Hello,
On Wednesday 09 November 2011 10:19:44 王珩 wrote:
> Open-scap(oscap) is a fantastic tool to perform local security audit. But
> if we want to scan a remote system, it need to be installed in remote
> system first.
> Is there any possibility to use a local system with open-scap installed
> scan a remote system?
> for example, via ssh?
yes, a integration as authenticated scan (via ssh) is an option.
It would require openscap to be installed on the target system.
Such a NVT would be relatively simple to write.
> another question:
> in open-scap website i see some information about integration with openvas,
> how to integrate open-scap with openvas?
We have been lucky: For OpenVAS DevCon#3 2 developers of OpenSCAP joined and
we had a very helpful exchange of ideas. We are currently adding handling for
SCAP data in OpenVAS. This could be the base to integrate openscap results, but
this has not been worked out yet.
Best
Jan
--
Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B
202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-devel mailing list
Openvas-devel@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
