Dear all,
I'm writing again to ask you about an old issue I’d like to work on.
That is,
Integration with Openvas/Greenbone. Greenbone community version is installed
on my LAN on a different virtual machine than PF, an almalinux 9.
My PF 14.1 runs in Almalinux 8.10, installed from inverse repository
with dnf.
Now, if you have some time, I'd like to give you some details about PF
just to
check my understanding of your software.
The module for integrating PF and OpenVas is openvas.pm,
/usr/local/pf/lib/pf/scan/openvas.pm. This file contains the omp execution,
a binary file (/usr/bin/omp) of the old OpenVas and belongs to openvas-cli
rpm package.
A check of the openvas.pm Perl source shows that omp is executed as follows:
my $cmd = "omp -h $self->{_ip} -p $self->{_port} -u $self->{_username}
-w $self->{_password} -X '$command'";
The contents of the $command variable are as follows:
my $command =
"<create_target><name>$name</name><hosts>$target_host</hosts></create_target>";
my $command = $self->_get_task_string($name, $self->{_openvas_configid},
$self->{_targetId});
my $command = "<start_task task_id=\"$task_id\"/>";
These variables create some commands to launch "target" and start the
task (scan).
In older versions of PF up to 11.2, there was only
/usr/local/pf/lib/pf/scan/openvas.pm.
In recent versions, this Perl module is also available in various
containers:
container: f4868efc788b (httpd.portal)
container: 36bfb0d8aab6 (httpd.aaa)
container: 5718e01fa021 (httpd.webservices)
container: a049baaea3e0 (pfperl-api)
container: b689714e3953 (pfconfig)
With that said I have a few questions to see if I can do something
to enable integration with the most recent versions of the Greenbone
community.
The questions are:
0. Is the file /usr/local/pf/lib/pf/scan/openvas.pm still running or not?
1. Which container is responsible for running openvas.pm?
2. Can openvas.pm be run by more than one container?
3. Is omp included in this container?
4. about the containers listed above, that have openvas.pm downloaded
from the
repository ghcr.io/inverse-inc/packetfence: are they rebuilt every
time PF starts?
As omp is not available with Greenbone, a different approach is needed.
Some solutions
for updating this integration I think could be the following:
Scenario 1. New openvas.pm.
Modifying openvas.pm, replacing omp with ssh, and some commands that are
executed directly
on the Greenbone server.
Scenario 2: Omp wrapper.
Create a script called omp that replaces the original one, taking the
parameters
from openvas.pm as input and interacting with Greenbone Community using the
new GVM Tools mode.
Scenario 3. Other options?
I could try scenario 1, which is very simple, but I need answers to the
questions raised above.
This is the only way I can modify the source code correctly.
Alternatively, I could try scenario
2, but even in this case, I have to figure out if I need to insert the
new omp into a container.
I'd like to hear your opinion because I'm very interested in this
integration, and perhaps I could
also make a small contribution to PF on this occasion.
Thanks a lot
Best Regards
Enrico
--
__________________________________________________________________________
Enrico Becchetti Servizio di Calcolo e Reti
Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
Phone:+39 075 5852777 Mobile: +39 075 9696225
FAX: +39 075 5847296 Microsoft Teams: becch...@infn.it
Mail: Enrico.Becchetti<at>pg.infn.it
Pagina web personale: https://www.pg.infn.it/home/enrico-becchetti
_________________________________________________________________________
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
