Hi,as some of you may have already noticed I'm a fan of good old openvas-client. This is mostly caused by 2 major features/implementations which are totally missed or completely different implemented within gsa.
1) NVT filteringCurrently there are almost 25.000 NVTs available, categorized by families. There is no chance to easily find and set NVTs relevant to specific problems. For example: Currently there are 310 NVTs within 28 families related to SSL (found by name). openvas-client delivers this information immediately by setting a filter. Within gsa there is no such filtering and you have to look into each family and search using your browser's search facility.
Proposal:Please implement NVT-filtering within scan-configs to select and configure individual NVTs.
2) Editing of already defined configsDo you really believe a configuration is correctly done in a 1st attempt. In gsa you define at least scan-config, target and task. After running the task for a 1st time you will need to change config. But your scan-config now is read-only and you have to delete your task and scan-config to restart from scratch. This is a real pain and uses lots of time. I know you can export your config, delete it and reimport to edit, but this should not be the recommended way. Try to a single NVT to an already build scan-config and you'll know what I'm talking about.
Yes, i know we should also talk about some kind of audit requirements where later changes of a config could be a problem for older reports. But running a completely configured system is only a minor part in using OpenVAS. Flexibility and fast reactions on actual threats should be more focused.
Proposal:Do not automatically set configs to read-only after defining tasks and creating reports. Maybe there is a chance of defining an "in development" state for configs, which could also be marked within generated reports. If configs are proven to be stable user could change the state to "productive" which results in read-only configs. This should be necessary for scan-configs, but i cannot see why target-configs should ever be read-only.
How do you think about this?
Stefan
smime.p7s
Description: S/MIME Kryptografische Unterschrift
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
