? 2009-10-29 12:25:07 >> + End Time: ? ? ? ? ? 2009-10-29 12:35:33 (626 seconds) > > 10 Minutes. So nikto.nasl was maybe killed by openvasd. > > Please do: > > grep killing /var/log/openvas/openvasd.messages > Any output? Nope, nothing. Nikto closes by itself after scanning. 10 minutes + 26 seconds is a bit odd for a timeout ... Thanks > > Micha > > -- > Michael Meyer ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? OpenPGP Key: 76E050B9 > http://www.intevation.de > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: ? Frank Koormann, ?Bernhard Reiter, ?Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > From angelo.compagnucci at gmail.com Wed Oct 28 15:11:04 2009 From: angelo.compagnucci at gmail.com (Angelo Compagnucci) Date: Wed, 28 Oct 2009 15:11:04 +0100 Subject: [Openvas-discuss] OpenVAS and Nikto In-Reply-To: <7038F75027C14E16AE21D4862F47A94B@bchandra> References: <777f2ade0910280340m31e92bcaj47d8348aa59fa30d@mail.gmail.com> <20091028105559.GB1541@komma-nix.de> <777f2ade0910280452m5112edd8pbf68b261da867ffb@mail.gmail.com> <777f2ade0910280555h65e82ddaw653424fb24ac411e@mail.gmail.com> <7038F75027C14E16AE21D4862F47A94B@bchandra> Message-ID: <777f2ade0910280711g33b9cb0as82f774f8b639fd0d@mail.gmail.com> Hello Chandra > Since you are running from command line, check 'auto_enable_dependencies' is > set to 'yes' in openvasrc. Additionally, tail to the log file > (/usr/local/var/log/openvas/openvasd.messages) and see if some HTTP related > plugins and nikto.nasl is successfully launched and finished (you shouldn't > see 'process died' or 'killed' messages). Of course I've read all log files and error messages before writing to the mailing list. I hate when someone erase my time with stupid and easily resolveable questions, so I tend not to be annoying. > Also tail to KB files > (/usr/local/var/lib/openvas/users/OPENVAS_USER/kbs/TARGET_IP) and see if KB > items related to HTTP are set. KB is disabled, so the tests should be started from the begining. I confirm that nikto process is correctly forked by OpenVAS and it reaches its end of execution without errors. Nope the openvasd.dump nor the openvasd.messaseges show errors or premature exit. OpenVAS compendium says about nikto: "If the Nikto plugin is present and enabled, it will be executed with your next scan. The results returned by Nikto will be available together with the rest of the scan results." If this is the correct behaiviuor, I encountered a bug ... Thanks From angelo.compagnucci at gmail.com Wed Oct 28 16:30:04 2009 From: angelo.compagnucci at gmail.com (Angelo Compagnucci) Date: Wed, 28 Oct 2009 16:30:04 +0100 Subject: [Openvas-discuss] SOLVED OpenVAS and Nikto Message-ID: <777f2ade0910280830l248e3e09mf940ba71a077a3bd@mail.gmail.com> Ok I solved ! The problem was the client timeout. Nikto takes 1168 seconds to complete, far more than the client timeout. But the log shows only: [Wed Oct 28 16:14:01 2009][30533] Stopping the whole test (requested by client) Without signalling an error. I set the timeout to 1800 seconds to be sure that Nikto uses the time it needs. Angelo From felix.wolfsteller at intevation.de Thu Oct 29 08:18:25 2009 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Thu, 29 Oct 2009 08:18:25 +0100 Subject: [Openvas-discuss] SOLVED OpenVAS and Nikto In-Reply-To: <777f2ade0910280830l248e3e09mf940ba71a077a3bd@mail.gmail.com> References: <777f2ade0910280830l248e3e09mf940ba71a077a3bd@mail.gmail.com> Message-ID: <200910290818.25947.felix.wolfsteller@intevation.de> On Wednesday 28 October 2009 16:30:04 Angelo Compagnucci wrote: > The problem was the client timeout. Nikto takes 1168 seconds to > complete, far more than the client timeout. > But the log shows only: > [Wed Oct 28 16:14:01 2009][30533] Stopping the whole test (requested by > client) Mmh, this message is not related to timeouts, but should come only if you press the "Stop" button on the window showing the scan progress (did you?). > Without signalling an error. Unfortunately, besides the scanners log messages there is no way to tell whether a plugin gracefully exited at the moment. It is also unclear what happens to the child processes of the process that was running the nvt (e.g. I believe nikto survives when the process running nikto.nasl is killed). > I set the timeout to 1800 seconds to be sure that Nikto uses the time it > needs. Good that you were able to resolve the issue, but there should have been a message in the logs. If you can reproduce the behaviour (no results due to timeout, but no message in the logfiles), I would appreciate if you file a bug