FWIW, openvas as a wrapper around other established tools/projects is half the point of openvas (to me anyways). It would be great if the project somehow identifies what needs to be done to get these to work again. There's no real reason the appropriate scripts/configs cannot be edited or added.. just lack of develpment resources.
It's not my intention to whine about technical debt and inefficiencies... but it's something to consider as the project continues to gain momentum and moves forward. We've stopped using openvas on some projects as a result of these not-really-supported and mostly broken plugins that cause more trouble than they're worth. -G > I have (at least) one last question regarding components. The version of > nmap which I end up with after the install is 6.47. It seems I had > recently encountered something > Indicating nmap (somewhere around) 5.51 as the preferred version. Could > someone please elaborate on the appropriate version of nmap? > Thanks in advance for your help! > > Jack Harvey RHCE CISSP > Synnex Corporation > 864-349-4939 > > -----Original Message----- > From: Openvas-discuss [mailto:[email protected]] > On Behalf Of Reindl Harald > Sent: Tuesday, September 30, 2014 3:45 PM > To: [email protected] > Subject: Re: [Openvas-discuss] arachni, etc. > > > Am 30.09.2014 um 21:39 schrieb Jack Harvey: >> I realize this has been asked...and asked...and...but enquiring minds >> want >> to know... >> >> OpenVAS v7 install via atomic repo includes in the pre-built scan >> configs components arachni and wapiti (and of course others) >> >> I am getting this when I run a scan using "Full and very deep ultimate" >> config: >> >> Vulnerability Detection Result: >> arachni report filename is empty. that could mean that wrong version >> of arachni is used or tmp dir is not accessible. >> In short: check installation of arachni and OpenVAS >> >> I found this which was posted 2/22/2013 by Tasos Laskos: >> >> I'm sorry, that OpenVAS plugin was written a long time ago by a >> third-party and has been incompatible with Arachni for a long time. >> >> It's not supported by the Arachni project nor OpenVAS and from what I >> remember it used to parse the text report using regular expressions >> (which is a really unreliable way to extract the necessary information) >> so you're actually better off being unable to use it. >> >> Should I disable the arachni NASL wrapper? > > * openvas should not ship it for years > * atomic should not add it to deps for years > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > ------------------------------ Geoff Galitz http://www.galitz.org _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
