Hello Michael,
On Monday 24 August 2009 13:34:45 Michael Meyer wrote:
> *** Jan-Oliver Wagner <[email protected]> wrote:
> > I stumbled (again) across the question how we should treat
> > the results of NVTs like os_fingerprint.nasl which
> > tries to guess some information (here the OS)
> > and adds this to the KB.
> > It also sends a security_note about the result.
> >
> > IMHO this should only be a log_message() as the OS
> > type as such has not relation to security status.
>
> When scanning an entire Network, the installed Operating Systems
> could be an interesting Information. IMHO. ;-)
Indeed.
> I would prefer the use of 'report_verbosity' for such NVTs. So the
> user can then make the decision himself whether he wants to see such
> Informations or not. Im using 'report_verbosity' in all of my "Service
> Detection' NVTs. If 'report_verbosity' is set to 'Quiet' these NVTs
> will not report about found Software. Only security related stuff is
> reported in this case.
I don't think the "report_verbosity" feature is the way to go.
The drawback of this concept is that you only have one flag
for all NVTs. If you like to have details from NVT A, but only rough
information from NVT B, this might not work in some cases.
I guess that the Nessus developers introduced "report_verbosity"
to circumvent the lack of a log and debug level.
But OpenVAS has a log and debug level.
> I dont't like to hide informations collected by OpenVAS unless the
> user has configured to hide them.
Agreed. But we need a approach that can work more fine-grained.
It is IMHO better to get down the collection of OS to log and
have other NVTs take care of systematic reporting about OS
from the given KB entries.
This way we serve both needs, information on OS for other
NVTs and verbosity.
Best
Jan
--
Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück
AG Osnabrück, HR B 202460 | Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver
Wagner
_______________________________________________
Openvas-plugins mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
