From Jan-Oliver.Wagner at greenbone.net Mon Feb 1 09:02:04 2010 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Mon, 1 Feb 2010 09:02:04 +0100 Subject: [Openvas-discuss] OpenVAS Live-CD / VM In-Reply-To: <03B980401B9F4DB891C7FD70059CEB96@geoffPC> References: <201001281022.56866.Jan-Oliver.Wagner@greenbone.net> <03B980401B9F4DB891C7FD70059CEB96@geoffPC> Message-ID: <201002010902.05459.Jan-Oliver.Wagner@greenbone.net> Hello Stephan, Geoff, thanks for your comments. IMHO it is very good to have a solution where * VMs and Live-CDs can be managed via a single build environment * The build environment is automized and transparent so that we do not depend on a single person to maintain it IIUC, Geoff is currently setting up such a solution based on rBuilder / CentOS. Seems like a good idea to make this a OpenVAS subproject? I think it would be as easy as creating a new SVN module (eg. "openvas-vm") and drop there a routine that generates a new image from a base image and the newest OpenVAS packages. However, I'd like to avoid to have large binary files in the SVN. Ideal would be a "make vm" with a nice configuration file. We created images with Morphix a while a ago and it was quite handy to just modify the XML configuration file to maintain the image. Geoff, all: Should we go ahead with this? Anything relevant we did not consider? Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From geoff at galitz.org Mon Feb 1 14:23:03 2010 From: geoff at galitz.org (Geoff Galitz) Date: Mon, 1 Feb 2010 14:23:03 +0100 Subject: [Openvas-discuss] OpenVAS Live-CD / VM In-Reply-To: <201002010902.05459.Jan-Oliver.Wagner@greenbone.net> References: <201001281022.56866.Jan-Oliver.Wagner@greenbone.net><03B980401B9F4DB891C7FD70059CEB96@geoffPC> <201002010902.05459.Jan-Oliver.Wagner@greenbone.net> Message-ID: <6E8B2E619B2B4E3CB016F27EA682E4F2@geoffPC> I'll probaby go SUSE Linux. My VM deployments are already SUSE and there are already RPMS for SUSE 3.x so that should make things go much quicker. I'll experiment with a SUSE OpenVAS VM build this week to see how well it works out. If we really want to make a polished VM appliance, I could use help in these particular areas: 1) A menu or GUI tool that makes switching mail hosts, IP configuration, and related system level configs easier. Actually... that is all for the moment. I'm certainly open to additional ideas to make it cooler and easier to use. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss- > bounces at wald.intevation.org] On Behalf Of Jan-Oliver Wagner > Sent: Montag, 1. Februar 2010 09:02 > To: openvas-discuss at wald.intevation.org > Subject: Re: [Openvas-discuss] OpenVAS Live-CD / VM > > Hello Stephan, Geoff, > > thanks for your comments. > > IMHO it is very good to have a solution where > > * VMs and Live-CDs can be managed via a single build environment > * The build environment is automized and transparent so that > we do not depend on a single person to maintain it > > IIUC, Geoff is currently setting up such a solution based > on rBuilder / CentOS. > > Seems like a good idea to make this a OpenVAS subproject? > I think it would be as easy as creating a new SVN module > (eg. "openvas-vm") and drop there a routine that generates > a new image from a base image and the newest OpenVAS packages. > However, I'd like to avoid to have large binary files in the SVN. > > Ideal would be a "make vm" with a nice configuration file. > We created images with Morphix a while a ago and it was > quite handy to just modify the XML configuration file to > maintain the image. > > Geoff, all: Should we go ahead with this? > > Anything relevant we did not consider? > > Best > > Jan > > -- > Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ > Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, > HR B 202460 > Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss From geoff at galitz.org Tue Feb 2 15:24:28 2010 From: geoff at galitz.org (Geoff Galitz) Date: Tue, 2 Feb 2010 15:24:28 +0100 Subject: [Openvas-discuss] OpenVAS Live-CD / VM In-Reply-To: <6E8B2E619B2B4E3CB016F27EA682E4F2@geoffPC> References: <201001281022.56866.Jan-Oliver.Wagner@greenbone.net><03B980401B9F4DB891C7FD70059CEB96@geoffPC><201002010902.05459.Jan-Oliver.Wagner@greenbone.net> <6E8B2E619B2B4E3CB016F27EA682E4F2@geoffPC> Message-ID: Just as a follow up to this, I don't think the rBuilder approach would work with how the OpenVAS team would prefer to do things without porting OpenVAS to rPath Linux. Doing a port is not an efficient use of my time, so I'm going with Stephan's initial recommendation of using KIWI. I'll probably add the XenServer XVA support to KIWI to get what I need and make OpenVAS and XenServer people happy (hopefully). It might be fairly straight-forward as I found some references to ovftool in the KIWI source code which can make a truly portable VM template that can be used by VMWare, XenServer, VitualBox and just about everything else. I'll keep folks updated as I progress. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss- > bounces at wald.intevation.org] On Behalf Of Geoff Galitz > Sent: Montag, 1. Februar 2010 14:23 > To: 'Jan-Oliver Wagner'; openvas-discuss at wald.intevation.org > Subject: Re: [Openvas-discuss] OpenVAS Live-CD / VM > > > > I'll probaby go SUSE Linux. My VM deployments are already SUSE and there > are already RPMS for SUSE 3.x so that should make things go much quicker. > > I'll experiment with a SUSE OpenVAS VM build this week to see how well it > works out. If we really want to make a polished VM appliance, I could use > help in these particular areas: > > 1) A menu or GUI tool that makes switching mail hosts, IP configuration, > and > related system level configs easier. > > Actually... that is all for the moment. I'm certainly open to additional > ideas to make it cooler and easier to use. > > -geoff > > > > --------------------------------- > Geoff Galitz > Blankenheim NRW, Germany > http://www.galitz.org/ > http://german-way.com/blog/ > > > > -----Original Message----- > > From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas- > discuss- > > bounces at wald.intevation.org] On Behalf Of Jan-Oliver Wagner > > Sent: Montag, 1. Februar 2010 09:02 > > To: openvas-discuss at wald.intevation.org > > Subject: Re: [Openvas-discuss] OpenVAS Live-CD / VM > > > > Hello Stephan, Geoff, > > > > thanks for your comments. > > > > IMHO it is very good to have a solution where > > > > * VMs and Live-CDs can be managed via a single build environment > > * The build environment is automized and transparent so that > > we do not depend on a single person to maintain it > > > > IIUC, Geoff is currently setting up such a solution based > > on rBuilder / CentOS. > > > > Seems like a good idea to make this a OpenVAS subproject? > > I think it would be as easy as creating a new SVN module > > (eg. "openvas-vm") and drop there a routine that generates > > a new image from a base image and the newest OpenVAS packages. > > However, I'd like to avoid to have large binary files in the SVN. > > > > Ideal would be a "make vm" with a nice configuration file. > > We created images with Morphix a while a ago and it was > > quite handy to just modify the XML configuration file to > > maintain the image. > > > > Geoff, all: Should we go ahead with this? > > > > Anything relevant we did not consider? > > > > Best > > > > Jan > > > > -- > > Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ > > Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG > Osnabr?ck, > > HR B 202460 > > Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner > > _______________________________________________ > > Openvas-discuss mailing list > > Openvas-discuss at wald.intevation.org > > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss From Jan-Oliver.Wagner at greenbone.net Tue Feb 2 17:03:34 2010 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Tue, 2 Feb 2010 17:03:34 +0100 Subject: [Openvas-discuss] OpenVAS Live-CD / VM In-Reply-To: <6E8B2E619B2B4E3CB016F27EA682E4F2@geoffPC> References: <201001281022.56866.Jan-Oliver.Wagner@greenbone.net> <201002010902.05459.Jan-Oliver.Wagner@greenbone.net> <6E8B2E619B2B4E3CB016F27EA682E4F2@geoffPC> Message-ID: <201002021703.35923.Jan-Oliver.Wagner@greenbone.net> On Montag, 1. Februar 2010, Geoff Galitz wrote: > I'll probaby go SUSE Linux. My VM deployments are already SUSE and there > are already RPMS for SUSE 3.x so that should make things go much quicker. you mean OpenVAS 3.0, I guess :-) > I'll experiment with a SUSE OpenVAS VM build this week to see how well it > works out. If we really want to make a polished VM appliance, I could use > help in these particular areas: > > 1) A menu or GUI tool that makes switching mail hosts, IP configuration, and > related system level configs easier. YaST module? > Actually... that is all for the moment. I'm certainly open to additional > ideas to make it cooler and easier to use. I've done a quick glance at the SUSE appliance build system and they support the XML configuration files in a way that seems pretty OK for our purposes. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From geoff at galitz.org Tue Feb 2 17:21:50 2010 From: geoff at galitz.org (Geoff Galitz) Date: Tue, 2 Feb 2010 17:21:50 +0100 Subject: [Openvas-discuss] OpenVAS Live-CD / VM In-Reply-To: <201002021703.35923.Jan-Oliver.Wagner@greenbone.net> References: <201001281022.56866.Jan-Oliver.Wagner@greenbone.net><201002010902.05459.Jan-Oliver.Wagner@greenbone.net><6E8B2E619B2B4E3CB016F27EA682E4F2@geoffPC> <201002021703.35923.Jan-Oliver.Wagner@greenbone.net> Message-ID: <1F6254687BBC4187B28C6D071997C864@geoffPC> > > I'll probaby go SUSE Linux. My VM deployments are already SUSE and > there > > are already RPMS for SUSE 3.x so that should make things go much > quicker. > > you mean OpenVAS 3.0, I guess :-) > Uh... yeah. ;) > > YaST module? I was thinking about something easily available via the console without having go through different layers of administration to set DNS, IP address configs, mail routing and whatnot. Certainly it can be argued that people using OpenVAS should be familiar enough with Linux that they don't need such a wizard function, but some folks will be coming from other environments and it would be a nice add-on, though certainly low priority. In a JeOS environment we don't even need YaST and a small shell script would a save space. > > I've done a quick glance at the SUSE appliance build system and > they support the XML configuration files in a way that seems pretty > OK for our purposes. > Indeed, KIWI looks flexible enough to get it do what we want without too much trouble, I hope. I really, really need that cross platform (cross hypervisor, if you will) support. -geoff From geoff at galitz.org Tue Feb 2 17:37:12 2010 From: geoff at galitz.org (Geoff Galitz) Date: Tue, 2 Feb 2010 17:37:12 +0100 Subject: [Openvas-discuss] OpenVAS Live-CD / VM In-Reply-To: <1F6254687BBC4187B28C6D071997C864@geoffPC> References: <201001281022.56866.Jan-Oliver.Wagner@greenbone.net><201002010902.05459.Jan-Oliver.Wagner@greenbone.net><6E8B2E619B2B4E3CB016F27EA682E4F2@geoffPC><201002021703.35923.Jan-Oliver.Wagner@greenbone.net> <1F6254687BBC4187B28C6D071997C864@geoffPC> Message-ID: <7C52CD5668C0480BA57073F4ECF821A9@geoffPC> > > > > > I've done a quick glance at the SUSE appliance build system and > > they support the XML configuration files in a way that seems pretty > > OK for our purposes. > > > > Indeed, KIWI looks flexible enough to get it do what we want without too > much trouble, I hope. I really, really need that cross platform (cross > hypervisor, if you will) support. > Actually, if anyone wants to help... please check and see how easy or difficult it is to create OVF or OVA portable images from KIWI/SuSE Appliance Build Service and write a little howto on it. That would help alot. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ From felix.wolfsteller at intevation.de Thu Feb 4 09:59:23 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Thu, 4 Feb 2010 09:59:23 +0100 Subject: [Openvas-discuss] GSOC 2010 Message-ID: <201002040959.24009.felix.wolfsteller@intevation.de> We should start thinking about the Google Summer of Code 2010. There is a pretty small application window, from 8th to 12th March. I am offering help writing the application(s). -- felix http://groups.google.com/group/google-summer-of-code-discuss/browse_thread/thread/d839c0b02ac15b3f -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From kost at linux.hr Thu Feb 4 10:10:55 2010 From: kost at linux.hr (Vlatko Kosturjak) Date: Thu, 4 Feb 2010 10:10:55 +0100 Subject: [Openvas-discuss] GSOC 2010 In-Reply-To: <201002040959.24009.felix.wolfsteller@intevation.de> References: <201002040959.24009.felix.wolfsteller@intevation.de> Message-ID: <20100204091054.GA24458@griffin.linux.hr> On Thu, Feb 04, 2010 at 09:59:23AM +0100, Felix Wolfsteller wrote: > We should start thinking about the Google Summer of Code 2010. > There is a pretty small application window, from 8th to 12th March. > I am offering help writing the application(s). I would definitively agree. Last year we missed it. I'm here to help as well. -- Vlatko Kosturjak - KoSt ICQ: 3631122 From thesp0nge at gmail.com Mon Feb 8 17:23:33 2010 From: thesp0nge at gmail.com (Paolo Perego) Date: Mon, 8 Feb 2010 17:23:33 +0100 Subject: [Openvas-discuss] Apple Mac OS X support for latest release Message-ID: Hi there, for a VA activity I had to perform some days ago I choose to use my mac laptop for openvas stuff. I just downloaded the latest openvas libraries and then I went to configure->make->make install workflow. But it was a nightmare. I actually resolved all the dependencies with mac ports but when I issued the compile command, make failed due to an error related to some networking header file. Since I can give an hand, I ask the list for some pointer (links, documentation, people to contact) about openvas and mac os x so I can give an help in having the tool compiling smooth on a Mac. Regards Paolo -- "... static analysis is fun, again!" OWASP Orizon project leader, http://orizon.sourceforge.net Owasp Italy R&D director From robert.veznaver at fer.hr Mon Feb 8 17:51:15 2010 From: robert.veznaver at fer.hr (=?windows-1252?Q?Robert_Ve=9Enaver?=) Date: Mon, 8 Feb 2010 17:51:15 +0100 Subject: [Openvas-discuss] Apple Mac OS X support for latest release In-Reply-To: References: Message-ID: <41E2599D-0D5B-4978-83E5-42219D120413@fer.hr> On 8. vel. 2010., at 17:23, Paolo Perego wrote: > I just downloaded the latest openvas libraries and then I went to > configure->make->make install workflow. > But it was a nightmare. Ryan Schmidt is the openvas package maintainer for macports. He already posted some bugs concerning compiling OpenVAS 3 on Mac OS X. links: http://wald.intevation.org/tracker/index.php?func=detail&aid=1258&group_id=29&atid=220 http://wald.intevation.org/tracker/index.php?func=detail&aid=1232&group_id=29&atid=220 http://wald.intevation.org/tracker/index.php?func=detail&aid=1233&group_id=29&atid=220 Unfortunately, as far as I can tell, a solution is yet to be found. Regards, Robert -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb From ray.hague at Iowa.gov Tue Feb 9 19:56:33 2010 From: ray.hague at Iowa.gov (Hague, Raymond [IDR]) Date: Tue, 9 Feb 2010 12:56:33 -0600 Subject: [Openvas-discuss] Unable to login thru GSA Message-ID: <1BF719C7B7ED51468E5F99B11F0910D808FFDCE3@IDRDSMEX01.idr.gov.state.ia.us> I have been trying for some time to get GSA to allow me to login, but it refuses my credentials. I loaded 3.0 SD, 1.0b1 MD and GSA 1.0b1 with the parameters in the readme's but to no avail. Am I missing a step? -Ray Hague -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100209/2baa1bc7/attachment.htm From matthew.mundell at intevation.de Tue Feb 9 20:07:33 2010 From: matthew.mundell at intevation.de (Matthew Mundell) Date: 09 Feb 2010 19:07:33 GMT Subject: [Openvas-discuss] Unable to login thru GSA In-Reply-To: Message of Tue, 9 Feb 2010 12:56:33 -0600. <1BF719C7B7ED51468E5F99B11F0910D808FFDCE3@IDRDSMEX01.idr.gov.state.ia.us> Message-ID: <20100209190733.B7BB7DEC09@mail.ukfsn.org> > I have been trying for some time to get GSA to allow me to login, but it > refuses my credentials. I loaded 3.0 SD, 1.0b1 MD and GSA 1.0b1 with > the parameters in the readme's but to no avail. Am I missing a step? Did you create the special "om" user for the Manager with password "om"? Is the Scanner running? Have you given the right ports to the daemons? Did you create an initial user to login as? (Logging in to GSA as "om" is forbidden.) -- Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From ny101880 at yahoo.com Wed Feb 10 11:59:55 2010 From: ny101880 at yahoo.com (Zack Dela) Date: Wed, 10 Feb 2010 02:59:55 -0800 (PST) Subject: [Openvas-discuss] OpenVAS 3 Message-ID: <577413.69878.qm@web31501.mail.mud.yahoo.com> Hi, I am scanning an XP machines using Qualys and openVAS without authentication. The result of openvas is ICMP OS fingerprinting cant determine the OS while Qulays get the right OS (Windows XP). What are the plugins needed to enable or fine tunning to get the correct OS? Thank you -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100210/cef0ffde/attachment.html From ny101880 at yahoo.com Wed Feb 10 12:00:07 2010 From: ny101880 at yahoo.com (Zack Dela) Date: Wed, 10 Feb 2010 03:00:07 -0800 (PST) Subject: [Openvas-discuss] (no subject) Message-ID: <141433.76153.qm@web31501.mail.mud.yahoo.com> Hi, I am scanning an XP machines using Qualys and openVAS without authentication. The result of openvas is ICMP OS fingerprinting cant determine the OS while Qulays get the right OS (Windows XP). What are the plugins needed to enable or fine tunning to get the correct OS? Thank you -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100210/75cea084/attachment.htm From robert.veznaver at fer.hr Wed Feb 10 23:55:13 2010 From: robert.veznaver at fer.hr (=?windows-1252?Q?Robert_Ve=9Enaver?=) Date: Wed, 10 Feb 2010 23:55:13 +0100 Subject: [Openvas-discuss] this_host() returning an IPv6 address Message-ID: Hi. I recently decided to test the new OpenVAS 3.0. So, I installed ArchLinux and used PKGBUILDs made by noodlesgc: http://aur.archlinux.org/packages.php?ID=22948 http://aur.archlinux.org/packages.php?ID=22944 http://aur.archlinux.org/packages.php?ID=33721 Everything compiled fine, everything is in place. The servers starts normally and I can connect to it. However, some of the plugins simply don't work. Being a NASL plugin dev, I decided to test some manually. When I try out the following command: sudo openvas-nasl -Xt target.something.com ping_host.nasl I get the following error: pcap_compile: expression rejects all packets So I digged a bit through ping_host.nasl, and found out that the this_host() function returns ::1 Now, I know about the bug with some Debian distros and this_host() returning 127.0.0.1 (which is a really annoying one, especially if your OS is inside openvz, and you're not the admin), but shouldn't this_host() return an IPv4 address? Since I'm inside a xen VM this time, I'll try and ask the admin to unload the ipv6 module, and I'll post my results here (if anyone is interested). Regards, Robert Veznaver From bchandra at secpod.com Thu Feb 11 06:04:49 2010 From: bchandra at secpod.com (Chandrashekhar B) Date: Thu, 11 Feb 2010 10:34:49 +0530 Subject: [Openvas-discuss] this_host() returning an IPv6 address In-Reply-To: References: Message-ID: <8D4CAB43B7E74025924AE65332D8BD58@bchandra> Hello Robert, > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On > Behalf Of Robert Ve?naver > Sent: Thursday, February 11, 2010 4:25 AM > To: openvas-discuss at wald.intevation.org > Subject: [Openvas-discuss] this_host() returning an IPv6 address > > Hi. > > I recently decided to test the new OpenVAS 3.0. > So, I installed ArchLinux and used PKGBUILDs made by noodlesgc: > http://aur.archlinux.org/packages.php?ID=22948 > http://aur.archlinux.org/packages.php?ID=22944 > http://aur.archlinux.org/packages.php?ID=33721 > > Everything compiled fine, everything is in place. > The servers starts normally and I can connect to it. > > However, some of the plugins simply don't work. > Being a NASL plugin dev, I decided to test some manually. > > When I try out the following command: > sudo openvas-nasl -Xt target.something.com ping_host.nasl > > I get the following error: > pcap_compile: expression rejects all packets > > So I digged a bit through ping_host.nasl, and found out that > the this_host() function returns ::1 Now, I know about the > bug with some Debian distros and this_host() returning > 127.0.0.1 (which is a really annoying one, especially if your > OS is inside openvz, and you're not the admin), but shouldn't > this_host() return an IPv4 address? Depending on the target system, target.something.com, if it is v4, it returns v4 address and if it is v6, it returns v6 address. But, there seems to be a bug when target.something.com is on a different subnet, it is returning ::1 and also the pcap error message. Please file a bug with details, we'll look into it. > > Since I'm inside a xen VM this time, I'll try and ask the > admin to unload the ipv6 module, and I'll post my results > here (if anyone is interested). Please post your results. Thanks, Chandra. From bchandra at secpod.com Thu Feb 11 06:15:11 2010 From: bchandra at secpod.com (Chandrashekhar B) Date: Thu, 11 Feb 2010 10:45:11 +0530 Subject: [Openvas-discuss] OpenVAS 3 In-Reply-To: <577413.69878.qm@web31501.mail.mud.yahoo.com> References: <577413.69878.qm@web31501.mail.mud.yahoo.com> Message-ID: <7D8C863311084808A928B79B8EF0D64B@bchandra> Hello Zack, For un-authenticated tests, we have os_fingerprint.nasl (102002), you need to enable this. Goran: Should we move this plugin to ACT_SCANNER or ACR_SETTINGS so that it runs by default. Thanks, Chandra. _____ From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Zack Dela Sent: Wednesday, February 10, 2010 4:30 PM To: openvas-discuss at wald.intevation.org Subject: [Openvas-discuss] OpenVAS 3 Hi, I am scanning an XP machines using Qualys and openVAS without authentication. The result of openvas is ICMP OS fingerprinting cant determine the OS while Qulays get the right OS (Windows XP). What are the plugins needed to enable or fine tunning to get the correct OS? Thank you -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100211/56e4b141/attachment.html From felix.wolfsteller at intevation.de Thu Feb 11 08:26:09 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Thu, 11 Feb 2010 08:26:09 +0100 Subject: [Openvas-discuss] this_host() returning an IPv6 address In-Reply-To: <8D4CAB43B7E74025924AE65332D8BD58@bchandra> References: <8D4CAB43B7E74025924AE65332D8BD58@bchandra> Message-ID: <201002110826.10165.felix.wolfsteller@intevation.de> Was on freshmeat lately, maybe running "ipv6 care" can help in debugging some ipv6 issues. http://sourceforge.net/projects/ipv6-care/ -- felix On Thursday 11 February 2010 06:04:49 Chandrashekhar B wrote: > Hello Robert, > > > -----Original Message----- > > From: openvas-discuss-bounces at wald.intevation.org > > [mailto:openvas-discuss-bounces at wald.intevation.org] On > > Behalf Of Robert Ve?naver > > Sent: Thursday, February 11, 2010 4:25 AM > > To: openvas-discuss at wald.intevation.org > > Subject: [Openvas-discuss] this_host() returning an IPv6 address > > > > Hi. > > > > I recently decided to test the new OpenVAS 3.0. > > So, I installed ArchLinux and used PKGBUILDs made by noodlesgc: > > http://aur.archlinux.org/packages.php?ID=22948 > > http://aur.archlinux.org/packages.php?ID=22944 > > http://aur.archlinux.org/packages.php?ID=33721 > > > > Everything compiled fine, everything is in place. > > The servers starts normally and I can connect to it. > > > > However, some of the plugins simply don't work. > > Being a NASL plugin dev, I decided to test some manually. > > > > When I try out the following command: > > sudo openvas-nasl -Xt target.something.com ping_host.nasl > > > > I get the following error: > > pcap_compile: expression rejects all packets > > > > So I digged a bit through ping_host.nasl, and found out that > > the this_host() function returns ::1 Now, I know about the > > bug with some Debian distros and this_host() returning > > 127.0.0.1 (which is a really annoying one, especially if your > > OS is inside openvz, and you're not the admin), but shouldn't > > this_host() return an IPv4 address? > > Depending on the target system, target.something.com, if it is v4, it > returns v4 address and if it is v6, it returns v6 address. But, there seems > to be a bug when target.something.com is on a different subnet, it is > returning ::1 and also the pcap error message. Please file a bug with > details, we'll look into it. > > > Since I'm inside a xen VM this time, I'll try and ask the > > admin to unload the ipv6 module, and I'll post my results > > here (if anyone is interested). > > Please post your results. > > Thanks, > Chandra. > > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From felix.wolfsteller at intevation.de Thu Feb 11 09:14:25 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Thu, 11 Feb 2010 09:14:25 +0100 Subject: [Openvas-discuss] Ideas for GSOC 2010 Message-ID: <201002110914.26049.felix.wolfsteller@intevation.de> As there seems to be consent that participation in the Google Summer of Code is a good (great actually) idea, I will set up a gsoc2010 ideas page. To fill the page with content, I need ideas from you guys, optimally with some nice text around it. Information about GSOC2010 can be found at. http://socghop.appspot.com/gsoc/program/home/google/gsoc2010 Examples how an idea page can look like can be found by following links from last years gsoc page. One example would be the nmap gsoc ideas page: http://nmap.org/soc/ Which brings me to my first idea: 1) Tighter nmap integration (e.g. also http://openvas.org/openvas-cr-40.html). 2) Integration of a network inventory tool. To start with a bad example and keep my work at schedule, I do not provide nice text now. -- felix -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From geoff at galitz.org Thu Feb 11 09:43:15 2010 From: geoff at galitz.org (Geoff Galitz) Date: Thu, 11 Feb 2010 09:43:15 +0100 Subject: [Openvas-discuss] Ideas for GSOC 2010 In-Reply-To: <201002110914.26049.felix.wolfsteller@intevation.de> References: <201002110914.26049.felix.wolfsteller@intevation.de> Message-ID: > > 2) Integration of a network inventory tool. > > To start with a bad example and keep my work at schedule, I do not provide > nice text now. FWIW. Relating directly to the previous mentioned VMs I am deploying for my customers, I do have network inventory tool integration in process. This is, in fact, a high priority project I have and is what is slowing me down from doing all the other things I am supposed to be doing for OpenVAS (documentation, the live VM and so on). Specifically I am working on integration with OCSNG via the SOAP interface, but connecting directly the OCSNG database via a mysql library is also an option. This is part of my effort to provide an integrated FOSS IT management solution for my customers. --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ From goran.licina at lss.hr Thu Feb 11 10:04:48 2010 From: goran.licina at lss.hr (=?iso-8859-2?Q?Goran_Li=E8ina?=) Date: Thu, 11 Feb 2010 10:04:48 +0100 Subject: [Openvas-discuss] OpenVAS 3 References: <577413.69878.qm@web31501.mail.mud.yahoo.com> <7D8C863311084808A928B79B8EF0D64B@bchandra> Message-ID: <8A02A3DF683DEE42BE73187F4CA4444C1C4EF5@vlasta.lss-net.lss.hr> Hi Chandra, while it would be reasonable to have it run by default, ACT_GATHER_INFO still seems to me as the most appropriate category according to the nature of plugin (gathering information about host). Any opinions on this? However, I don't think that is the problem here (in Zack's case). Problem is that ICMP OS fingerprinting doesn't always give reliable (or any) results. It is highly dependable on network conditions and network devices that packages go through as these tend to change IP and ICMP package fields that this plugin relies on. During tests we noticed that plugin gives better results while executed against host on local network. These were as good as results given by other tools such as nmap. On the other hand, results of testing hosts on other networks didn't give most reliable results. Other problem could be NASL function this_host(), as we noticed that on some systems it returned 127.0.0.1 instead of real IP address of host where OpenVAS server (now scanner) was running. OS fingerprint plugin heavily relies on this function so it fails to detect when this_host() returns wrong output.This seems to be a bug but we couldn't reproduce it (it was gone after system update I think). I'm not sure, but it could be related to kernel version. We are planning to improve plugin by adding some TCP and SMB modules (as it is done in xprobe2), so results will then be more reliable. Best regards, Goran From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Chandrashekhar B Sent: Thursday, February 11, 2010 6:15 AM To: 'Zack Dela'; openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] OpenVAS 3 Hello Zack, For un-authenticated tests, we have os_fingerprint.nasl (102002), you need to enable this. Goran: Should we move this plugin to ACT_SCANNER or ACR_SETTINGS so that it runs by default. Thanks, Chandra. ________________________________ From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Zack Dela Sent: Wednesday, February 10, 2010 4:30 PM To: openvas-discuss at wald.intevation.org Subject: [Openvas-discuss] OpenVAS 3 Hi, I am scanning an XP machines using Qualys and openVAS without authentication. The result of openvas is ICMP OS fingerprinting cant determine the OS while Qulays get the right OS (Windows XP). What are the plugins needed to enable or fine tunning to get the correct OS? Thank you -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100211/df27c282/attachment.htm From felix.wolfsteller at intevation.de Thu Feb 11 10:26:55 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Thu, 11 Feb 2010 10:26:55 +0100 Subject: [Openvas-discuss] OpenVAS 3 In-Reply-To: <8A02A3DF683DEE42BE73187F4CA4444C1C4EF5@vlasta.lss-net.lss.hr> References: <577413.69878.qm@web31501.mail.mud.yahoo.com> <7D8C863311084808A928B79B8EF0D64B@bchandra> <8A02A3DF683DEE42BE73187F4CA4444C1C4EF5@vlasta.lss-net.lss.hr> Message-ID: <201002111026.55704.felix.wolfsteller@intevation.de> On Thursday 11 February 2010 10:04:48 Goran Li?ina wrote: > Other problem could be NASL function this_host(), as we noticed that on > some systems it returned 127.0.0.1 > > instead of real IP address of host where OpenVAS server (now scanner) was > running. OS fingerprint plugin heavily > relies on this function so it fails to detect when this_host() returns > wrong output.This seems to be a bug but we > > couldn't reproduce it (it was gone after system update I think). I'm not > sure, but it could be related to kernel version. Well, besides ipv6 issues there is a bug that could be related to it and might pop up when openvas-libraries was compiled with optimization. The problematic code is at misc/pcap.c (getinterfaces). In that case the loopback interface would be reported as the adress to send packets from. I have a patch from Matt flying around here but we couldnt test it (enough, yet). -- felix -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From bchandra at secpod.com Thu Feb 11 10:58:28 2010 From: bchandra at secpod.com (Chandrashekhar B) Date: Thu, 11 Feb 2010 15:28:28 +0530 Subject: [Openvas-discuss] this_host() returning an IPv6 address In-Reply-To: <8D4CAB43B7E74025924AE65332D8BD58@bchandra> References: <8D4CAB43B7E74025924AE65332D8BD58@bchandra> Message-ID: <025A70992A3D4524B9EFD3A9C4F6F8AB@bchandra> Hello, > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On > Behalf Of Chandrashekhar B > Sent: Thursday, February 11, 2010 10:35 AM > To: 'Robert Ve?naver'; openvas-discuss at wald.intevation.org > Subject: Re: [Openvas-discuss] this_host() returning an IPv6 address > > Hello Robert, > > > > -----Original Message----- > > From: openvas-discuss-bounces at wald.intevation.org > > [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of > > Robert Ve?naver > > Sent: Thursday, February 11, 2010 4:25 AM > > To: openvas-discuss at wald.intevation.org > > Subject: [Openvas-discuss] this_host() returning an IPv6 address > > > > Hi. > > > > I recently decided to test the new OpenVAS 3.0. > > So, I installed ArchLinux and used PKGBUILDs made by noodlesgc: > > http://aur.archlinux.org/packages.php?ID=22948 > > http://aur.archlinux.org/packages.php?ID=22944 > > http://aur.archlinux.org/packages.php?ID=33721 > > > > Everything compiled fine, everything is in place. > > The servers starts normally and I can connect to it. > > > > However, some of the plugins simply don't work. > > Being a NASL plugin dev, I decided to test some manually. > > > > When I try out the following command: > > sudo openvas-nasl -Xt target.something.com ping_host.nasl > > > > I get the following error: > > pcap_compile: expression rejects all packets > > > > So I digged a bit through ping_host.nasl, and found out that the > > this_host() function returns ::1 Now, I know about the bug > with some > > Debian distros and this_host() returning > > 127.0.0.1 (which is a really annoying one, especially if your OS is > > inside openvz, and you're not the admin), but shouldn't > > this_host() return an IPv4 address? > > Depending on the target system, target.something.com, if it > is v4, it returns v4 address and if it is v6, it returns v6 > address. But, there seems to be a bug when > target.something.com is on a different subnet, it is > returning ::1 and also the pcap error message. Please file a > bug with details, we'll look into it. I figured out the issue, to get the source address that is going to be used (for this_host() ), we check all the routing entries. For a target that is on a different subnet, if I add a routing entry explicitly to that subnet apart from the default route, it gives correct result. While testing IPv6, I remembered doing this, forgot about it later on. In actual, I think it should get the default route entry. Thanks, Chandra. From robert.veznaver at fer.hr Thu Feb 11 17:39:30 2010 From: robert.veznaver at fer.hr (=?windows-1252?Q?Robert_Ve=9Enaver?=) Date: Thu, 11 Feb 2010 17:39:30 +0100 Subject: [Openvas-discuss] Debian OpenVZ default configuration & OpenVAS Message-ID: Hi, I would just like to inform Debian OpenVZ users who run OpenVAS in a VM that there is a "bug" (actually, more of a nuisance than a true bug) within Debian's default script for venet0. http://forum.openvz.org/index.php?t=msg&goto=4762& http://forum.openvz.org/index.php?t=msg&th=817&start=0& There is also a bug report filed under http://bugzilla.openvz.org/show_bug.cgi?id=883 In short; the default Debian script creates venet0 with the IP 127.0.0.1, and another virtual interface venet0:0 with the real IP address. The this_host() function returns the IP of venet0, so every packet which is forged using that function (i.e. every packet :)) is sent but never returned. Please see the aforementioned links for a solution. I hope this info helps someone. Regards, Robert Ve?naver P.S.: This mail is _not_ related to my "this_host() returning an IPv6 address" mail. That machine is on a xen hypervisor. I'm still waiting for my admin to fix the file system since it crashed about an hour after I sent the mail :) -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100211/3baa1674/attachment.html From sahaj_p at yahoo.co.in Fri Feb 12 06:04:34 2010 From: sahaj_p at yahoo.co.in (sahaj pandey) Date: Fri, 12 Feb 2010 10:34:34 +0530 (IST) Subject: [Openvas-discuss] getting response through url with nasl Message-ID: <411960.84653.qm@web94405.mail.in2.yahoo.com> hi, i want to write a plugin to recieve a response from a url by providing username and password, it is like, http://target/a.b.c?&d=e&f=g. i want to do it with a script,how can do it? second question is, if i want to send a authorization header instead of username and password how can i send it.?? plz help, thanks Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! http://downloads.yahoo.com/in/internetexplorer/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100212/5fbbae76/attachment.htm From felix.wolfsteller at intevation.de Fri Feb 12 09:53:30 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Fri, 12 Feb 2010 09:53:30 +0100 Subject: [Openvas-discuss] Debian OpenVZ default configuration & OpenVAS In-Reply-To: References: Message-ID: <201002120953.31028.felix.wolfsteller@intevation.de> Thanks for sharing. Anybody volunteering to making a FAQ entry out of that (~"Why does OpenVAS in a VM does not perform well?") -- felix On Thursday 11 February 2010 17:39:30 Robert Ve?naver wrote: > Hi, > > I would just like to inform Debian OpenVZ users who run OpenVAS in a VM > that there is a "bug" (actually, more of a nuisance than a true bug) within > Debian's default script for venet0. > > http://forum.openvz.org/index.php?t=msg&goto=4762& > http://forum.openvz.org/index.php?t=msg&th=817&start=0& > > There is also a bug report filed under > http://bugzilla.openvz.org/show_bug.cgi?id=883 > > In short; the default Debian script creates venet0 with the IP 127.0.0.1, > and another virtual interface venet0:0 with the real IP address. The > this_host() function returns the IP of venet0, so every packet which is > forged using that function (i.e. every packet :)) is sent but never > returned. Please see the aforementioned links for a solution. > > I hope this info helps someone. > > Regards, > Robert Ve?naver > > P.S.: This mail is _not_ related to my "this_host() returning an IPv6 > address" mail. That machine is on a xen hypervisor. I'm still waiting for > my admin to fix the file system since it crashed about an hour after I sent > the mail :) > > -- > Laboratory for Systems and Signals > Department of Electronic Systems and Information Processing > Faculty of Electrical Engineering and Computing > University of Zagreb -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From michael.meyer at intevation.de Fri Feb 12 10:55:50 2010 From: michael.meyer at intevation.de (Michael Meyer) Date: Fri, 12 Feb 2010 10:55:50 +0100 Subject: [Openvas-discuss] getting response through url with nasl In-Reply-To: <411960.84653.qm@web94405.mail.in2.yahoo.com> References: <411960.84653.qm@web94405.mail.in2.yahoo.com> Message-ID: <20100212095550.GA2701@komma-nix.de> Hello, *** sahaj pandey wrote: > i want to write a plugin to recieve a response from a url by providing username and password, > it is like, > > http://target/a.b.c?