Re: [Openvas-discuss] Reports not giving proper information

[Ryan Schulze]

Hi,

It sounds like you are expecting specific results and not receiving them 
(or receiving them with other scanners and not OpenVAS). Do you have an 
example of a specific vulnrebility (that is not a false-positive) that 
you are missing in OpenVAS / that is not showing up in OpenVAS?

As far as your plugins being up-to-date is concerend: I'm not sure what 
you mean with 25841, openvas-nvt-sync can be used to take care of 
keeping them updated. Does openvas-nvt-sync throw and errors on your 
system or does it spit out any unexpected output we can help you with?


On 6/25/2012 2:31 AM, Sachin Murudkar wrote:
/Whit Blauvelt

Thanks for the reply,
I understand but I was expecting atleast basic vulnerabilities from 
openvas which also is not displayed. Would like to know if the NVT / 
feeds "25841" is the correct figure ir is it I am missing some of them ?

/

/
On 06/23/2012 01:19 PM, Sachin Murudkar wrote:
Hi Team

I have install openvas successfully on a Linux system but the reports 
doesn't seem to be up to date as I am able to found hardly 1 or 2 
high vulnerability.  where as other vulnerability applications gave 
me more results

Need to know where Openvas is falling short, below is the result of 
openvas-check-setup

openvas-check-setup 2.2.0
  Test completeness and readiness of OpenVAS-5

  Please report us any non-detected problems and
  help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze 
the problem.

  Use the parameter --server to skip checks for client tools
  like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ...
        OK: OpenVAS Scanner is present in version 3.3.1.
        OK: OpenVAS Scanner CA Certificate is present as 
/var/lib/openvas/CA/cacert.pem.
        OK: NVT collection in /var/lib/openvas/plugins contains 25841 
NVTs.
        WARNING: Signature checking of NVTs is not enabled in OpenVAS 
Scanner.
        SUGGEST: Enable signature checking (see 
http://www.openvas.org/trusted-nvts.html).
Step 2: Checking OpenVAS Manager ...
        OK: OpenVAS Manager is present in version 3.0.1.
        OK: OpenVAS Manager client certificate is present as 
/var/lib/openvas/CA/clientcert.pem.
        OK: OpenVAS Manager database found in 
/var/lib/openvas/mgr/tasks.db.
        OK: Access rights for the OpenVAS Manager database are correct.
        OK: sqlite3 found, extended checks of the OpenVAS Manager 
installation enabled.
        OK: OpenVAS Manager database is at revision 56.
        OK: OpenVAS Manager expects database at revision 56.
        OK: Database schema is up to date.
        OK: OpenVAS Manager database contains information about 25839 
NVTs.
        OK: xsltproc found.
Step 3: Checking OpenVAS Administrator ...
        OK: OpenVAS Administrator is present in version 1.2.0.
        OK: At least one user exists.
        OK: At least one admin user exists.
Step 4: Checking Greenbone Security Assistant (GSA) ...
        OK: Greenbone Security Assistant is present in version 3.0.1.
Step 5: Checking OpenVAS CLI ...
        OK: OpenVAS CLI version 1.1.4.SVN.
Step 6: Checking Greenbone Security Desktop (GSD) ...
        OK: Greenbone Security Desktop is present in Version 1.2.2.
Step 7: Checking if OpenVAS services are up and running ...
        OK: netstat found, extended checks of the OpenVAS services 
enabled.
        OK: OpenVAS Scanner is running and listening on all interfaces.
        OK: OpenVAS Scanner is listening on port 9391, which is the 
default port.
        OK: OpenVAS Manager is running and listening on all interfaces.
        OK: OpenVAS Manager is listening on port 9390, which is the 
default port.
        OK: OpenVAS Administrator is listening on port 9393, which is 
the default port.
        WARNING: Greenbone Security Assistant is listening on port 
9392 9392, which is NOT the default port!
        SUGGEST: Ensure Greenbone Security Assistant is listening on 
one of the following ports: 80, 443, 9392.
./openvas-check-setup: line 596: [: too many arguments
Step 8: Checking nmap installation ...
        WARNING: Your version of nmap is not fully supported: 5.21
        SUGGEST: You should install nmap 5.51.
Step 9: Checking presence of optional tools ...
        OK: pdflatex found.
        OK: PDF generation successful. The PDF report format is 
likely to work.
        OK: ssh-keygen found, LSC credential generation for GNU/Linux 
targets is likely to work.
        OK: rpm found, LSC credential package generation for RPM 
based targets is likely to work.
        WARNING: Could not find alien binary, LSC credential package 
generation for DEB based targets will not work.
        SUGGEST: Install alien.
        OK: nsis found, LSC credential package generation for 
Microsoft Windows targets is likely to work.

It seems like your OpenVAS-5 installation is OK.

If you think it is not OK, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us 
analyze the problem.




--
*Regards*

*Sachin Murudkar*
*Sr.Systems Administrator*


_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


--
*Regards*

*Sachin Murudkar*
*Sr.Systems Administrator*


_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss