Hello everyone,
I'm new to OpenVAS. I'm trying to do a security check of a web server I'm
setting up, but all of my reports are coming up empty. I've followed the
compendium at openvas.org carefully (I think), so I'm not sure whether I'm
doing something wrong or there's a bug.
I installed version 2.0 from source under Ubuntu 8.10. The specific package
versions are as follows: client 2.0.3, libnasl 2.0.1, libraries 2.0.1, plugins
1.0.6, server 2.0.1. All dependencies were satisfied during installation. I
then generated a user and certificate using the provided scripts, and the user
is authorized to test any target.
I'm using it as follows:
1. Start openvasd from the command prompt by typing "sudo openvasd". It loads
the plugins and then responds "All plugins loaded."
2. Start the client from the main menu.
3. Select ports to scan (default), concurrent tests (I've tried 1 and 4), and
make sure the "automatically and silently load dependencies" boxes are checked.
4. Connect using my username and key password.
5. Check NVTs to perform from the Options window.
6. Use the assisant to select the target, and click execute.
7. Enter my password at the prompt.
At this point the "connecting" window appears, then gives way to a small window
with two progress bars, "Portscan" and "Checks." A quick glance at Wireshark
indicates that OpenVAS *is* connecting to the target. But the Portscan and
Checks bars stay at 0% for a minute or two, then checks goes to 100%, and the
report window appears--but it's blank.
The messages in openvasd.messages suggest that the scan was performed: user
starts a new scan... user testing... finished testing... test complete. There's
not much interesting in openvasd.dump, except a note that I haven't
authenticated for local tests on the target (I'm not doing local tests) and
warnings that a number of irrelevant script dependencies aren't satisfied.
Am I doing something wrong, or is this a bug? Any feedback would be
appreciated. Also, I'm happy to send more information or file a bug report if
appropriate. Just let me know what you all need.
Many thanks,
Andrew
_______________________________________________
Openvas-discuss mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