&d=e&f=g. > i want to do it with a script,how can do it? ,---| | include("http_func.inc"); | include("http_keepalive.inc"); | | port = get_http_port(default:80); | if(!get_port_state(port))exit(0); | | url = string("/a.b.c?&d=e&f=g"); | req = http_get(item:url, port:port); | buf = http_keepalive_send_recv(port:port, data:req, bodyonly:TRUE); | if(buf == NULL)exit(0); | display(buf,"\n"); `---| > second question is, > > if i want to send a authorization header instead of username and password how can i send it.?? ,---| | include("http_func.inc"); | include("http_keepalive.inc"); | include("misc_func.inc"); | | port = get_http_port(default:80); | if(!get_port_state(port))exit(0); | | userpass = string("user:pass"); | userpass64 = base64(str:userpass); | req = string("GET /a.b.c HTTP/1.0\r\nAuthorization: Basic ",userpass64,"\r\n\r\n"); | buf = http_keepalive_send_recv(port:port, data:req, bodyonly:TRUE); | if(buf == NULL)exit(0); | display(buf,"\n"); `---| http://chileforge.cl/docman/view.php/28/59/nasl2_reference.pdf HTH Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From josip.stuhli at fer.hr Fri Feb 12 10:46:43 2010 From: josip.stuhli at fer.hr (Josip Stuhli) Date: Fri, 12 Feb 2010 10:46:43 +0100 Subject: [Openvas-discuss] getting response through url with nasl In-Reply-To: <411960.84653.qm@web94405.mail.in2.yahoo.com> References: <411960.84653.qm@web94405.mail.in2.yahoo.com> Message-ID: <4B752383.1070407@fer.hr> sahaj pandey wrote: > hi, > i want to write a plugin to recieve a response from a url by providing > username and password, > it is like, > > http://target/a.b.c?&d=e&f=g . > > i want to do it with a script,how can do it? > > > second question is, > > if i want to send a authorization header instead of username and > password how can i send it.?? > > plz help, > thanks > > > ------------------------------------------------------------------------ > The INTERNET now has a personality. YOURS! See your Yahoo! Homepage > . > ------------------------------------------------------------------------ > > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > Hello sahay, you include http_func.inc and use this functions include("http_func.inc"); port = get_http_port(default:80); response=http_send_recv(data:http_get(item:"/a.b.c?&d=e&f=g ", port:port), port:port) From kost at linux.hr Fri Feb 12 12:45:32 2010 From: kost at linux.hr (Vlatko Kosturjak) Date: Fri, 12 Feb 2010 12:45:32 +0100 Subject: [Openvas-discuss] Debian OpenVZ default configuration & OpenVAS In-Reply-To: <201002120953.31028.felix.wolfsteller@intevation.de> References: <201002120953.31028.felix.wolfsteller@intevation.de> Message-ID: <20100212114532.GB28396@griffin.linux.hr> I would say just OpenVZ VMs. it's not for all virtualization solutions... Just to make it clear. So, it should be this: Why does OpenVAS in a OpenVZ VM does not perform well? On Fri, Feb 12, 2010 at 09:53:30AM +0100, Felix Wolfsteller wrote: > Thanks for sharing. > Anybody volunteering to making a FAQ entry out of that (~"Why does OpenVAS in > a VM does not perform well?") > > -- felix > > On Thursday 11 February 2010 17:39:30 Robert Ve?naver wrote: > > Hi, > > > > I would just like to inform Debian OpenVZ users who run OpenVAS in a VM > > that there is a "bug" (actually, more of a nuisance than a true bug) within > > Debian's default script for venet0. > > > > http://forum.openvz.org/index.php?t=msg&goto=4762& > > http://forum.openvz.org/index.php?t=msg&th=817&start=0& > > > > There is also a bug report filed under > > http://bugzilla.openvz.org/show_bug.cgi?id=883 > > > > In short; the default Debian script creates venet0 with the IP 127.0.0.1, > > and another virtual interface venet0:0 with the real IP address. The > > this_host() function returns the IP of venet0, so every packet which is > > forged using that function (i.e. every packet :)) is sent but never > > returned. Please see the aforementioned links for a solution. > > > > I hope this info helps someone. > > > > Regards, > > Robert Ve?naver > > > > P.S.: This mail is _not_ related to my "this_host() returning an IPv6 > > address" mail. That machine is on a xen hypervisor. I'm still waiting for > > my admin to fix the file system since it crashed about an hour after I sent > > the mail :) > > > > -- > > Laboratory for Systems and Signals > > Department of Electronic Systems and Information Processing > > Faculty of Electrical Engineering and Computing > > University of Zagreb > > > -- > Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ > PGP Key: 39DE0100 > Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 > Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Vlatko Kosturjak - KoSt ICQ: 3631122 From bchandra at secpod.com Sat Feb 13 06:17:04 2010 From: bchandra at secpod.com (Chandrashekhar B) Date: Sat, 13 Feb 2010 10:47:04 +0530 Subject: [Openvas-discuss] OpenVAS 3 In-Reply-To: <297586.79929.qm@web31505.mail.mud.yahoo.com> References: <577413.69878.qm@web31501.mail.mud.yahoo.com> <7D8C863311084808A928B79B8EF0D64B@bchandra> <297586.79929.qm@web31505.mail.mud.yahoo.com> Message-ID: <5707327675904BD186B21834E00B5C6C@bchandra> Hello Zack, This looks like this_host() problem to me. Please check your network configuration, IP Address, Routing entries. But, if it is the same LAN segment, as long as the IP's are configured properly, it should have worked. Chandra. _____ From: Zack Dela [mailto:ny101880 at yahoo.com] Sent: Friday, February 12, 2010 6:12 PM To: Chandrashekhar B; openvas-discuss at wald.intevation.org Subject: Re: [Openvas-discuss] OpenVAS 3 Hi Chandra, I notice that the Scanner IP is 1 and not displaying its real IP. What shall I do.. I do un attenticated scan in the same LAN network/segment Information about this scan : OpenVAS version : 3.0.3 Plugin feed version : 201002111345 Type of plugin feed : OpenVAS NVT Feed Scanner IP : ::1 Port scanner(s) : openvas_tcp_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : no Max hosts : 20 Max checks : 4 Scan Start Date : 2010/2/12 4:27 Scan duration : 300 sec ICMP based OS fingerprint results: Unable to detect remote OS. No match found. OID : 1.3.6.1.4.1.25623.1.0.102002 _____ From: Chandrashekhar B To: Zack Dela ; openvas-discuss at wald.intevation.org Sent: Thu, February 11, 2010 1:15:11 PM Subject: RE: [Openvas-discuss] OpenVAS 3 Hello Zack, For un-authenticated tests, we have os_fingerprint.nasl (102002), you need to enable this. Goran: Should we move this plugin to ACT_SCANNER or ACR_SETTINGS so that it runs by default. Thanks, Chandra. _____ From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Zack Dela Sent: Wednesday, February 10, 2010 4:30 PM To: openvas-discuss at wald.intevation.org Subject: [Openvas-discuss] OpenVAS 3 Hi, I am scanning an XP machines using Qualys and openVAS without authentication. The result of openvas is ICMP OS fingerprinting cant determine the OS while Qulays get the right OS (Windows XP). What are the plugins needed to enable or fine tunning to get the correct OS? Thank you -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100213/828c2fa4/attachment.html From ny101880 at yahoo.com Fri Feb 12 13:09:14 2010 From: ny101880 at yahoo.com (Zack Dela) Date: Fri, 12 Feb 2010 04:09:14 -0800 (PST) Subject: [Openvas-discuss] OpenVAS 3 In-Reply-To: <7D8C863311084808A928B79B8EF0D64B@bchandra> References: <577413.69878.qm@web31501.mail.mud.yahoo.com> <7D8C863311084808A928B79B8EF0D64B@bchandra> Message-ID: <794111.9448.qm@web31507.mail.mud.yahoo.com> Hi Chandra, Setting: Client -> General -> Port scanner -> Nmap Client -> Prefs. -> Nmap (NASL Wrapper) -> Identify the remote OS I tried the setting below but the same result: Informational - general/tcp - ICMP based OS fingerprint results: Unable to detect remote OS. No match found. Informational - general/SMBclient OS Version = Windows 5.1 Does this mean that it can't detect the OS, while its using an Windows 5.1 OS version? Im confused.. I tried the same setting but the client 2.x version but the same server version. Informational - general/tcp - ICMP based OS fingerprint results: Linux Kernelxxxxxxxx I dont understand why it outputed as Linux. Thank you Chandra in advance. Its important to test my openvas setup to detect OS as least close to the actual for me to be able to give the right analysis because XP and a Server (2003) is different ________________________________ From: Chandrashekhar B To: Zack Dela ; openvas-discuss at wald.intevation.org Sent: Thu, February 11, 2010 1:15:11 PM Subject: RE: [Openvas-discuss] OpenVAS 3 Hello Zack, For un-authenticated tests, we have os_fingerprint.nasl (102002), you need to enable this. Goran: Should we move this plugin to ACT_SCANNER or ACR_SETTINGS so that it runs by default. Thanks, Chandra. ________________________________ From: > openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Zack > Dela >Sent: Wednesday, February 10, 2010 4:30 PM >To: > openvas-discuss at wald.intevation.org >Subject: [Openvas-discuss] > OpenVAS 3 > > >Hi, > >I am scanning an XP machines using Qualys and openVAS without > authentication. > >The result of openvas is ICMP OS fingerprinting cant > determine the OS while Qulays get the right OS (Windows XP). > >What are > the plugins needed to enable or fine tunning to get the correct > OS? > >Thank you > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100212/87e97c8a/attachment.htm From ny101880 at yahoo.com Fri Feb 12 13:42:24 2010 From: ny101880 at yahoo.com (Zack Dela) Date: Fri, 12 Feb 2010 04:42:24 -0800 (PST) Subject: [Openvas-discuss] OpenVAS 3 In-Reply-To: <7D8C863311084808A928B79B8EF0D64B@bchandra> References: <577413.69878.qm@web31501.mail.mud.yahoo.com> <7D8C863311084808A928B79B8EF0D64B@bchandra> Message-ID: <297586.79929.qm@web31505.mail.mud.yahoo.com> Hi Chandra, I notice that the Scanner IP is 1 and not displaying its real IP. What shall I do.. I do un attenticated scan in the same LAN network/segment Information about this scan : OpenVAS version : 3.0.3 Plugin feed version : 201002111345 Type of plugin feed : OpenVAS NVT Feed Scanner IP : ::1 Port scanner(s) : openvas_tcp_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 1 Report Verbosity : 1 Safe checks : no Max hosts : 20 Max checks : 4 Scan Start Date : 2010/2/12 4:27 Scan duration : 300 sec ICMP based OS fingerprint results: Unable to detect remote OS. No match found. OID : 1.3.6.1.4.1.25623.1.0.102002 ________________________________ From: Chandrashekhar B To: Zack Dela ; openvas-discuss at wald.intevation.org Sent: Thu, February 11, 2010 1:15:11 PM Subject: RE: [Openvas-discuss] OpenVAS 3 Hello Zack, For un-authenticated tests, we have os_fingerprint.nasl (102002), you need to enable this. Goran: Should we move this plugin to ACT_SCANNER or ACR_SETTINGS so that it runs by default. Thanks, Chandra. ________________________________ From: > openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of Zack > Dela >Sent: Wednesday, February 10, 2010 4:30 PM >To: > openvas-discuss at wald.intevation.org >Subject: [Openvas-discuss] > OpenVAS 3 > > >Hi, > >I am scanning an XP machines using Qualys and openVAS without > authentication. > >The result of openvas is ICMP OS fingerprinting cant > determine the OS while Qulays get the right OS (Windows XP). > >What are > the plugins needed to enable or fine tunning to get the correct > OS? > >Thank you > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100212/ba3de3bf/attachment.html From robert.veznaver at fer.hr Sat Feb 13 21:33:28 2010 From: robert.veznaver at fer.hr (=?iso-8859-2?Q?Robert_Ve=BEnaver?=) Date: Sat, 13 Feb 2010 21:33:28 +0100 Subject: [Openvas-discuss] this_host() returning an IPv6 address In-Reply-To: <025A70992A3D4524B9EFD3A9C4F6F8AB@bchandra> References: <8D4CAB43B7E74025924AE65332D8BD58@bchandra> <025A70992A3D4524B9EFD3A9C4F6F8AB@bchandra> Message-ID: On 11. vel. 2010., at 10:58, Chandrashekhar B wrote: > I figured out the issue, to get the source address that is going to be used > (for this_host() ), we check all the routing entries. For a target that is > on a different subnet, if I add a routing entry explicitly to that subnet > apart from the default route, it gives correct result. While testing IPv6, I > remembered doing this, forgot about it later on. In actual, I think it > should get the default route entry. I fixed it by unloading the ipv6 module :) Everything works now. Although, there is one strange thing that bugs me: Whenever there is a this_host() call in a plugin, the message "Didn't find IPv6 routes" pops out. So, I believe there must be _something_wrong somewhere since I'm running plugins against an IPv4 only host and the function get_host_ip() returns an IPv4 address of the target host, while this_host() is just aching for an IPv6 address :) Regards, Robert From robert.veznaver at fer.hr Sun Feb 14 01:28:22 2010 From: robert.veznaver at fer.hr (=?windows-1252?Q?Robert_Ve=9Enaver?=) Date: Sun, 14 Feb 2010 01:28:22 +0100 Subject: [Openvas-discuss] BUG & correction: ssh_func cannot log in to Mac OS X, request for SVN update Message-ID: <69D555C1-69B1-40B2-87B8-544A5DC3E211@fer.hr> Hi, I found a bug in ssh_func.inc which prevents OpenVAS from logging in to a Mac OS X 10.6 SSH Server (and doing Local Security checks). Line 1442 should be changed from: if ("Password: " >< crap) to: if ("Password:" >< crap) Notice the space :) EXPLANATION: In ssh_func.inc, line 1415, after a SSH_MSG_USERAUTH_INFO_REQUEST, the server sends a response (ssh_func.inc puts it into a variable named "payload"). Now, a Linux SSH server responds with: <................... Password: . or in hex: 3c000000000000000000000000000000010000000a50617373776f72643a2000 Mac OS X, on the other hand, responds with: <................... Password:. or in hex: 3c000000000000000000000000000000010000000950617373776f72643a00 Notice the space between the last : and the . All OpenVAS needs to know is if the last part of the payload has "Password:" in it so it could know if the remote server supports the Password keyboard-interactive method. However, since someone put a space after "Password:", the ssh_func.inc incorrectly concludes that the remote server does not support this method. So, if someone could please remove the space and update the SVN accordingly (preferably ASAP) I would be forever grateful and resume working on OS X LSCs. And no, I have absolutely no idea why a Mac OS X SSH server responds differently ;) Thanks, Robert -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb From michael.meyer at intevation.de Sun Feb 14 12:47:17 2010 From: michael.meyer at intevation.de (Michael Meyer) Date: Sun, 14 Feb 2010 12:47:17 +0100 Subject: [Openvas-discuss] BUG & correction: ssh_func cannot log in to Mac OS X, request for SVN update In-Reply-To: <69D555C1-69B1-40B2-87B8-544A5DC3E211@fer.hr> References: <69D555C1-69B1-40B2-87B8-544A5DC3E211@fer.hr> Message-ID: <20100214114717.GA21023@komma-nix.de> *** Robert Ve?naver wrote: > I found a bug in ssh_func.inc which prevents OpenVAS from logging in > to a Mac OS X 10.6 SSH Server (and doing Local Security checks). > Line 1442 should be changed from: > > if ("Password: " >< crap) > to: > if ("Password:" >< crap) Thank you for discovering this bug and thanks for the solution. ;) > So, if someone could please remove the space and update the SVN > accordingly (preferably ASAP) I would be forever grateful and resume > working on OS X LSCs. [x] Done. Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From Jan-Oliver.Wagner at greenbone.net Mon Feb 15 09:58:01 2010 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Mon, 15 Feb 2010 09:58:01 +0100 Subject: [Openvas-discuss] Ideas for GSOC 2010 -- Inventory tools In-Reply-To: References: <201002110914.26049.felix.wolfsteller@intevation.de> Message-ID: <201002150958.03697.Jan-Oliver.Wagner@greenbone.net> Hi Geoff, On Donnerstag, 11. Februar 2010, Geoff Galitz wrote: > > 2) Integration of a network inventory tool. > > > > To start with a bad example and keep my work at schedule, I do not provide > > nice text now. > > FWIW. > > Relating directly to the previous mentioned VMs I am deploying for my > customers, I do have network inventory tool integration in process. This > is, in fact, a high priority project I have and is what is slowing me down > from doing all the other things I am supposed to be doing for OpenVAS > (documentation, the live VM and so on). > > Specifically I am working on integration with OCSNG via the SOAP interface, > but connecting directly the OCSNG database via a mysql library is also an > option. > > This is part of my effort to provide an integrated FOSS IT management > solution for my customers. I am very interested in such integrations. I had a look at OCSNG some time ago and failed to find helpful hooks for quick/easy integration. As you may have seen, meanwhile we support CPE for inventory data as the only direct available standard for describing products. See also here for a simple guide: http://www.greenbone.net/learningcenter/task_cpe_inventory.html Do you see any chance to get OCSNG integrate with OpenVAS on CPE-base? What other standard might be helpful? What other method did you apply? Al the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From sahaj_p at yahoo.co.in Mon Feb 15 11:06:15 2010 From: sahaj_p at yahoo.co.in (sahaj pandey) Date: Mon, 15 Feb 2010 15:36:15 +0530 (IST) Subject: [Openvas-discuss] regarding error while configuring openvas-libraries In-Reply-To: References: Message-ID: <992246.53142.qm@web94407.mail.in2.yahoo.com> hi, i am trying to install openvas on my linux system(Redhat ES-4). and while configuring openvas libraries i am getting error msg. the output is given below. ----------------------------------------------------------------- [root at localhost openvas-libraries-3.0.0]# ./configure checking for gcc... gcc checking for C compiler default output file name... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking build system type... i686-pc-linux-gnu checking host system type... i686-pc-linux-gnu checking for a sed that does not truncate output... /bin/sed checking for grep that handles long lines and -e... /bin/grep checking for egrep... /bin/grep -E checking for ld used by gcc... /usr/bin/ld checking if the linker (/usr/bin/ld) is GNU ld... yes checking for /usr/bin/ld option to reload object files... -r checking for BSD-compatible nm... /usr/bin/nm -B checking whether ln -s works... yes checking how to recognise dependent libraries... pass_all checking how to run the C preprocessor... gcc -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking dlfcn.h usability... yes checking dlfcn.h presence... yes checking for dlfcn.h... yes checking for g++... no checking for c++... no checking for gpp... no checking for aCC... no checking for CC... no checking for cxx... no checking for cc++... no checking for cl.exe... no checking for FCC... no checking for KCC... no checking for RCC... no checking for xlC_r... no checking for xlC... no checking whether we are using the GNU C++ compiler... no checking whether g++ accepts -g... no checking for g77... no checking for xlf... no checking for f77... no checking for frt... no checking for pgf77... no checking for cf77... no checking for fort77... no checking for fl32... no checking for af77... no checking for xlf90... no checking for f90... no checking for pgf90... no checking for pghpf... no checking for epcf90... no checking for gfortran... no checking for g95... no checking for xlf95... no checking for f95... no checking for fort... no checking for ifort... no checking for ifc... no checking for efc... no checking for pgf95... no checking for lf95... no checking for ftn... no checking whether we are using the GNU Fortran 77 compiler... no checking whether accepts -g... no checking the maximum length of command line arguments... 32768 checking command to parse /usr/bin/nm -B output from gcc object... ok checking for objdir... .libs checking for ar... ar checking for ranlib... ranlib checking for strip... strip checking if gcc supports -fno-rtti -fno-exceptions... no checking for gcc option to produce PIC... -fPIC checking if gcc PIC flag -fPIC works... yes checking if gcc static flag -static works... yes checking if gcc supports -c -o file.o... yes checking whether the gcc linker (/usr/bin/ld) supports shared libraries... yes checking whether -lc should be explicitly linked in... no checking dynamic linker characteristics... GNU/Linux ld.so checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... yes configure: creating libtool appending configuration tag "CXX" to libtool appending configuration tag "F77" to libtool checking if the compiler understands -pipe... yes checking whether make sets $(MAKE)... yes checking for a BSD-compatible install... /usr/bin/install -c checking for pkg-config... no checking for GLIB... configure: error: "glib >= 2.12.0 not found" [root at localhost openvas-libraries-3.0.0]# ------------------------------------------------------------------ i also have one ubuntu 9.10 system and on that too while doing "sudo make" i am getting error its something like cmake somthing error.....127(i dont remember exactaly) please help. thanks The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100215/6205d875/attachment.html From bitdealer at gmail.com Mon Feb 15 12:02:52 2010 From: bitdealer at gmail.com (Stephan Kleine) Date: Mon, 15 Feb 2010 12:02:52 +0100 Subject: [Openvas-discuss] regarding error while configuring openvas-libraries In-Reply-To: <992246.53142.qm@web94407.mail.in2.yahoo.com> References: <992246.53142.qm@web94407.mail.in2.yahoo.com> Message-ID: <201002151202.52896.bitdealer@gmail.com> On Monday February 15 2010 11:06:15 sahaj pandey wrote: > checking for GLIB... configure: error: "glib >= 2.12.0 not found" Your glib is too old. > i also have one ubuntu 9.10 system and on that too while doing "sudo make" > i am getting error > > its something like > > cmake somthing > error.....127(i dont remember exactaly) You can get buntu packages from http://download.opensuse.org/repositories/security:/openvas:/UNSTABLE/ and if you still want to compile them yourself for some reason just take a look at the rules file (no patches needed). Also note that those packages aren't tested cause I don't run any buntu so feedback regarding the init script would be very welcome ;) hth Stephan From felix.wolfsteller at intevation.de Mon Feb 15 12:19:45 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Mon, 15 Feb 2010 12:19:45 +0100 Subject: [Openvas-discuss] regarding error while configuring openvas-libraries In-Reply-To: <992246.53142.qm@web94407.mail.in2.yahoo.com> References: <992246.53142.qm@web94407.mail.in2.yahoo.com> Message-ID: <201002151219.45245.felix.wolfsteller@intevation.de> Hi Sahaj On Monday 15 February 2010 11:06:15 sahaj pandey wrote: > i also have one ubuntu 9.10 system and on that too while doing "sudo make" > i am getting error > > its something like > > cmake somthing > error.....127(i dont remember exactaly) It should compile rather smoothly on 9.10. Provide the full output and I am sure you will be helped. -- felix -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From bchandra at secpod.com Tue Feb 16 11:00:02 2010 From: bchandra at secpod.com (Chandrashekhar B) Date: Tue, 16 Feb 2010 15:30:02 +0530 Subject: [Openvas-discuss] this_host() returning an IPv6 address In-Reply-To: References: <8D4CAB43B7E74025924AE65332D8BD58@bchandra><025A70992A3D4524B9EFD3A9C4F6F8AB@bchandra> Message-ID: <12EE0FD848D9468D91A7B89E5A94FAFD@bchandra> Hello Robert, > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On > Behalf Of Robert Ve?naver > Sent: Sunday, February 14, 2010 2:03 AM > To: openvas-discuss at wald.intevation.org > Subject: Re: [Openvas-discuss] this_host() returning an IPv6 address > > > On 11. vel. 2010., at 10:58, Chandrashekhar B wrote: > > > I figured out the issue, to get the source address that is > going to be > > used (for this_host() ), we check all the routing entries. For a > > target that is on a different subnet, if I add a routing entry > > explicitly to that subnet apart from the default route, it gives > > correct result. While testing IPv6, I remembered doing this, forgot > > about it later on. In actual, I think it should get the > default route entry. > > I fixed it by unloading the ipv6 module :) Everything works now. > Although, there is one strange thing that bugs me: > Whenever there is a this_host() call in a plugin, the message > "Didn't find IPv6 routes" pops out. > > So, I believe there must be _something_wrong somewhere since > I'm running plugins against an IPv4 only host and the > function get_host_ip() returns an IPv4 address of the target > host, while this_host() is just aching for an IPv6 address :) > I have fixed this issue and committed to svn. Please test and let me know if it works. It should work with ipv6 module too. Chandra. From sahaj_p at yahoo.co.in Tue Feb 16 11:44:31 2010 From: sahaj_p at yahoo.co.in (sahaj pandey) Date: Tue, 16 Feb 2010 16:14:31 +0530 (IST) Subject: [Openvas-discuss] regardingerror in loading gui Message-ID: <642865.44880.qm@web94403.mail.in2.yahoo.com> i have installed openvas on my system and done all the prelimanaries like adding certkey,adding user while starting "openvasd -D" it is giving some error and also not able to show gui. output of openvasd -D is [root at localhost openvas]# openvasd -D portscan-strobe.nasl could not be added to the cache and is likely to stay invisible to the client. W32.Sasser.Worm.nasl could not be added to the cache and is likely to stay invisible to the client. pnscan.nasl could not be added to the cache and is likely to stay invisible to the client. amap.nasl could not be added to the cache and is likely to stay invisible to the client. snmpwalk_portscan.nasl could not be added to the cache and is likely to stay invisible to the client. portbunny.nasl could not be added to the cache and is likely to stay invisible to the client. All plugins loaded and for OpenVAS-Client is [root at localhost openvas]# OpenVAS-Client OpenVAS-Client: error while loading shared libraries: libssl.so.7: cannot open shared object file: No such file or directory [root at localhost openvas]# What can i do to remove these errors...?? thanks Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! http://downloads.yahoo.com/in/internetexplorer/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100216/fdcf5259/attachment.htm From sahaj_p at yahoo.co.in Tue Feb 16 11:55:22 2010 From: sahaj_p at yahoo.co.in (sahaj pandey) Date: Tue, 16 Feb 2010 16:25:22 +0530 (IST) Subject: [Openvas-discuss] regardingerror in loading gui In-Reply-To: <642865.44880.qm@web94403.mail.in2.yahoo.com> References: <642865.44880.qm@web94403.mail.in2.yahoo.com> Message-ID: <737051.45783.qm@web94407.mail.in2.yahoo.com> and for OpenVAS-Client is [root at localhost openvas]# OpenVAS-Client OpenVAS-Client: error while loading shared libraries: libssl.so.7: cannot open shared object file: No such file or directory [root at localhost openvas]# the loading problem is now solved bt it still not able to display GUI the error now is, [root at localhost openvas]# OpenVAS-Client (OpenVAS-Client:32421): Gtk-WARNING **: cannot open display: i have tried with browser also by giving url as, http://xx.xx.xx.xx:9390 but it is not displaying anythng, netstat -ltn is showing that openvasd is listening on port 9390. thanks ________________________________ From: sahaj pandey To: openvas discussion Cc: s p Sent: Tue, 16 February, 2010 4:14:31 PM Subject: regardingerror in loading gui i have installed openvas on my system and done all the prelimanaries like adding certkey,adding user while starting "openvasd -D" it is giving some error and also not able to show gui. output of openvasd -D is [root at localhost openvas]# openvasd -D portscan-strobe.nasl could not be added to the cache and is likely to stay invisible to the client. W32.Sasser.Worm.nasl could not be added to the cache and is likely to stay invisible to the client. pnscan.nasl could not be added to the cache and is likely to stay invisible to the client. amap.nasl could not be added to the cache and is likely to stay invisible to the client. snmpwalk_portscan.nasl could not be added to the cache and is likely to stay invisible to the client. portbunny.nasl could not be added to the cache and is likely to stay invisible to the client. All plugins loaded and for OpenVAS-Client is [root at localhost openvas]# OpenVAS-Client OpenVAS-Client: error while loading shared libraries: libssl.so.7: cannot open shared object file: No such file or directory [root at localhost openvas]# What can i do to remove these errors...?? thanks ________________________________ The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100216/27d4c995/attachment.html From felix.wolfsteller at intevation.de Tue Feb 16 12:00:34 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Tue, 16 Feb 2010 12:00:34 +0100 Subject: [Openvas-discuss] regardingerror in loading gui In-Reply-To: <642865.44880.qm@web94403.mail.in2.yahoo.com> References: <642865.44880.qm@web94403.mail.in2.yahoo.com> Message-ID: <201002161200.34683.felix.wolfsteller@intevation.de> Hi Sahaj I see that you use openvas 2.0.x . Consider updating to OpenVAS 3. Also, I believe that you use the openvas-plugins package which is horribly outdated. Invoke a "openvas-nvt-sync"to fetch new(er vsions of) plugins. The warnings ("XYZ could not be added to the cache and is likely to stay invisible to the client.") should be gone then. About the Client, I really dont know, but maybe you have to install something like libssl-dev? Please include information about your system next time (e.g. linux distro, version of openvas (all the tools should have a --version argument) etc). Thanks -- felix On Tuesday 16 February 2010 11:44:31 sahaj pandey wrote: > i have installed openvas on my system and done all the prelimanaries like > adding certkey,adding user > > while starting "openvasd -D" it is giving some error and also not able to > show gui. > output of openvasd -D is > > [root at localhost openvas]# openvasd -D > portscan-strobe.nasl could not be added to the cache and is likely to stay > invisible to the client. W32.Sasser.Worm.nasl could not be added to the > cache and is likely to stay invisible to the client. pnscan.nasl could not > be added to the cache and is likely to stay invisible to the client. > amap.nasl could not be added to the cache and is likely to stay invisible > to the client. snmpwalk_portscan.nasl could not be added to the cache and > is likely to stay invisible to the client. portbunny.nasl could not be > added to the cache and is likely to stay invisible to the client. All > plugins loaded > > and for OpenVAS-Client is > [root at localhost openvas]# OpenVAS-Client > OpenVAS-Client: error while loading shared libraries: libssl.so.7: cannot > open shared object file: No such file or directory [root at localhost > openvas]# > > > > > What can i do to remove these errors...?? > > thanks > > > > Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! > http://downloads.yahoo.com/in/internetexplorer/ -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From sahaj_p at yahoo.co.in Tue Feb 16 12:22:15 2010 From: sahaj_p at yahoo.co.in (sahaj pandey) Date: Tue, 16 Feb 2010 16:52:15 +0530 (IST) Subject: [Openvas-discuss] Openvas-discuss Digest, Vol 37, Issue 13 In-Reply-To: References: Message-ID: <401455.18926.qm@web94408.mail.in2.yahoo.com> Hi Felix, thanks, i was trying to install version three only but i was not able to get the rpm for openvas-server, i was able to get the rpm "openvas-server-2.0.3-4.2.i386.rpm" which was not getting installed and showing that it has conflict wit openvas-scanner, "openvas-scanner-3.0.1-1.fc6.art.i386.rpm". for this reason i have to switch on version 2. can u suggest where i can get rpm for version 3. the other rpms i have are, openvas-libnasl-2.0.2-1.fc6.art.i386.rpm openvas-libraries-3.0.3-1.fc6.art.i386.rpm i was using this link to download rpms, http://www.atomicorp.com/channels/atomic/fedora/6/i386/RPMS/ thanks. ________________________________ From: "openvas-discuss-request at wald.intevation.org" To: openvas-discuss at wald.intevation.org Sent: Tue, 16 February, 2010 4:30:04 PM Subject: Openvas-discuss Digest, Vol 37, Issue 13 Send Openvas-discuss mailing list submissions to openvas-discuss at wald.intevation.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss or, via email, send a message with subject or body 'help' to openvas-discuss-request at wald.intevation.org You can reach the person managing the list at openvas-discuss-owner at wald.intevation.org When replying, please edit your Subject line so it is more specific than "Re: Contents of Openvas-discuss digest..." Today's Topics: 1. Re: regarding error while configuring openvas-libraries (Stephan Kleine) 2. Re: regarding error while configuring openvas-libraries (Felix Wolfsteller) 3. Re: this_host() returning an IPv6 address (Chandrashekhar B) 4. regardingerror in loading gui (sahaj pandey) 5. Re: regardingerror in loading gui (sahaj pandey) ---------------------------------------------------------------------- Message: 1 Date: Mon, 15 Feb 2010 12:02:52 +0100 From: Stephan Kleine Subject: Re: [Openvas-discuss] regarding error while configuring openvas-libraries To: openvas-discuss at wald.intevation.org Message-ID: <201002151202.52896.bitdealer at gmail.com> Content-Type: Text/Plain; charset="utf-8" On Monday February 15 2010 11:06:15 sahaj pandey wrote: > checking for GLIB... configure: error: "glib >= 2.12.0 not found" Your glib is too old. > i also have one ubuntu 9.10 system and on that too while doing "sudo make" > i am getting error > > its something like > > cmake somthing > error.....127(i dont remember exactaly) You can get buntu packages from http://download.opensuse.org/repositories/security:/openvas:/UNSTABLE/ and if you still want to compile them yourself for some reason just take a look at the rules file (no patches needed). Also note that those packages aren't tested cause I don't run any buntu so feedback regarding the init script would be very welcome ;) hth Stephan ------------------------------ Message: 2 Date: Mon, 15 Feb 2010 12:19:45 +0100 From: Felix Wolfsteller Subject: Re: [Openvas-discuss] regarding error while configuring openvas-libraries To: openvas-discuss at wald.intevation.org Message-ID: <201002151219.45245.felix.wolfsteller at intevation.de> Content-Type: Text/Plain; charset="iso-8859-1" Hi Sahaj On Monday 15 February 2010 11:06:15 sahaj pandey wrote: > i also have one ubuntu 9.10 system and on that too while doing "sudo make" > i am getting error > > its something like > > cmake somthing > error.....127(i dont remember exactaly) It should compile rather smoothly on 9.10. Provide the full output and I am sure you will be helped. -- felix -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner ------------------------------ Message: 3 Date: Tue, 16 Feb 2010 15:30:02 +0530 From: "Chandrashekhar B" Subject: Re: [Openvas-discuss] this_host() returning an IPv6 address To: 'Robert Ve?naver' , Message-ID: <12EE0FD848D9468D91A7B89E5A94FAFD at bchandra> Content-Type: text/plain; charset="iso-8859-2" Hello Robert, > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On > Behalf Of Robert Ve?naver > Sent: Sunday, February 14, 2010 2:03 AM > To: openvas-discuss at wald.intevation.org > Subject: Re: [Openvas-discuss] this_host() returning an IPv6 address > > > On 11. vel. 2010., at 10:58, Chandrashekhar B wrote: > > > I figured out the issue, to get the source address that is > going to be > > used (for this_host() ), we check all the routing entries. For a > > target that is on a different subnet, if I add a routing entry > > explicitly to that subnet apart from the default route, it gives > > correct result. While testing IPv6, I remembered doing this, forgot > > about it later on. In actual, I think it should get the > default route entry. > > I fixed it by unloading the ipv6 module :) Everything works now. > Although, there is one strange thing that bugs me: > Whenever there is a this_host() call in a plugin, the message > "Didn't find IPv6 routes" pops out. > > So, I believe there must be _something_wrong somewhere since > I'm running plugins against an IPv4 only host and the > function get_host_ip() returns an IPv4 address of the target > host, while this_host() is just aching for an IPv6 address :) > I have fixed this issue and committed to svn. Please test and let me know if it works. It should work with ipv6 module too. Chandra. ------------------------------ Message: 4 Date: Tue, 16 Feb 2010 16:14:31 +0530 (IST) From: sahaj pandey Subject: [Openvas-discuss] regardingerror in loading gui To: openvas discussion Cc: s p Message-ID: <642865.44880.qm at web94403.mail.in2.yahoo.com> Content-Type: text/plain; charset="utf-8" i have installed openvas on my system and done all the prelimanaries like adding certkey,adding user while starting "openvasd -D" it is giving some error and also not able to show gui. output of openvasd -D is [root at localhost openvas]# openvasd -D portscan-strobe.nasl could not be added