[Openvas-discuss] OpenVAS still has its own port discovery service? And which is the right switch to add nmap?

Mark LaCore nerdymark at gmail.com
Thu Aug 9 18:03:59 CEST 2012


Whit, for each NVT you want to suppress, look at the OID in the scan
report, for example, "Information about the scan" is "OID:
1.3.6.1.4.1.25623.1.0.19506", find the corresponding NVT in your scan
configs, and disable them.

On Thu, Aug 9, 2012 at 8:59 AM, Whit Blauvelt <whit at transpect.com> wrote:

> On Thu, Aug 09, 2012 at 04:45:04PM +0100, Matthew Mundell wrote:
> > > Where did things go from there? Are there still two different
> port/service
> > > discovery mechanisms - the inherited one plus nmap (if configured for
> it)?
> >
> > Yes, there are a few port scanners.  They are in the "Port Scanners"
> family
> > of the config.  The default before nmap was "OpenVAS TCP scanner".  This
> > should still work.
>
> Thanks. OpenVAS TCP Scanner does work.
>
> Now that there's a working TCP port scan, there are these complaints:
>
>   DIRB could not be found in your system path.
>   OpenVAS was unable to execute DIRB and to perform the scan you
>   requested.
>   Please make sure that DIRB is installed and is
>   available in the PATH variable defined for your environment.
>
>   Arachni could not be found in your system path.
>   OpenVAS was unable to execute Arachni and to perform the scan you
>   requested.
>   Please make sure that Arachni is installed and that arachni is
>   available in the PATH variable defined for your environment.
>
>   Nikto could not be found in your system path.
>   OpenVAS was unable to execute Nikto and to perform the scan you
>   requested.
>   Please make sure that Nikto is installed and that nikto.pl or nikto is
>   available in the PATH variable defined for your environment.
>
> The only nikto instances on the system, for example, are:
>
>   /usr/local/var/cache/openvas/nikto.nasl.nvti
>   /usr/local/var/cache/openvas/GSHB/GSHB_nikto.nasl.nvti
>   /usr/local/var/lib/openvas/plugins/nikto.nasl
>   /usr/local/var/lib/openvas/plugins/nikto.nasl.asc
>   /usr/local/var/lib/openvas/plugins/GSHB/GSHB_nikto.nasl
>   /usr/local/var/lib/openvas/plugins/GSHB/GSHB_nikto.nasl.asc
>
> None of those are just "nikto" or "nikto.pl". Similarly with the others.
> Are
> these just items turned on in the scan config that expect programs to exist
> locally that aren't there? So if I want to, say, set up other admins here
> to
> run informative tests without noise like that I've got to run enough
> configs
> against enough ranges to identify all the loose ends like that?
>
> And I'd love to know where to go to repress the "Information About the
> Scan"
> section that just lists a page-worth of all the port numbers scanned. That
> would be far less clutter not listed per IP, just per total scan.
>
> Whit
> _______________________________________________
> Openvas-discuss mailing list
> Openvas-discuss at wald.intevation.org
> http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20120809/a25b6bea/attachment.html>


More information about the Openvas-discuss mailing list