report at http://bugs.openvas.org. Please make sure that all options regarding logging in your openvas(s)d.conf are set to "yes". Thanks. -- felix -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From angelo.compagnucci at gmail.com Thu Oct 29 10:57:50 2009 From: angelo.compagnucci at gmail.com (Angelo Compagnucci) Date: Thu, 29 Oct 2009 10:57:50 +0100 Subject: [Openvas-discuss] Joomla != Mambo Message-ID: <777f2ade0910290257u40db8f9cvd713fb69d87b0ac3@mail.gmail.com> Hi list! I'm reading mambo_detect.nasl and I discovered this plugin looks only for mambo, not Joomla! Is there a plugin that detects Joomla? Alternatively I could modify mambo_detect in joomla_detect for Joomla detection! Angelo From michael.meyer at intevation.de Thu Oct 29 11:42:19 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Thu, 29 Oct 2009 11:42:19 +0100 Subject: [Openvas-discuss] Joomla != Mambo In-Reply-To: <777f2ade0910290257u40db8f9cvd713fb69d87b0ac3@mail.gmail.com> References: <777f2ade0910290257u40db8f9cvd713fb69d87b0ac3@mail.gmail.com> Message-ID: <20091029104218.GA23296@komma-nix.de> *** Angelo Compagnucci wrote: > Is there a plugin that detects Joomla? No. > Alternatively I could modify mambo_detect in joomla_detect for > Joomla detection! Yes, please do. We are always happy abpout new plugin writers. ;) Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From mrpilot at gmail.com Thu Oct 29 21:02:02 2009 From: mrpilot at gmail.com (Jason Steele) Date: Thu, 29 Oct 2009 15:02:02 -0500 Subject: [Openvas-discuss] RSYNC Hanging Problem Message-ID: Hello everyone, I've been working on setting up OpenVAS 2.0.3 (I think that's the one that version that comes as a Debian package) on a Debian 5.0 (Lenny) server. Whenever I try to RSYNC with the NVT feed, it goes along fine until it comes to: tomcat_server_default_files.nasl.asc 197 100% 1.69kb/s 0:00:00 (xfer#29109, to-check=744/29854) At that point, the RSYNC just hangs and does nothing further. If I do a CTRL+C and kill it, then re-run the script, it just sits there with no output. The only way I can get it to run again is to fully delete the contents of the /var/lib/openvas/plugins directory. It will then run again but die at the same point. I did some googling and tried out the "--whole-file" switch for RSYNC (by modifying the openvas-nvt-sync script), but to no avail. The same problem exists. I am synchronizing to the default feed at rsync.openvas.org. Any thoughts? Thank you, Jason From michael.meyer at intevation.de Fri Oct 30 09:36:29 2009 From: michael.meyer at intevation.de (Michael Meyer) Date: Fri, 30 Oct 2009 09:36:29 +0100 Subject: [Openvas-discuss] RSYNC Hanging Problem In-Reply-To: References: Message-ID: <20091030083629.GA2765@komma-nix.de> *** Jason Steele wrote: > I've been working on setting up OpenVAS 2.0.3 (I think that's the one > that version that comes as a Debian package) on a Debian 5.0 (Lenny) > server. Whenever I try to RSYNC with the NVT feed, it goes along fine > until it comes to: > > tomcat_server_default_files.nasl.asc > 197 100% 1.69kb/s 0:00:00 (xfer#29109, to-check=744/29854) > > At that point, the RSYNC just hangs and does nothing further. If I do > a CTRL+C and kill it, then re-run the script, it just sits there with > no output. The only way I can get it to run again is to fully delete > the contents of the /var/lib/openvas/plugins directory. It will then > run again but die at the same point. Strange. No idea why this happened. Have a look at http://lists.wald.intevation.org/pipermail/openvas-devel/2009-October/001875.html http://lists.wald.intevation.org/pipermail/openvas-devel/2009-October/001876.html Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From mrpilot at gmail.com Fri Oct 30 14:19:51 2009 From: mrpilot at gmail.com (Jason Steele) Date: Fri, 30 Oct 2009 08:19:51 -0500 Subject: [Openvas-discuss] RSYNC Hanging Problem In-Reply-To: <20091030083629.GA2765@komma-nix.de> References: <20091030083629.GA2765@komma-nix.de> Message-ID: *** Michael Meyer wrote: > Strange. No idea why this happened. Have a look at > > http://lists.wald.intevation.org/pipermail/openvas-devel/2009-October/001875.html > http://lists.wald.intevation.org/pipermail/openvas-devel/2009-October/001876.html > > Micha > > -- > Michael Meyer ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? OpenPGP Key: 76E050B9 > http://www.intevation.de > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: ? Frank Koormann, ?Bernhard Reiter, ?Dr. Jan-Oliver Wagner Downloading the tarball worked perfectly, I think that solution will work just fine. Thank you! Regards, Jason