to the cache and is likely to stay invisible to the client. W32.Sasser.Worm.nasl could not be added to the cache and is likely to stay invisible to the client. pnscan.nasl could not be added to the cache and is likely to stay invisible to the client. amap.nasl could not be added to the cache and is likely to stay invisible to the client. snmpwalk_portscan.nasl could not be added to the cache and is likely to stay invisible to the client. portbunny.nasl could not be added to the cache and is likely to stay invisible to the client. All plugins loaded and for OpenVAS-Client is [root at localhost openvas]# OpenVAS-Client OpenVAS-Client: error while loading shared libraries: libssl.so.7: cannot open shared object file: No such file or directory [root at localhost openvas]# What can i do to remove these errors...?? thanks Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! http://downloads.yahoo.com/in/internetexplorer/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100216/fdcf5259/attachment.html ------------------------------ Message: 5 Date: Tue, 16 Feb 2010 16:25:22 +0530 (IST) From: sahaj pandey Subject: Re: [Openvas-discuss] regardingerror in loading gui To: sahaj pandey , openvas discussion Message-ID: <737051.45783.qm at web94407.mail.in2.yahoo.com> Content-Type: text/plain; charset="utf-8" and for OpenVAS-Client is [root at localhost openvas]# OpenVAS-Client OpenVAS-Client: error while loading shared libraries: libssl.so.7: cannot open shared object file: No such file or directory [root at localhost openvas]# the loading problem is now solved bt it still not able to display GUI the error now is, [root at localhost openvas]# OpenVAS-Client (OpenVAS-Client:32421): Gtk-WARNING **: cannot open display: i have tried with browser also by giving url as, http://xx.xx.xx.xx:9390 but it is not displaying anythng, netstat -ltn is showing that openvasd is listening on port 9390. thanks ________________________________ From: sahaj pandey To: openvas discussion Cc: s p Sent: Tue, 16 February, 2010 4:14:31 PM Subject: regardingerror in loading gui i have installed openvas on my system and done all the prelimanaries like adding certkey,adding user while starting "openvasd -D" it is giving some error and also not able to show gui. output of openvasd -D is [root at localhost openvas]# openvasd -D portscan-strobe.nasl could not be added to the cache and is likely to stay invisible to the client. W32.Sasser.Worm.nasl could not be added to the cache and is likely to stay invisible to the client. pnscan.nasl could not be added to the cache and is likely to stay invisible to the client. amap.nasl could not be added to the cache and is likely to stay invisible to the client. snmpwalk_portscan.nasl could not be added to the cache and is likely to stay invisible to the client. portbunny.nasl could not be added to the cache and is likely to stay invisible to the client. All plugins loaded and for OpenVAS-Client is [root at localhost openvas]# OpenVAS-Client OpenVAS-Client: error while loading shared libraries: libssl.so.7: cannot open shared object file: No such file or directory [root at localhost openvas]# What can i do to remove these errors...?? thanks ________________________________ The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100216/27d4c995/attachment-0001.html ------------------------------ _______________________________________________ Openvas-discuss mailing list Openvas-discuss at wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss End of Openvas-discuss Digest, Vol 37, Issue 13 *********************************************** The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100216/0681fedc/attachment-0001.htm From michael.meyer at intevation.de Tue Feb 16 12:33:29 2010 From: michael.meyer at intevation.de (Michael Meyer) Date: Tue, 16 Feb 2010 12:33:29 +0100 Subject: [Openvas-discuss] Openvas-discuss Digest, Vol 37, Issue 13 In-Reply-To: <401455.18926.qm@web94408.mail.in2.yahoo.com> References: <401455.18926.qm@web94408.mail.in2.yahoo.com> Message-ID: <20100216113329.GA4755@komma-nix.de> *** sahaj pandey wrote: > i was trying to install version three only but i was not able to get the rpm for openvas-server, openvas-server is now called openvas-scanner. http://www.atomicorp.com/channels/atomic/fedora/6/i386/RPMS/openvas-scanner-3.0.0-1.fc6.art.i386.rpm Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From Jan-Oliver.Wagner at greenbone.net Tue Feb 16 12:36:51 2010 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Tue, 16 Feb 2010 12:36:51 +0100 Subject: [Openvas-discuss] Greenbone's OpenVAS Appliance now available Message-ID: <201002161237.09815.Jan-Oliver.Wagner@greenbone.net> Hi, as most of the OpenVAS community already knows, Greenbone worked on a appliance solution based on OpenVAS for quite some time. Last week we finally have the "Greenbone Security Manager" ready for shipping. See also here: http://www.greenbone.net/solutions/gbn_manager.html With a successful product (we call it just "GSM" over here) we should be able to contribute even more to the OpenVAS framework and the NVT Feed. Greenbone strictly follows the idea of Free Software. We even do not aim at a so-called "Open Core" business model. Target customers of the Greenbone Security Solutions are enterprises who need easy-to-handle vulnerability management with adequate/extensive SLAs. Let me know if you have questions, concerns or proposals. All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From michael.meyer at intevation.de Tue Feb 16 12:41:59 2010 From: michael.meyer at intevation.de (Michael Meyer) Date: Tue, 16 Feb 2010 12:41:59 +0100 Subject: [Openvas-discuss] regardingerror in loading gui In-Reply-To: <737051.45783.qm@web94407.mail.in2.yahoo.com> References: <642865.44880.qm@web94403.mail.in2.yahoo.com> <737051.45783.qm@web94407.mail.in2.yahoo.com> Message-ID: <20100216114159.GB4755@komma-nix.de> *** sahaj pandey wrote: > [root at localhost openvas]# OpenVAS-Client > > (OpenVAS-Client:32421): Gtk-WARNING **: cannot open display: Normally, only the user which started the X display is allowed to use it. Start OpenVAS-Client under this user. Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From Marco.Schaerfke at proteomics.com Tue Feb 16 13:00:29 2010 From: Marco.Schaerfke at proteomics.com (Marco Schaerfke) Date: Tue, 16 Feb 2010 13:00:29 +0100 Subject: [Openvas-discuss] Upgrade Openvas 2 to Openvas 3 Message-ID: <4B7A88DD.7020507@proteomics.com> Dear all, I installed the latest Openvas rpms on a CentOS 5 machine taken from the atomicrocketturtle repos.The old version works fine but with the new version I am unable to work with the client: The error message of the client is: OpenVAS-Client : ASN1 parser: Element was not found Command line was OpenVAS-Client --batch-mode= 9390 host.txt resultfile The error message is the same for the GUI. The server is up and running Unfortunately I have no idea to overcome this problem. Any comments ? Thanks for help Cheers Marco From iaf at iaf.ca Tue Feb 16 16:45:30 2010 From: iaf at iaf.ca (Ian Fawcett) Date: Tue, 16 Feb 2010 10:45:30 -0500 Subject: [Openvas-discuss] Nikto and virtual web servers Message-ID: <4B7ABD9A.1060200@iaf.ca> Hi, I scan a number of virtual webservers by specifying the FQDN of the webservers. However, when Nikto scans the web servers it appears to do a reverse DNS lookup and gets the name of another web server which it then scans. Is there an easy way in OpenVAS (I'm using the latest versions of 3) to tell Nikto not to do the reverse DNS lookup and just use the name? Thanks. From Jan-Oliver.Wagner at greenbone.net Tue Feb 16 17:12:00 2010 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Tue, 16 Feb 2010 17:12:00 +0100 Subject: [Openvas-discuss] Upgrade Openvas 2 to Openvas 3 In-Reply-To: <4B7A88DD.7020507@proteomics.com> References: <4B7A88DD.7020507@proteomics.com> Message-ID: <201002161712.07248.Jan-Oliver.Wagner@greenbone.net> On Dienstag, 16. Februar 2010, Marco Schaerfke wrote: > I installed the latest Openvas rpms on a CentOS 5 machine taken from the > atomicrocketturtle repos.The old version works fine but with the new > version I am unable to work with the client: The error message of the > client is: > > OpenVAS-Client : ASN1 parser: Element was not found > > Command line was > > OpenVAS-Client --batch-mode= 9390 > host.txt resultfile > > The error message is the same for the GUI. The server is up and running > > Unfortunately I have no idea to overcome this problem. Any comments ? I don't know about the CentOS packages in detail. However, I suspect something around gnutls/gcrypt. That's where a ASN1 parser is used. So, maybe wrong or missing libraries? Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From iaf at iaf.ca Tue Feb 16 20:50:19 2010 From: iaf at iaf.ca (Ian Fawcett) Date: Tue, 16 Feb 2010 14:50:19 -0500 Subject: [Openvas-discuss] 'shared_socket: Secret/SSH/socket is unknown' In-Reply-To: <4B7ABD9A.1060200@iaf.ca> References: <4B7ABD9A.1060200@iaf.ca> Message-ID: <4B7AF6FB.8050301@iaf.ca> I am running the latest updates of openvas version 3 and when I perform a scan (all safe plugins enabled) hundreds of 'shared_socket' messages showup in the log file (see below). Is this normal? Also, when OpenVAS-Client is run in batch mode the password shows up the process list. Is there anyway to hide the password? Any help would be appreciated - thanks. Ian. -------> shared_socket: Secret/SSH/socket is unknown process_internal_msg for slad_run.nasl returned -1 shared_socket: Secret/SSH/socket is unknown process_internal_msg for secpod_mcafee_prdts_sec_bypass_vuln_lin.nasl returned -1 shared_socket: Secret/SSH/socket is unknown process_internal_msg for gb_novell_edir_mult_vuln_nov08_lin.nasl returned -1 shared_socket: Secret/SSH/socket is unknown process_internal_msg for gb_streamripper_mult_bof_vuln_nov08_lin.nasl returned -1 <------- From bchandra at secpod.com Wed Feb 17 06:12:30 2010 From: bchandra at secpod.com (Chandrashekhar B) Date: Wed, 17 Feb 2010 10:42:30 +0530 Subject: [Openvas-discuss] 'shared_socket: Secret/SSH/socket is unknown' In-Reply-To: <4B7AF6FB.8050301@iaf.ca> References: <4B7ABD9A.1060200@iaf.ca> <4B7AF6FB.8050301@iaf.ca> Message-ID: Hello Ian, > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org > [mailto:openvas-discuss-bounces at wald.intevation.org] On > Behalf Of Ian Fawcett > Sent: Wednesday, February 17, 2010 1:20 AM > To: openvas-discuss at wald.intevation.org > Subject: [Openvas-discuss] 'shared_socket: Secret/SSH/socket > is unknown' > > I am running the latest updates of openvas version 3 and when > I perform a scan (all safe plugins enabled) hundreds of > 'shared_socket' messages showup in the log file (see below). > Is this normal? These messages are normal if you aren't looking to perform Local Security Checks scan. If you are, then you need to supply SSH credentials. > > Also, when OpenVAS-Client is run in batch mode the password > shows up the process list. Is there anyway to hide the password? > There's no way as of now. But, you could report an enhancement request. Thanks, Chandra. From sahaj_p at yahoo.co.in Wed Feb 17 07:10:39 2010 From: sahaj_p at yahoo.co.in (sahaj pandey) Date: Wed, 17 Feb 2010 11:40:39 +0530 (IST) Subject: [Openvas-discuss] Openvas-discuss Digest, Vol 37, Issue 14 In-Reply-To: References: Message-ID: <936897.17436.qm@web94405.mail.in2.yahoo.com> Hi, previously i have installed openvas 2.x but i have decided to upgrade it to 3.x, so i downloded latest rpms and installed it, openvas-libraries-3.0.3-1.fc6.art.i386.rpm openvas-scanner-3.0.1-1.fc6.art.i386.rpm openvas-libnasl-2.0.2-1.fc6.art.i386.rpm. openvas-client-2.0.5-3.1.i386.rpm. openvas-plugins-1.0.7-3.2.i386.rpm. but while installing "openvas-plugins-1.0.7-3.2.i386.rpm" it is giving error, warning: openvas-plugins-1.0.7-3.2.i386.rpm: Header V3 DSA signature: NOKEY, key ID 1d8d28b8 Preparing... ########################################### [100%] file /usr/lib/openvas/plugins/find_service.nes from install of openvas-plugins-1.0.7-3.2 conflicts with file from package openvas-scanner-3.0.1-1.fc6.art file /usr/lib/openvas/plugins/openvas_tcp_scanner.nes from install of openvas-plugins-1.0.7-3.2 conflicts with file from package openvas-scanner-3.0.1-1.fc6.art file /usr/lib/openvas/plugins/ssl_ciphers.nes from install of openvas-plugins-1.0.7-3.2 conflicts with file from package openvas-scanner-3.0.1-1.fc6.art file /usr/lib/openvas/plugins/synscan.nes from install of openvas-plugins-1.0.7-3.2 conflicts with file from package openvas-scanner-3.0.1-1.fc6.art file /usr/sbin/openvas-nvt-sync from install of openvas-plugins-1.0.7-3.2 conflicts with file from package openvas-scanner-3.0.1-1.fc6.art sorry for my ignorance but i am new to this. :) as the system on which i am installing openvas has no internet connection for now, it will take some time to have internet connection, so plz suggest me what i am doing wrong and how can i update my plugins offline. my system is Fedora Core release 6. thanks. Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! http://downloads.yahoo.com/in/internetexplorer/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100217/b9f47438/attachment.htm From felix.wolfsteller at intevation.de Wed Feb 17 08:36:41 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Wed, 17 Feb 2010 08:36:41 +0100 Subject: [Openvas-discuss] Upgrade Openvas 2 to Openvas 3 In-Reply-To: <4B7A88DD.7020507@proteomics.com> References: <4B7A88DD.7020507@proteomics.com> Message-ID: <201002170836.41887.felix.wolfsteller@intevation.de> Hi, atomicturtle mentioned something in the irc channel (http://openvas.org/online-chat.html) about an outdated libtasn or something like that. I am sure he can give you some feedback (i assume you used his repository for installing OpenVAS). -- felix On Tuesday 16 February 2010 13:00:29 Marco Schaerfke wrote: > Dear all, > > I installed the latest Openvas rpms on a CentOS 5 machine taken from the > atomicrocketturtle repos.The old version works fine but with the new > version I am unable to work with the client: The error message of the > client is: > > OpenVAS-Client : ASN1 parser: Element was not found > > Command line was > > OpenVAS-Client ?--batch-mode= 9390 > host.txt resultfile > > The error message is the same for the GUI. The server is up and running > > Unfortunately I have no idea to overcome this problem. Any comments ? > > Thanks for help > > Cheers > > Marco > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Felix Wolfsteller | ?++49 541 335083-783 ?| ?http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From felix.wolfsteller at intevation.de Wed Feb 17 08:45:03 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Wed, 17 Feb 2010 08:45:03 +0100 Subject: [Openvas-discuss] How to install NVTs on a machine without internet connection In-Reply-To: <936897.17436.qm@web94405.mail.in2.yahoo.com> References: <936897.17436.qm@web94405.mail.in2.yahoo.com> Message-ID: <201002170845.04220.felix.wolfsteller@intevation.de> Hi Sahaj Please choose an appropriate title for emails to openvas-discuss :) . On Wednesday 17 February 2010 07:10:39 sahaj pandey wrote: > but i have decided to upgrade it to 3.x, so i downloded latest rpms and > installed it, > > but while installing "openvas-plugins-1.0.7-3.2.i386.rpm" it is giving > error, The openvas-plugin package is (as stated) incompatible with OpenVAS 3. You can fetch the current plugins (we tend to call them "Network Vulnerability Tests", NVTs) from http://www.openvas.org/openvas-nvt-feed-current.tar.bz2 . Then you will have to install (unpack) these plugins to the "plugins_folder" (specified in /etc/openvas/openvassd.conf). Getting updates than is tideos, because you will always download ALL NVTs. Instead, you could setup an openvas-scanner on the machine with internet connection and invoke "openvas-nvt-sync". This will fetch the newest plugins into the "plugins_dir". From there you will have to copy them to the machine on which you actually want to use them. -- felix > warning: openvas-plugins-1.0.7-3.2.i386.rpm: Header V3 DSA signature: > NOKEY, key ID 1d8d28b8 Preparing... > ########################################### [100%] file > /usr/lib/openvas/plugins/find_service.nes from install of > openvas-plugins-1.0.7-3.2 conflicts with file from package > openvas-scanner-3.0.1-1.fc6.art file > /usr/lib/openvas/plugins/openvas_tcp_scanner.nes from install of > openvas-plugins-1.0.7-3.2 conflicts with file from package > openvas-scanner-3.0.1-1.fc6.art file > /usr/lib/openvas/plugins/ssl_ciphers.nes from install of > openvas-plugins-1.0.7-3.2 conflicts with file from package > openvas-scanner-3.0.1-1.fc6.art file /usr/lib/openvas/plugins/synscan.nes > from install of openvas-plugins-1.0.7-3.2 conflicts with file from package > openvas-scanner-3.0.1-1.fc6.art file /usr/sbin/openvas-nvt-sync from > install of openvas-plugins-1.0.7-3.2 conflicts with file from package > openvas-scanner-3.0.1-1.fc6.art > > sorry for my ignorance but i am new to this. :) > > as the system on which i am installing openvas has no internet connection > for now, it will take some time to have internet connection, so plz suggest > me what i am doing wrong and how can i update my plugins offline. > > my system is Fedora Core release 6. > > thanks. > > > > Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! > http://downloads.yahoo.com/in/internetexplorer/ -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From sahaj_p at yahoo.co.in Wed Feb 17 10:55:04 2010 From: sahaj_p at yahoo.co.in (sahaj pandey) Date: Wed, 17 Feb 2010 15:25:04 +0530 (IST) Subject: [Openvas-discuss] error while running nasl script Message-ID: <724965.17768.qm@web94405.mail.in2.yahoo.com> Hi, i am a student and trying to learn using openvas. i have updated plugins directory with new plugins but when i am running script with command line, it is giving error. [root at localhost openvas]# openvas-nasl -X -t xx.xx.xx.xx script.nasl openvas-nasl: symbol lookup error: openvas-nasl: undefined symbol: proto_post_debug [root at localhost openvas]# what is this error about..?? when i had installed version 2.x it didnt gave error,n was running script succesfully. can u plz guide me where can i get all rpms for openvas-3.x. Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! http://downloads.yahoo.com/in/internetexplorer/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100217/f0fe4656/attachment.htm From bchandra at secpod.com Wed Feb 17 11:08:34 2010 From: bchandra at secpod.com (Chandrashekhar B) Date: Wed, 17 Feb 2010 15:38:34 +0530 Subject: [Openvas-discuss] error while running nasl script In-Reply-To: <724965.17768.qm@web94405.mail.in2.yahoo.com> References: <724965.17768.qm@web94405.mail.in2.yahoo.com> Message-ID: Hello Sahaj, _____ From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of sahaj pandey Sent: Wednesday, February 17, 2010 3:25 PM To: openvas discussion Cc: s p Subject: [Openvas-discuss] error while running nasl script Hi, i am a student and trying to learn using openvas. Good to know. i have updated plugins directory with new plugins but when i am running script with command line, it is giving error. [root at localhost openvas]# openvas-nasl -X -t xx.xx.xx.xx script.nasl openvas-nasl: symbol lookup error: openvas-nasl: undefined symbol: proto_post_debug [root at localhost openvas]# There's no NASL function called proto_post_debug. Hence the undefined symbol. What are you trying to do in script.nasl? what is this error about..?? when i had installed version 2.x it didnt gave error,n was running script succesfully. can u plz guide me where can i get all rpms for openvas-3.x. _____ The INTERNET now has a personality. YOURS! See your Yahoo! Homepage . -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100217/69ec1723/attachment.html From edward.fjellskal at redpill-linpro.com Wed Feb 17 14:42:51 2010 From: edward.fjellskal at redpill-linpro.com (=?ISO-8859-1?Q?Edward_Bjarte_Fjellsk=E5l?=) Date: Wed, 17 Feb 2010 14:42:51 +0100 Subject: [Openvas-discuss] port scans and checks In-Reply-To: <20100128193527.GA30165@komma-nix.de> References: <33095823FD21DF429B481B5163264B793FCBC6BD39@VMBX102.ihostexchange.net> <20100128193527.GA30165@komma-nix.de> Message-ID: <4B7BF25B.1060804@redpill-linpro.com> Michael Meyer wrote: > Hello, > > *** Yungwei Chen wrote: > >> I found that although OpenVAS TCP Scanner properly finds all open >> ports on a remote host, subsequent checks fail to find any security >> vulnerabilities of a Apache server on the remote host. > > Could you please show me the banner of this Apache. > > | mime at kira:~ % telnet 192.168.2.22 80 > | Trying 192.168.2.22... > | Connected to 192.168.2.22. > | Escape character is '^]'. > | GET / HTTP/1.0 > | > | HTTP/1.1 200 OK > | Date: Thu, 28 Jan 2010 19:33:02 GMT > | Server: Apache/2.2.13 (FreeBSD) DAV/2 mod_ssl/2.2.13 OpenSSL/0.9.8k > > Most plugins just check the version from the banner. If no version is > displayed, they will fail to detect vulnerabilities. In this case > you should try local security checks. > > Micha > If you dont have the "banner", my college has made this great tool to detect webserver and version based on behavior! http://freshmeat.net/projects/htrosbif "htrosbif is a tool that actively probes an HTTP server. It prods the Web server in all sorts of old, new, basic, fancy, spec-compliant, and spec-breaking ways. It tries to characterize both the well-spoken educated responses and the seriously deviant babble it receives in return. Signatures contain no user data, only header names and HTTP-level quirks. As a useful side effect, this might detect reverse proxies, HTTP load balancers, intrusion prevention systems, and Web application firewalls" So, as a bonus, you might be able to see things that OpenVAS does not see! Example: $ perl htrosbif http://pronix.no/ Match (1224/1400): varnish-2.0.4.sig => apache-2.2.13-basic.sig Match (1202/1400): varnish-2.0.4.sig => apache-1.2.6.sig Match (1202/1400): varnish-2.0.4.sig => apache-1.2.6-php3-loaded.sig Match (1144/1400): varnish-2.0.4.sig => apache-2.2.13-php-5.3.0-used.sig Match (1105/1400): varnish-2.0.4.sig => tomcat-5.5.28.sig Match (1105/1400): varnish-2.0.4.sig => tomcat-4.1.40.sig Match (1102/1400): varnish-2.0.4.sig => hydra-0.1.0.sig Match (1096/1400): varnish-2.0.4.sig => apache-1.2.6-php3-used.sig Match (1069/1400): varnish-2.0.4.sig => tomcat-6.0.20.sig Match (1059/1400): varnish-2.0.4.sig => hydra-0.1.3.sig #### htrosbif detects Varnish-2.0.4, then apache as 2.2.13 $ HEAD http://pronix.no/ 200 OK Connection: close Date: Fri, 29 Jan 2010 18:53:06 GMT Via: 1.1 varnish Age: 28 ETag: "400e-2e8-46574ae328200" Server: Apache Content-Length: 744 Content-Type: text/html; charset=ISO-8859-1 Last-Modified: Thu, 19 Mar 2009 08:35:20 GMT Client-Date: Fri, 29 Jan 2010 18:53:01 GMT Client-Peer: 94.139.80.5:80 Client-Response-Num: 1 X-Varnish: 437381081 437381067 # from commandline on pronix.no: $ apache2 -V Server version: Apache/2.2.3 .... $ varnishd -V varnishd (varnish-2.0.4) Copyright (c) 2006-2009 Linpro AS / Verdens Gang AS From Jan-Oliver.Wagner at greenbone.net Wed Feb 17 16:38:29 2010 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Wed, 17 Feb 2010 16:38:29 +0100 Subject: [Openvas-discuss] Openvas-discuss Digest, Vol 37, Issue 14 In-Reply-To: <936897.17436.qm@web94405.mail.in2.yahoo.com> References: <936897.17436.qm@web94405.mail.in2.yahoo.com> Message-ID: <201002171638.33611.Jan-Oliver.Wagner@greenbone.net> On Mittwoch, 17. Februar 2010, sahaj pandey wrote: > previously i have installed openvas 2.x > > but i have decided to upgrade it to 3.x, so i downloded latest rpms and installed it, > > openvas-libraries-3.0.3-1.fc6.art.i386.rpm > openvas-scanner-3.0.1-1.fc6.art.i386.rpm these two are enough. > openvas-libnasl-2.0.2-1.fc6.art.i386.rpm. > openvas-client-2.0.5-3.1.i386.rpm. > openvas-plugins-1.0.7-3.2.i386.rpm. remove these again. > but while installing "openvas-plugins-1.0.7-3.2.i386.rpm" it is giving error, this is because you mixed 2.0 and 3.0. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From Jan-Oliver.Wagner at greenbone.net Wed Feb 17 16:42:49 2010 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Wed, 17 Feb 2010 16:42:49 +0100 Subject: [Openvas-discuss] port scans and checks In-Reply-To: <4B7BF25B.1060804@redpill-linpro.com> References: <33095823FD21DF429B481B5163264B793FCBC6BD39@VMBX102.ihostexchange.net> <20100128193527.GA30165@komma-nix.de> <4B7BF25B.1060804@redpill-linpro.com> Message-ID: <201002171642.51035.Jan-Oliver.Wagner@greenbone.net> On Mittwoch, 17. Februar 2010, Edward Bjarte Fjellsk?l wrote: > If you dont have the "banner", my college has made this great tool > to detect webserver and version based on behavior! > > http://freshmeat.net/projects/htrosbif > > "htrosbif is a tool that actively probes an HTTP server. It prods the > Web server in all sorts of old, new, basic, fancy, spec-compliant, and > spec-breaking ways. It tries to characterize both the well-spoken > educated responses and the seriously deviant babble it receives in > return. Signatures contain no user data, only header names and > HTTP-level quirks. As a useful side effect, this might detect reverse > proxies, HTTP load balancers, intrusion prevention systems, and Web > application firewalls" > > So, as a bonus, you might be able to see things that OpenVAS does not > see! > > Example: looks interesting. Any volunteer to write a NASL wrapper for this tool? (Its a nice challenge but not too complicated) Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From iaf at iaf.ca Wed Feb 17 16:58:53 2010 From: iaf at iaf.ca (Ian Fawcett) Date: Wed, 17 Feb 2010 10:58:53 -0500 Subject: [Openvas-discuss] 'shared_socket: Secret/SSH/socket is unknown' In-Reply-To: References: <4B7ABD9A.1060200@iaf.ca> <4B7AF6FB.8050301@iaf.ca> Message-ID: <4B7C123D.6020502@iaf.ca> Hi Chandra, Chandrashekhar B wrote: > Hello Ian, > > >> -----Original Message----- >> From: openvas-discuss-bounces at wald.intevation.org >> [mailto:openvas-discuss-bounces at wald.intevation.org] On >> Behalf Of Ian Fawcett >> Sent: Wednesday, February 17, 2010 1:20 AM >> To: openvas-discuss at wald.intevation.org >> Subject: [Openvas-discuss] 'shared_socket: Secret/SSH/socket >> is unknown' >> >> I am running the latest updates of openvas version 3 and when >> I perform a scan (all safe plugins enabled) hundreds of >> 'shared_socket' messages showup in the log file (see below). >> Is this normal? > > These messages are normal if you aren't looking to perform Local Security > Checks scan. If you are, then you need to supply SSH credentials. These are remote scans so the behaviour is normal - good! > >> Also, when OpenVAS-Client is run in batch mode the password >> shows up the process list. Is there anyway to hide the password? >> > > There's no way as of now. But, you could report an enhancement request. > To which forum should I make an enhancement request? And thanks for the information. Cheers, Ian. From michael.meyer at intevation.de Wed Feb 17 19:17:44 2010 From: michael.meyer at intevation.de (Michael Meyer) Date: Wed, 17 Feb 2010 19:17:44 +0100 Subject: [Openvas-discuss] port scans and checks In-Reply-To: <4B7BF25B.1060804@redpill-linpro.com> References: <33095823FD21DF429B481B5163264B793FCBC6BD39@VMBX102.ihostexchange.net> <20100128193527.GA30165@komma-nix.de> <4B7BF25B.1060804@redpill-linpro.com> Message-ID: <20100217181744.GA6870@komma-nix.de> *** Edward Bjarte Fjellsk?l wrote: > If you dont have the "banner", my college has made this great tool > to detect webserver and version based on behavior! ,---| | openvas-qa:/tmp/htrosbif-alpha-4 # ./htrosbif http://192.168.2.4:8080/ | Match (1400/1400): nginx-0.8.4.sig | Match (1400/1400): nginx-0.7.62.sig | Match (1400/1400): nginx-0.6.39.sig | [...] | | mime at kira:/tmp % telnet 192.168.2.4 8080 | [...] | Server: nginx/0.7.62 `---| Here we can only guess what the correct version is. ,---| | openvas-qa:/tmp/htrosbif-alpha-4 # ./htrosbif http://192.168.2.3/ | Match (1315/1400): apache-1.2.6-php3-used.sig | Match (1283/1400): apache-2.2.13-php-5.3.0-used.sig | Match (1152/1400): apache-2.2.13-basic.sig | Match (1126/1400): apache-1.2.6-php3-loaded.sig | Match (1126/1400): apache-1.2.6.sig | | openvas-qa:/tmp/htrosbif-alpha-4 # telnet 192.168.2.3 80 | [...] | Server: Apache/2.2.14 `---| Wrong match. ,---| | openvas-qa:/tmp/htrosbif-alpha-4 # ./htrosbif http://192.168.2.4/ | Match (1351/1400): apache-2.2.13-basic.sig | Match (1203/1400): apache-2.2.13-php-5.3.0-used.sig | Match (1139/1400): apache-1.2.6-php3-used.sig | Match (1135/1400): apache-1.2.6-php3-loaded.sig | Match (1135/1400): apache-1.2.6.sig | | openvas-qa:/tmp/htrosbif-alpha-4 # telnet 192.168.2.4 80 | [...] | Server: Apache/2.2.9 PHP/5.2.6 `---| Wrong match. ,---| | openvas-qa:/tmp/htrosbif-alpha-4 # ./htrosbif http://192.168.2.6/ | Match (1125/1400): iis-5.1.sig | Match (867/1400): jetty-4.0.6.sig | Match (842/1400): apache-1.2.6-php3-loaded.sig | | openvas-qa:/tmp/htrosbif-alpha-4 # telnet 192.168.2.6 80 | [...] | Server: Microsoft-IIS/5.1 `---| Ok, that is correct. I do a few more tests and sometimes it detects the correct version but very often it doesn't. IMHO it is a very nice tool but the results are still not accurate enough. If we use this, we would produce a lot of false positives when we doing version comparison with the results of this tool. It is certainly worth a look again when it leaves the alpha status and/or it has more signatures. Just my 2 cents. Micha -- Michael Meyer OpenPGP Key: 76E050B9 http://www.intevation.de Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck; AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From bchandra at secpod.com Thu Feb 18 06:16:52 2010 From: bchandra at secpod.com (Chandrashekhar B) Date: Thu, 18 Feb 2010 10:46:52 +0530 Subject: [Openvas-discuss] 'shared_socket: Secret/SSH/socket is unknown' In-Reply-To: <4B7C123D.6020502@iaf.ca> References: <4B7ABD9A.1060200@iaf.ca> <4B7AF6FB.8050301@iaf.ca> <4B7C123D.6020502@iaf.ca> Message-ID: Hello Ian, > -----Original Message----- > From: Ian Fawcett [mailto:iaf at iaf.ca] > Sent: Wednesday, February 17, 2010 9:29 PM > To: Chandrashekhar B > Cc: openvas-discuss at wald.intevation.org > Subject: Re: [Openvas-discuss] 'shared_socket: > Secret/SSH/socket is unknown' > > Hi Chandra, > > Chandrashekhar B wrote: > > Hello Ian, > > > > > >> -----Original Message----- > >> From: openvas-discuss-bounces at wald.intevation.org > >> [mailto:openvas-discuss-bounces at wald.intevation.org] On > Behalf Of Ian > >> Fawcett > >> Sent: Wednesday, February 17, 2010 1:20 AM > >> To: openvas-discuss at wald.intevation.org > >> Subject: [Openvas-discuss] 'shared_socket: Secret/SSH/socket is > >> unknown' > >> > >> I am running the latest updates of openvas version 3 and when I > >> perform a scan (all safe plugins enabled) hundreds of > 'shared_socket' > >> messages showup in the log file (see below). > >> Is this normal? > > > > These messages are normal if you aren't looking to perform Local > > Security Checks scan. If you are, then you need to supply > SSH credentials. > > These are remote scans so the behaviour is normal - good! > > > > >> Also, when OpenVAS-Client is run in batch mode the > password shows up > >> the process list. Is there anyway to hide the password? > >> > > > > There's no way as of now. But, you could report an > enhancement request. > > > > To which forum should I make an enhancement request? Actually a bug tracker at openvas.org, you need to register to report bugs. Otherwise, we can report on your behalf. Chandra. From sahaj_p at yahoo.co.in Thu Feb 18 07:12:32 2010 From: sahaj_p at yahoo.co.in (sahaj pandey) Date: Thu, 18 Feb 2010 11:42:32 +0530 (IST) Subject: [Openvas-discuss] How to Scan a target from command line(openvas) Message-ID: <164587.41532.qm@web94407.mail.in2.yahoo.com> Hi, i have installed openvas version 3.0. i want to scan a target using command line. how can i scan the target using command line..? thanks. The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100218/accd1ab3/attachment-0001.htm From iaf at iaf.ca Thu Feb 18 19:08:42 2010 From: iaf at iaf.ca (Ian Fawcett) Date: Thu, 18 Feb 2010 13:08:42 -0500 Subject: [Openvas-discuss] xml output and xslt stylesheet Message-ID: <4B7D822A.60002@iaf.ca> There was an xslt stylesheet file available on the net (nessus.xsl) that could be used to transform nessus XML output to a sorted HTML file. Is there similar type of stylesheet available for openvas? Thanks, Ian. From felix.wolfsteller at intevation.de Fri Feb 19 08:50:23 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Fri, 19 Feb 2010 08:50:23 +0100 Subject: [Openvas-discuss] xml output and xslt stylesheet In-Reply-To: <4B7D822A.60002@iaf.ca> References: <4B7D822A.60002@iaf.ca> Message-ID: <201002190850.23718.felix.wolfsteller@intevation.de> Hi Ian If your question is whether there is an easy way to get html reports: Yes, the openvas-manager can produce html reports. The gsa also serves html, and generally uses a xslt to transform OMP (xml-based) to html. Thus, you could get some inspiration from the gsa-stylesheets. Also, hackertarget (http://hackertarget.com) had some php scripts available that generate structured and navigatable html reports. They had source code available for download on their webpage that wasnt clear about the license. Afair they agreed to release it under GPL2, but I have never since heard of the scripts (and I cant easily find them right now). -- felix On Thursday 18 February 2010 19:08:42 Ian Fawcett wrote: > There was an xslt stylesheet file available on the net (nessus.xsl) that > could be used to transform nessus XML output to a sorted HTML file. Is > there similar type of stylesheet available for openvas? > > Thanks, > Ian. > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From Francesco.Vincenti at aspasiel.it Fri Feb 19 16:18:30 2010 From: Francesco.Vincenti at aspasiel.it (Vincenti Francesco) Date: Fri, 19 Feb 2010 16:18:30 +0100 Subject: [Openvas-discuss] openvas families Message-ID: <44723F4E8DBA8A468731FB3DD220CEC7B209C0@VW3TEX4009.TKSAST.NET> Hello everybody I need some help to classify all the openvas plugins families according these IT infrastructure components: - Network - Systems - Data - Applications - Dial-up Thanks. Francesco Vincenti -------------------------------------------------------- This e-mail and any attachments is a confidential correspondence intended only for use of the individual or entity named above. If you are not the intended recipient or the agent responsible for delivering the message to the intended recipient, you are hereby notified that any disclosure, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the error at the following email address: helpdesk at aspasiel.it or at Aspasiel Helpdesk Team by phone (phone number +390744203555), and then delete this message from your system. P Please consider our environment and think before you print. Thank you! q -------------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100219/25681988/attachment.html From shankhsps at gmail.com Sat Feb 20 10:21:57 2010 From: shankhsps at gmail.com (shankhs ch) Date: Sat, 20 Feb 2010 14:51:57 +0530 Subject: [Openvas-discuss] Hi Message-ID: <2b2ecc681002200121s3441588frda3fcb88b9442621@mail.gmail.com> Hi My name is Shankhoneer from Bangalore, India and I am in the final year of my college.I am really passionate about softwares and their development. My skills are: 1. C/C++ 2. OpenCV 3. AutoIT 4. Linux Programming 5. Windows Programming I was involved in Indian Languages OCR project by Government Of India for 1.5 yrs. OpenVAS is pretty new to me but I want to learn how it works and use my skills to develop it. Regards shankhs -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100220/d090b828/attachment.html From finux at finux.co.uk Sat Feb 20 17:32:24 2010 From: finux at finux.co.uk (Arron M Finnon) Date: Sat, 20 Feb 2010 16:32:24 +0000 Subject: [Openvas-discuss] ** ERROR **: Key file does not start with a group Message-ID: <4B800E98.5070705@finux.co.uk> Hi There Guys, firstly i'd like to say hi my name is Arron and i just signed up for the mailing list. I've just installed OpenVAS server version 3.0.0 on Ubuntu 9.10. I installed it from source, however once i completed the openvas-nvt-sync command, i loaded openvassd and during the load time (when it was loading the plugging's) my system crashed. When i restarted it, and loaded up openvassd i received the following error message; Loading the plugins... 9792 (out of 16196) ** ERROR **: Key file does not start with a group aborting... Aborted I was wondering if you guys might have an idea of what is wrong, and where to look for fixing it. I thank you all in advance for any advice you can give with this issue. Thanks -- Arron "finux" Finnon Finux.co.uk/blog - Twitter.com/f1nux - facebook.com/finux Podcasting for HPR and TRACsec, shows can be found at; http://hackerpublicradio.org/correspondents.php?hostid=85 http://www.tracsec.com From michael.wiegand at intevation.de Mon Feb 22 08:10:59 2010 From: michael.wiegand at intevation.de (Michael Wiegand) Date: Mon, 22 Feb 2010 08:10:59 +0100 Subject: [Openvas-discuss] ** ERROR **: Key file does not start with a group In-Reply-To: <4B800E98.5070705@finux.co.uk> References: <4B800E98.5070705@finux.co.uk> Message-ID: <201002220810.59287.michael.wiegand@intevation.de> Am Samstag, 20. Februar 2010 17:32:24 schrieb Arron M Finnon: > firstly i'd like to say hi my name is Arron and i just signed up for the > mailing list. Welcome to the list then! :) > Loading the plugins... 9792 (out of 16196) > ** ERROR **: Key file does not start with a group > aborting... > Aborted > > I was wondering if you guys might have an idea of what is wrong, and > where to look for fixing it. It sounds to me like your NVT cache might have become corrupted. Could you remove the contents of /var/cache/openvas/ and try to launch openvassd again? Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabr?ck, Germany | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From sahaj_p at yahoo.co.in Mon Feb 22 08:28:03 2010 From: sahaj_p at yahoo.co.in (sahaj pandey) Date: Mon, 22 Feb 2010 12:58:03 +0530 (IST) Subject: [Openvas-discuss] regarding openvas scan Message-ID: <584186.5069.qm@web94404.mail.in2.yahoo.com> hi, i have openvas version(openvasd 2.0.3 for Linux). while i am launching OpenVAS-Client it is giving error like, [root at localhost openvas]# OpenVAS-Client (OpenVAS-Client:13115): Gtk-WARNING **: cannot open display: and when i am launching scan from command line, [root at localhost openvas]# OpenVAS-Client -qx localhost 9390 user password target.txt scanresults.html -T html OpenVAS-Client : Could not open a connection to localhost please help, thanks, sahaj Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! http://downloads.yahoo.com/in/internetexplorer/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100222/7fab5cbe/attachment.htm From felix.wolfsteller at intevation.de Mon Feb 22 08:44:28 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Mon, 22 Feb 2010 08:44:28 +0100 Subject: [Openvas-discuss] openvas families In-Reply-To: <44723F4E8DBA8A468731FB3DD220CEC7B209C0@VW3TEX4009.TKSAST.NET> References: <44723F4E8DBA8A468731FB3DD220CEC7B209C0@VW3TEX4009.TKSAST.NET> Message-ID: <201002220844.28571.felix.wolfsteller@intevation.de> Hi Francesco Could you describe your problem in more detail? -- felix On Friday 19 February 2010 16:18:30 Vincenti Francesco wrote: > Hello everybody > > I need some help to classify all the openvas plugins families according > these IT infrastructure components: > > - Network > > - Systems > > - Data > > - Applications > > - Dial-up > > > > Thanks. > > > > Francesco Vincenti > > > > -------------------------------------------------------- > > This e-mail and any attachments is a confidential correspondence intended > only for use of the individual or entity named above. If you are not the > intended recipient or the agent responsible for delivering the message to > the intended recipient, you are hereby notified that any disclosure, > distribution or copying of this communication is strictly prohibited. If > you have received this communication in error, please notify the error at > the following email address: helpdesk at aspasiel.it or at Aspasiel Helpdesk > Team by phone (phone number +390744203555), and then delete this message > from your system. P Please consider our environment and think before you > print. Thank you! q > -------------------------------------------------------- -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From felix.wolfsteller at intevation.de Mon Feb 22 08:56:48 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Mon, 22 Feb 2010 08:56:48 +0100 Subject: [Openvas-discuss] ** ERROR **: Key file does not start with a group In-Reply-To: <4B800E98.5070705@finux.co.uk> References: <4B800E98.5070705@finux.co.uk> Message-ID: <201002220856.48297.felix.wolfsteller@intevation.de> Hi Arron We had some conversation on the irc channel about it. Please reply if your setup is fixed now. Assuming a broken cache, it would be interesting to know which cache file caused the problem. Therefore, enable following option in (PREFIX)/etc/openvas/openvassd.conf log_plugins_name_at_load = yes Then, restart the scanner and look at the output of (PREFIX)/var/log/openvas/openvassd.messages After you found out which plugin caused the issue, remove the respective .nvti file from the cache directory, e.g. rm (PREFIX)/var/cache/openvas/mybrokennvt.nasl.nvti The file will be recreated on the next startup of the scanner and your problem should be solved. -- felix On Saturday 20 February 2010 17:32:24 Arron M Finnon wrote: > Hi There Guys, > > firstly i'd like to say hi my name is Arron and i just signed up for the > mailing list. > > I've just installed OpenVAS server version 3.0.0 on Ubuntu 9.10. I > installed it from source, however once i completed the openvas-nvt-sync > command, i loaded openvassd and during the load time (when it was > loading the plugging's) my system crashed. When i restarted it, and > loaded up openvassd i received the following error message; > > Loading the plugins... 9792 (out of 16196) > ** ERROR **: Key file does not start with a group > aborting... > Aborted > > I was wondering if you guys might have an idea of what is wrong, and > where to look for fixing it. > > I thank you all in advance for any advice you can give with this issue. > > Thanks -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From felix.wolfsteller at intevation.de Mon Feb 22 10:34:03 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Mon, 22 Feb 2010 10:34:03 +0100 Subject: [Openvas-discuss] ** ERROR **: Key file does not start with a group In-Reply-To: <4B800E98.5070705@finux.co.uk> References: <4B800E98.5070705@finux.co.uk> Message-ID: <201002221034.03361.felix.wolfsteller@intevation.de> Forwarding answer. ---------- Forwarded Message ---------- Subject: Re: [Openvas-discuss] ** ERROR **: Key file does not start with a group Date: Montag, 22. Februar 2010 From: Arron M Finnon To: Felix Wolfsteller Hi Guys, Sorry i haven't messaged back sooner, it was a problem with a corrupt cache. I just cd'd into the folder with the cache and issues rm * then loaded openvassd again and it fixed the issue. Felix; thank you for all the help you gave in the IRC. You'd gone off line before i could tell you it was fixed Once again thanks guys Finux -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From felix.wolfsteller at intevation.de Mon Feb 22 10:38:06 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Mon, 22 Feb 2010 10:38:06 +0100 Subject: [Openvas-discuss] regarding openvas scan In-Reply-To: <584186.5069.qm@web94404.mail.in2.yahoo.com> References: <584186.5069.qm@web94404.mail.in2.yahoo.com> Message-ID: <201002221038.06891.felix.wolfsteller@intevation.de> Michael answered your question on 16.02.2010 12:41 : " Normally, only the user which started the X display is allowed to use it. Start OpenVAS-Client under this user. " Try running OpenVAS-Client as non-root. -- felix On Monday 22 February 2010 08:28:03 sahaj pandey wrote: > hi, > > i have openvas version(openvasd 2.0.3 for Linux). > while i am launching OpenVAS-Client it is giving error like, > > [root at localhost openvas]# OpenVAS-Client > > (OpenVAS-Client:13115): Gtk-WARNING **: cannot open display: > > and when i am launching scan from command line, > > [root at localhost openvas]# OpenVAS-Client -qx localhost 9390 user password > target.txt scanresults.html -T html OpenVAS-Client : Could not open a > connection to localhost > > please help, > > thanks, > sahaj > > > Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! > http://downloads.yahoo.com/in/internetexplorer/ -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From shankhsps at gmail.com Mon Feb 22 10:50:15 2010 From: shankhsps at gmail.com (shankhs ch) Date: Mon, 22 Feb 2010 15:20:15 +0530 Subject: [Openvas-discuss] Is OpenVAS available for Windows Message-ID: <2b2ecc681002220150q5abe49caq70539476e98c370b@mail.gmail.com> Hi I want to know if there is a development version of OpenVAS compatible with windows? Is there any other mailing list for win? Can you please give the url? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100222/aab10fa0/attachment-0001.html From sahaj_p at yahoo.co.in Mon Feb 22 12:41:14 2010 From: sahaj_p at yahoo.co.in (sahaj pandey) Date: Mon, 22 Feb 2010 17:11:14 +0530 (IST) Subject: [Openvas-discuss] "Secret/SSH/socket is unknown " problem Message-ID: <902325.47181.qm@web94402.mail.in2.yahoo.com> Hi, I had problems with command line scan with openvas, but now i am able to launch the attack. thanks to all for help. while running scan i am getting many "returned -1" messages in "/var/log/openvas/openvasd.messages". As i am getting from it that these plugins are not able to execute,correct me if i am wrong because i am newbie to openvas. :) what may be the problem and how can i resolve it?? i am pasting the ;ast few lines of openvasd.messages file below. i have openvas version 2.0.3 and i have updated plugins with "openvas-nvt-feed-current.tar.bz2". ----------------------------------------------------------------------------- [Mon Feb 22 18:58:44 2010][21310] process_internal_msg for gb_gd_graphics_library_detect_lin.nasl returned -1 [Mon Feb 22 18:58:44 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:58:44 2010][21310] process_internal_msg for gb_sun_java_ws_code_exec_vuln_lin.nasl returned -1 [Mon Feb 22 18:59:00 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:00 2010][21310] process_internal_msg for gb_dovecot_mult_sec_bypass_vuln.nasl returned -1 [Mon Feb 22 18:59:00 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:00 2010][21310] process_internal_msg for gb_chm2pdf_insec_tmp_file_crtn_vuln.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for secpod_netscape_detect_lin.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for gb_vlc_media_player_ty_bof_vuln_lin.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for libpng_CB-A08-0064.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for secpod_freeradius_detect.nasl returned -1 [Mon Feb 22 18:59:06 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:06 2010][21310] process_internal_msg for secpod_openjdk_detect.nasl returned -1 ------------------------------------------------------------------------------------ Thanks, sahaj Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! http://downloads.yahoo.com/in/internetexplorer/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100222/e3c3e6b3/attachment.htm From bchandra at secpod.com Mon Feb 22 12:50:08 2010 From: bchandra at secpod.com (Chandrashekhar B) Date: Mon, 22 Feb 2010 17:20:08 +0530 Subject: [Openvas-discuss] "Secret/SSH/socket is unknown " problem In-Reply-To: <902325.47181.qm@web94402.mail.in2.yahoo.com> References: <902325.47181.qm@web94402.mail.in2.yahoo.com> Message-ID: <2B78E39BC18E49D6B3FBF5F19E84643F@corp.nai.org> Sahaj, These are not errors. If you are looking to perform credential based scanning, you need to supply SSH credentials in the Credentials section of OpenVAS-Client. Then, these messages won't appear. Otherwise, for remote non-credential based checks, there's no issue. Thanks, Chandra. _____ From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of sahaj pandey Sent: Monday, February 22, 2010 5:11 PM To: openvas discussion Cc: s p Subject: [Openvas-discuss] "Secret/SSH/socket is unknown " problem Hi, I had problems with command line scan with openvas, but now i am able to launch the attack. thanks to all for help. while running scan i am getting many "returned -1" messages in "/var/log/openvas/openvasd.messages". As i am getting from it that these plugins are not able to execute,correct me if i am wrong because i am newbie to openvas. :) what may be the problem and how can i resolve it?? i am pasting the ;ast few lines of openvasd.messages file below. i have openvas version 2.0.3 and i have updated plugins with "openvas-nvt-feed-current.tar.bz2". ---------------------------------------------------------------------------- - [Mon Feb 22 18:58:44 2010][21310] process_internal_msg for gb_gd_graphics_library_detect_lin.nasl returned -1 [Mon Feb 22 18:58:44 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:58:44 2010][21310] process_internal_msg for gb_sun_java_ws_code_exec_vuln_lin.nasl returned -1 [Mon Feb 22 18:59:00 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:00 2010][21310] process_internal_msg for gb_dovecot_mult_sec_bypass_vuln.nasl returned -1 [Mon Feb 22 18:59:00 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:00 2010][21310] process_internal_msg for gb_chm2pdf_insec_tmp_file_crtn_vuln.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for secpod_netscape_detect_lin.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for gb_vlc_media_player_ty_bof_vuln_lin.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for libpng_CB-A08-0064.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for secpod_freeradius_detect.nasl returned -1 [Mon Feb 22 18:59:06 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:06 2010][21310] process_internal_msg for secpod_openjdk_detect.nasl returned -1 ---------------------------------------------------------------------------- -------- Thanks, sahaj _____ The INTERNET now has a personality. YOURS! See your Yahoo! Homepage . -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100222/e46cbe7e/attachment.html From zakiakhmad at gmail.com Tue Feb 23 04:48:21 2010 From: zakiakhmad at gmail.com (Zaki Akhmad) Date: Tue, 23 Feb 2010 10:48:21 +0700 Subject: [Openvas-discuss] OpenVAS 3.0 and Compendium 1.0.1 Message-ID: Hello all, I am trying to install OpenVAS 3.0 but when I read the OpenVAS Compendium 1.0.1, it seems the compendium isn't fit with OpenVAS 3.0 CMIIW. Anyone has documentation on install and configure OpenVAS 3.0? -- Zaki Akhmad From bchandra at secpod.com Tue Feb 23 07:20:36 2010 From: bchandra at secpod.com (Chandrashekhar B) Date: Tue, 23 Feb 2010 11:50:36 +0530 Subject: [Openvas-discuss] "Secret/SSH/socket is unknown " problem In-Reply-To: <647097.73822.qm@web94401.mail.in2.yahoo.com> References: <902325.47181.qm@web94402.mail.in2.yahoo.com> <2B78E39BC18E49D6B3FBF5F19E84643F@corp.nai.org> <647097.73822.qm@web94401.mail.in2.yahoo.com> Message-ID: <96558E0DDAE346018CC037BB3BFAB590@corp.nai.org> Sahaj, Easy way to create rc file is to configure everything you want through GUI client, giving SSH credentials etc and perform one scan. The rc file will get created under user's home dir ~/.openvas/SCAN_TASK/SCAN_SCOPE/openvasrc. Chandra. _____ From: sahaj pandey [mailto:sahaj_p at yahoo.co.in] Sent: Tuesday, February 23, 2010 11:45 AM To: Chandrashekhar B Subject: Re: [Openvas-discuss] "Secret/SSH/socket is unknown " problem Hi, i have one more question that how I can create custom .rc files for openvas and provide ssh credentials for scanning. as i am not getting any rc file created while scanning through command line. Thanks Sahaj _____ From: Chandrashekhar B To: sahaj pandey ; openvas discussion Sent: Mon, 22 February, 2010 5:20:08 PM Subject: RE: [Openvas-discuss] "Secret/SSH/socket is unknown " problem Sahaj, These are not errors. If you are looking to perform credential based scanning, you need to supply SSH credentials in the Credentials section of OpenVAS-Client. Then, these messages won't appear. Otherwise, for remote non-credential based checks, there's no issue. Thanks, Chandra. _____ From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss-bounces at wald.intevation.org] On Behalf Of sahaj pandey Sent: Monday, February 22, 2010 5:11 PM To: openvas discussion Cc: s p Subject: [Openvas-discuss] "Secret/SSH/socket is unknown " problem Hi, I had problems with command line scan with openvas, but now i am able to launch the attack. thanks to all for help. while running scan i am getting many "returned -1" messages in "/var/log/openvas/openvasd.messages". As i am getting from it that these plugins are not able to execute,correct me if i am wrong because i am newbie to openvas. :) what may be the problem and how can i resolve it?? i am pasting the ;ast few lines of openvasd.messages file below. i have openvas version 2.0.3 and i have updated plugins with "openvas-nvt-feed-current.tar.bz2". ---------------------------------------------------------------------------- - [Mon Feb 22 18:58:44 2010][21310] process_internal_msg for gb_gd_graphics_library_detect_lin.nasl returned -1 [Mon Feb 22 18:58:44 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:58:44 2010][21310] process_internal_msg for gb_sun_java_ws_code_exec_vuln_lin.nasl returned -1 [Mon Feb 22 18:59:00 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:00 2010][21310] process_internal_msg for gb_dovecot_mult_sec_bypass_vuln.nasl returned -1 [Mon Feb 22 18:59:00 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:00 2010][21310] process_internal_msg for gb_chm2pdf_insec_tmp_file_crtn_vuln.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for secpod_netscape_detect_lin.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for gb_vlc_media_player_ty_bof_vuln_lin.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for libpng_CB-A08-0064.nasl returned -1 [Mon Feb 22 18:59:05 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:05 2010][21310] process_internal_msg for secpod_freeradius_detect.nasl returned -1 [Mon Feb 22 18:59:06 2010][21310] shared_socket: Secret/SSH/socket is unknown [Mon Feb 22 18:59:06 2010][21310] process_internal_msg for secpod_openjdk_detect.nasl returned -1 ---------------------------------------------------------------------------- -------- Thanks, sahaj _____ The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. _____ Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! . -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100223/1d2d3910/attachment-0001.html From geoff at galitz.org Tue Feb 23 09:10:15 2010 From: geoff at galitz.org (Geoff Galitz) Date: Tue, 23 Feb 2010 09:10:15 +0100 Subject: [Openvas-discuss] OpenVAS 3.0 and Compendium 1.0.1 In-Reply-To: References: Message-ID: <021841A27794450F836CB24C2A2B129A@geoffPC> I'm working on a guide for that and hope to have that done real soon. If you have notes that you want to forward to the group, I can include them. What platform are you installing on? --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ > -----Original Message----- > From: openvas-discuss-bounces at wald.intevation.org [mailto:openvas-discuss- > bounces at wald.intevation.org] On Behalf Of Zaki Akhmad > Sent: Dienstag, 23. Februar 2010 04:48 > To: openvas-discuss at wald.intevation.org > Subject: [Openvas-discuss] OpenVAS 3.0 and Compendium 1.0.1 > > Hello all, > > I am trying to install OpenVAS 3.0 but when I read the OpenVAS > Compendium 1.0.1, it seems the compendium isn't fit with OpenVAS 3.0 > CMIIW. > > Anyone has documentation on install and configure OpenVAS 3.0? > > -- > Zaki Akhmad > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss From zakiakhmad at gmail.com Tue Feb 23 09:17:26 2010 From: zakiakhmad at gmail.com (Zaki Akhmad) Date: Tue, 23 Feb 2010 15:17:26 +0700 Subject: [Openvas-discuss] OpenVAS 3.0 and Compendium 1.0.1 In-Reply-To: <021841A27794450F836CB24C2A2B129A@geoffPC> References: <021841A27794450F836CB24C2A2B129A@geoffPC> Message-ID: On Tue, Feb 23, 2010 at 3:10 PM, Geoff Galitz wrote: > > > I'm working on a guide for that and hope to have that done real soon. ?If > you have notes that you want to forward to the group, I can include them. I have log my activity compiling openvas on my computer. > What platform are you installing on? I am installing on Ubuntu 9.10 x86 -- Zaki Akhmad From felix.wolfsteller at intevation.de Tue Feb 23 12:48:53 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Tue, 23 Feb 2010 12:48:53 +0100 Subject: [Openvas-discuss] Hi In-Reply-To: <2b2ecc681002200121s3441588frda3fcb88b9442621@mail.gmail.com> References: <2b2ecc681002200121s3441588frda3fcb88b9442621@mail.gmail.com> Message-ID: <201002231248.54114.felix.wolfsteller@intevation.de> Hi Shanks I suppose you introduce yourself because you want to apply for GSoC, right ;) ? If you have any (gsoc) idea regarding OpenVAS developement, feel free to share it. -- felix On Saturday 20 February 2010 10:21:57 shankhs ch wrote: > Hi > My name is Shankhoneer from Bangalore, India and I am in the final year of > my college.I am really passionate about softwares and their development. > My skills are: > > 1. C/C++ > 2. OpenCV > 3. AutoIT > 4. Linux Programming > 5. Windows Programming > > I was involved in Indian Languages OCR project by Government Of India for > 1.5 yrs. > OpenVAS is pretty new to me but I want to learn how it works and use my > skills to develop it. > > Regards > shankhs -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From mcoene at Bacardi.com Tue Feb 23 16:40:16 2010 From: mcoene at Bacardi.com (Matthew Coene) Date: Tue, 23 Feb 2010 11:40:16 -0400 Subject: [Openvas-discuss] Pies / Charts? Message-ID: Hello everyone... I implemented OpenVAS 3 a couple of months ago, and everyone involved absolutely thinks they system and framework is a godsend... I did notice one thing however I am curious about... As it is now, some of the staff have been exporting the OpenVAS reports to XML, parsing through the Hackerstorm framework, exporting to .xls format then generating the charts there, which is still obviously a manual process I would like to automate further going forward... One just because it would be nicer and more efficient... Secondly because I could guarantee reports / charts generated by different staff don't have the results / ratios skewed by individual influence on what criteria is charted and how... The OpenVAS client Message Log, claims a gentleman named Bruce Verderaime was / had working on built in (Pie/Charts). Though so far I have not found anywhere to enable it, nor has it seemingly be present in any of the report export format types... Can anyone tell me whether there is extra functionality I have to add to my server like jpgraph or similar to enable this?? It would be immensely appreciated. Kindest Regards and thanks to all the Dev's, Maintainers, Hosts, Testers, etc, for an absolutely fantastic product... Cheers, Matthew Coene ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ From Jan-Oliver.Wagner at greenbone.net Tue Feb 23 17:04:49 2010 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Tue, 23 Feb 2010 17:04:49 +0100 Subject: [Openvas-discuss] Is OpenVAS available for Windows In-Reply-To: <2b2ecc681002220150q5abe49caq70539476e98c370b@mail.gmail.com> References: <2b2ecc681002220150q5abe49caq70539476e98c370b@mail.gmail.com> Message-ID: <201002231704.56496.Jan-Oliver.Wagner@greenbone.net> On Montag, 22. Februar 2010, shankhs ch wrote: > I want to know if there is a development version of OpenVAS compatible with > windows? Is there any other mailing list for win? Can you please give the > url? OpenVAS can scan windows systems, but the scanner itself must run on a unxoid platform. Most people use a GNU/Linux. The web client "gsa" of course runs in most browsers and this year there will definitely come up a first version of a native desktop client for Windows. But there are no plans to have the scanner run on Windows. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From Jan-Oliver.Wagner at greenbone.net Tue Feb 23 17:12:48 2010 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Tue, 23 Feb 2010 17:12:48 +0100 Subject: [Openvas-discuss] How to Scan a target from command line(openvas) In-Reply-To: <164587.41532.qm@web94407.mail.in2.yahoo.com> References: <164587.41532.qm@web94407.mail.in2.yahoo.com> Message-ID: <201002231712.50180.Jan-Oliver.Wagner@greenbone.net> On Donnerstag, 18. Februar 2010, sahaj pandey wrote: > i have installed openvas version 3.0. > i want to scan a target using command line. how can i scan the target using command line..? $ OpenVAS-Client --help will list the command line options. "-q" will do the batch mode. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner From zakiakhmad at gmail.com Wed Feb 24 04:17:19 2010 From: zakiakhmad at gmail.com (Zaki Akhmad) Date: Wed, 24 Feb 2010 10:17:19 +0700 Subject: [Openvas-discuss] OpenVAS 3.0 and Compendium 1.0.1 In-Reply-To: <70364F66D307DF44B9B4141B56878A4A44E6DBFFF6@ITDSRVMBX00.utep.edu> References: <021841A27794450F836CB24C2A2B129A@geoffPC> <70364F66D307DF44B9B4141B56878A4A44E6DBFFF6@ITDSRVMBX00.utep.edu> Message-ID: On Tue, Feb 23, 2010 at 10:40 PM, Copenhaver, Walter A wrote: > I installed OpenVAS 3.0 on Debian from code following this instructions: http://www.laneolson.ca/2010/02/04/installing-openvas-3-on-ubuntu-9-10/ > > Hope that it helps. It helps, thanks! -- Zaki Akhmad From felix.wolfsteller at intevation.de Wed Feb 24 08:32:48 2010 From: felix.wolfsteller at intevation.de (Felix Wolfsteller) Date: Wed, 24 Feb 2010 08:32:48 +0100 Subject: [Openvas-discuss] Pies / Charts? In-Reply-To: References: Message-ID: <201002240832.49134.felix.wolfsteller@intevation.de> Hi Matthew I believe there are numerous tools out there than can generate nice graphs. Afaik the hackerstorm tool was able to build graphs "natively" from OpenVAS' nbe data format. The Gtk-Client was at least in version 2.0 able to generate the graphs "itself". I think you need the gdchart library installed at (before) configure time. I have not tested this in ages, though. Note that the Gtk- client and the nbe format might get deprecated sooner or later in favor of cleaner interfaces and data-formats. You would work "on the safe side" with the openvas-manager and its xml representation of results. Thus, you might look out for a tool that transforms xml data into sweet graphs and make it read the xml report format. If you find such a tool and a configuration, it would be highly appreciated if you share your progress (of course, reporting "dead ends" is highly appreciated, too). hth Enjoy --felix On Tuesday 23 February 2010 16:40:16 Matthew Coene wrote: > Hello everyone... > > I implemented OpenVAS 3 a couple of months ago, and everyone involved > absolutely thinks they system and framework is a godsend... I did notice > one thing however I am curious about... > > As it is now, some of the staff have been exporting the OpenVAS reports to > XML, parsing through the Hackerstorm framework, exporting to .xls format > then generating the charts there, which is still obviously a manual process > I would like to automate further going forward... One just because it would > be nicer and more efficient... Secondly because I could guarantee reports / > charts generated by different staff don't have the results / ratios skewed > by individual influence on what criteria is charted and how... > > The OpenVAS client Message Log, claims a gentleman named Bruce Verderaime > was / had working on built in (Pie/Charts). Though so far I have not found > anywhere to enable it, nor has it seemingly be present in any of the report > export format types... > > Can anyone tell me whether there is extra functionality I have to add to my > server like jpgraph or similar to enable this?? It would be immensely > appreciated. > > Kindest Regards and thanks to all the Dev's, Maintainers, Hosts, Testers, > etc, for an absolutely fantastic product... > > Cheers, > > Matthew Coene > > > ______________________________________________________________________ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ______________________________________________________________________ > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From morgancoxuk at gmail.com Wed Feb 24 12:08:23 2010 From: morgancoxuk at gmail.com (Morgan Cox) Date: Wed, 24 Feb 2010 11:08:23 +0000 Subject: [Openvas-discuss] Change the openvas client export .pdf stylesheet? Message-ID: Hi. Just a quick one. Where can I edit the stylesheet that creates the .pdf report in the Openvas client( v3 ) ? Really liking v3 of openvas btw ! Cheers -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20100224/4f1ac5b8/attachment.htm From paolodizon at gmail.com Wed Feb 24 15:36:17 2010 From: paolodizon at gmail.com (Paolo Dizon) Date: Wed, 24 Feb 2010 22:36:17 +0800 Subject: [Openvas-discuss] Certificate is not an X.509 certificate. Message-ID: <4B853961.6090909@gmail.com> Hi, My openvas-client(v2.0.5-1) on Debian can't connect to the openvas-server on RedHat, giving a Error:Login failed message. /var/log/openvas/openvassd.messages show: Certificate is not an X.509 certificate. The rpms are from http://www.atomicorp.com/channels/atomic/ I've already created a server certificate using openvas-mkcert and rebooted the server. Also, is there a known issue with openvas traffic passing through ssh tunnels? It gives out an SSL error message. Any help will be appreciated. Thanks and regards. From jan-oliver.wagner at intevation.de Wed Feb 24 19:06:33 2010 From: jan-oliver.wagner at intevation.de (Jan-Oliver Wagner) Date: Wed, 24 Feb 2010 19:06:33 +0100 Subject: [Openvas-discuss] Change the openvas client export .pdf stylesheet? In-Reply-To: References: Message-ID: <201002241906.33373.jan-oliver.wagner@intevation.de> On Wednesday 24 February 2010 12:08:23 Morgan Cox wrote: > Where can I edit the stylesheet that creates the .pdf report in the Openvas > client( v3 ) ? There is no real stylesheet support. You can look into the source code: openvas-client/openvas/pdf_output.c Actually, HTML is created and then htmldoc is issued to create a PDF. In openvas-manager we implemented an alternative: LaTeX and then converting to PDF. Indeed it is planned to support stylesheets, but it is not pretty high up in the priority list. Stylesheet support would be a nice challenge for a volunteer ;-) > Really liking v3 of openvas btw ! Thanks :-) Are you using just the core scanner or also the optional packages? Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335 08 30 | http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From mcoene at Bacardi.com Wed Feb 24 23:27:06 2010 From: mcoene at Bacardi.com (Matthew Coene) Date: Wed, 24 Feb 2010 18:27:06 -0400 Subject: [Openvas-discuss] Pies / Charts? In-Reply-To: <201002240832.49134.felix.wolfsteller@intevation.de> References: <201002240832.49134.felix.wolfsteller@intevation.de> Message-ID: Felix, I was at one time in contact with someone over at Hackerstorm... Their framework actually still works very well with the export report to XML function from the 3.0 client... Hackerstorm had a totally slick dashboard framework for Nessus using FusionCharts. I had contacted them again to see if I could take a look at the backend PHP so I could see if I could port it to OpenVAS without too much effort.. Of course now I cannot get anyone over there to contact me, so it looks like that is a dead end... I do have a couple of observations though... Before I could even think about going about figuring this out... I was hoping it would have been as simple as Hackerstorm counting the vulns, holes, notes, etc, and dumping each value into an appropriately named variable I could easily plug into some chart making option. Though now because none of this exists, in the plain OpenVAS reporter package, I know all the magic must have happened in the backend of the dashboard PHP code I have been so desperate to get a look at, but have been denied at every turn.... I am actually surprised no one seems to have the dashboard portion... The whole thing was released under GNU... It actually might not be that hard to hack something together if I knew absolutely how Hackerstorm worked, as in how it counted the category totals, how it stores those values, etc... FusionCharts (www.fusioncharts.com) has a free version of their framework... will have to check licensing.. Pretty sure its free for non-commercial / personal, and very reasonably priced for commercial integration, but the two are practically identical in terms of actual implementation, and it looks really nice... Matthew Coene Felix Wolfsteller To openvas-discuss at wald.intevation.org 02/24/2010 03:32 cc AM Matthew Coene Subject Re: [Openvas-discuss] Pies / Charts? Hi Matthew I believe there are numerous tools out there than can generate nice graphs. Afaik the hackerstorm tool was able to build graphs "natively" from OpenVAS' nbe data format. The Gtk-Client was at least in version 2.0 able to generate the graphs "itself". I think you need the gdchart library installed at (before) configure time. I have not tested this in ages, though. Note that the Gtk- client and the nbe format might get deprecated sooner or later in favor of cleaner interfaces and data-formats. You would work "on the safe side" with the openvas-manager and its xml representation of results. Thus, you might look out for a tool that transforms xml data into sweet graphs and make it read the xml report format. If you find such a tool and a configuration, it would be highly appreciated if you share your progress (of course, reporting "dead ends" is highly appreciated, too). hth Enjoy --felix On Tuesday 23 February 2010 16:40:16 Matthew Coene wrote: > Hello everyone... > > I implemented OpenVAS 3 a couple of months ago, and everyone involved > absolutely thinks they system and framework is a godsend... I did notice > one thing however I am curious about... > > As it is now, some of the staff have been exporting the OpenVAS reports to > XML, parsing through the Hackerstorm framework, exporting to .xls format > then generating the charts there, which is still obviously a manual process > I would like to automate further going forward... One just because it would > be nicer and more efficient... Secondly because I could guarantee reports / > charts generated by different staff don't have the results / ratios skewed > by individual influence on what criteria is charted and how... > > The OpenVAS client Message Log, claims a gentleman named Bruce Verderaime > was / had working on built in (Pie/Charts). Though so far I have not found > anywhere to enable it, nor has it seemingly be present in any of the report > export format types... > > Can anyone tell me whether there is extra functionality I have to add to my > server like jpgraph or similar to enable this?? It would be immensely > appreciated. > > Kindest Regards and thanks to all the Dev's, Maintainers, Hosts, Testers, > etc, for an absolutely fantastic product... > > Cheers, > > Matthew Coene > > > ______________________________________________________________________ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ______________________________________________________________________ > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss at wald.intevation.org > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Felix Wolfsteller | ++49 541 335083-783 | http://www.intevation.de/ PGP Key: 39DE0100 Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ From mcoene at Bacardi.com Wed Feb 24 23:30:40 2010 From: mcoene at Bacardi.com (Matthew Coene) Date: Wed, 24 Feb 2010 18:30:40 -0400 Subject: [Openvas-discuss] OpenVAS Manager 1.0.0 Beta4 compile. Message-ID: Hello again everyone... I am trying to compile OpenVAS Manager 1.0.0 Beta4... and receiving this.. cd /home/administrator/openvas/openvas-manager-1.0.0-beta4/src && /usr/bin/gcc -DOPENVASMD_DATABASE_VERSION=12 -Wall -g -Wall -Werror -DOPENVASMD_VERSION=\"1.0.0-beta4.SVN\" -DOPENVAS_OS_NAME= \"Linux-2.6.31-19-server\" -DPREFIX=\"/usr/local\" -DOPENVAS_USERS_DIR= \"/usr/local/var/lib/openvas/users/\" -DSCANNERCERT= \"/usr/local/var/lib/openvas/CA/servercert.pem\" -DSCANNERKEY= \"/usr/local/var/lib/openvas/private/CA/serverkey.pem\" -DCACERT= \"/usr/local/var/lib/openvas/CA/cacert.pem\" -DOPENVAS_LOG_DIR= \"/usr/local/var/log/openvas\" -DOPENVAS_STATE_DIR= \"/usr/local/var/lib/openvas\" -DOPENVAS_PID_DIR=\"/usr/local/var/run\" -DOPENVAS_SYSCONF_DIR=\"/usr/local/etc/openvas\" -DOPENVAS_DATA_DIR= \"/usr/local/share/openvas\" -I/usr/local/include -DTASKS_SQL -I/usr/local/include -I/usr/local/include/openvas -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -o CMakeFiles/manage.dir/lsc_user.c.o -c /home/administrator/openvas/openvas-manager-1.0.0-beta4/src/lsc_user.c cc1: warnings being treated as errors /home/administrator/openvas/openvas-manager-1.0.0-beta4/src/lsc_user.c: In function ?file_utils_copy_file?: /home/administrator/openvas/openvas-manager-1.0.0-beta4/src/lsc_user.c:224: error: format ?%llu? expects type ?long long unsigned int?, but argument 7 has type ?gsize? make[2]: *** [src/CMakeFiles/manage.dir/lsc_user.c.o] Error 1 make[2]: Leaving directory `/home/administrator/openvas/openvas-manager-1.0.0-beta4' make[1]: *** [src/CMakeFiles/manage.dir/all] Error 2 make[1]: Leaving directory `/home/administrator/openvas/openvas-manager-1.0.0-beta4' make: *** [all] Error 2 Running on Ubuntu 9.10 Server x64-bit... (not that I expect this to matter but is running in VM on vSphere 4)cd s For the record, everything else from OpenVAS went in without so much as a hiccup.. Anyone else experience this or similar??? Cheers, Matthew Coene ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ From matthew.mundell at intevation.de Wed Feb 24 23:49:54 2010 From: matthew.mundell at intevation.de (Matthew Mundell) Date: 24 Feb 2010 22:49:54 GMT Subject: [Openvas-discuss] OpenVAS Manager 1.0.0 Beta4 compile. In-Reply-To: Message of Wed, 24 Feb 2010 18:30:40 -0400. Message-ID: <20100224224954.0E429C6E21@mail.ukfsn.org> > Anyone else experience this or similar??? Thanks Matthew. Yes, others have reported the same problems. They should all be resolved in trunk now. Next beta should be out next week, or you could try the SVN. -- Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998 Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner From zakiakhmad at gmail.com Thu Feb 25 04:34:03 2010 From: zakiakhmad at gmail.com (Zaki Akhmad) Date: Thu, 25 Feb 2010 10:34:03 +0700 Subject: [Openvas-discuss] Something Wrong? Message-ID: Hello, I open this page[1], and I can't see it clearly. Maybe there's something wrong with the HTML table? -- Zaki Akhmad [1]http://openvas.org/sources-for-security-issues-information.html From Jan-Oliver.Wagner at greenbone.net Thu Feb 25 11:32:25 2010 From: Jan-Oliver.Wagner at greenbone.net (Jan-Oliver Wagner) Date: Thu, 25 Feb 2010 11:32:25 +0100 Subject: [Openvas-discuss] Something Wrong? In-Reply-To: References: Message-ID: <201002251132.27527.Jan-Oliver.Wagner@greenbone.net> Hello, On Donnerstag, 25. Februar 2010, Zaki Akhmad wrote: > I open this page[1], and I can't see it clearly. Maybe there's > something wrong with the HTML table? no really. Looks nice on a 30'' wide screen ;-) Alternatively you may shrink the font in your browser. Yes, I agree this page is suboptimal. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 202460 Gesch?ftsf?hrer: Lukas Grunwald, Dr. Jan-Oliver Wagner