Am 08.03.2013 12:57, schrieb Michael Meyer: > *** Reindl Harald wrote: >> Am 08.03.2013 12:50, schrieb Michael Meyer: >>> *** Reindl Harald wrote: >>> >>>> the problem is in fact that Wapiti is running for hours and >>>> while it still runs OpenVAS says the san is finished, generates >>>> the reports and wapiti is running orphaned for nothing, but hey >>>> we include as much external tools, fire them up but do not >>>> care what happens with their results >>> >>> Don't complain, fix it or ask the autor if he could fix it. This is an >>> Open Source Project. You know what this mean? >> >> i can not fix it > > What can you do anyway except complaining?
develop a lot of software over the last 10 years where my reaction to bug reports usually happens within minutes and at least hours if they are reproduceable? >> if the author can or will not fix it > > Did you ask him? for what is this list if reportd issues are ignored? wow - now after more than a year the gnutls/microhttpd problems are cared in the trunk - sorry but OpenVAS may be a nice idea as GSA too, but the quality management is very poor and "hey it is free" is no excuse at all Am 20.12.2012 12:38, schrieb Reindl Harald: >> Here is the wapiti report: >> Vulnerabilities report -- Wapiti >> http://wapiti.sourceforge.net/ >> >> This report has been generated by Wapiti Web Application Scanner >> >> --- End of report --- > > wow, this reports are still useless > > wapiti makes a lot of load and requests and you get no result > in GSA, the same behavior as a year ago with openvas4 > > [root@openvas:~]$ rpm -qa | grep openvas > openvas-scanner-3.3.1-3.el6.art.x86_64 > openvas-libraries-5.0.4-5.el6.art.x86_64 > openvas-manager-3.0.4-6.el6.art.x86_64 > openvas-administrator-1.2.1-2.el6.art.x86_64 > openvas-cli-1.1.5-3.el6.art.x86_64 > openvas-1.0-4.el6.art.noarch > > [root@openvas:~]$ rpm -qa | grep wapiti > wapiti-2.2.1-4.el6.art.noarch > > and the reason is that wapiti is running still while the scan > is long ago finished and one instance is even running for > a task which was deleted 30 minutes ago > > what a stupid and useless serverload with no result................. > > you have to WAIT until it is finished and not start it > asynchronous in the background, call the scan finished > and send out reports while a useless started process still > is scanning > I should disable it for you? Give me root access to your scan host and > i'll do that for you. No problem... you do not need root access to any machine it would be enough if OpenVAS does not call external tools from which it does nothing with the results
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
