Re: [Openvas-discuss] ITG Report Output
On Montag, 21. März 2011, Matthew Coene wrote: Another quick question re: report outputs... If I take a scan and export the report as CPE output, it generates a CSV file which opens fine in Excel, If I export via the ITG format, it also claims to generate a CSV file, though the file is 0-length and has (obviously) no content You need to use a Scan configuration that tells the scan to produce CSV output and then you need to include the CSV report in your filter. See here: http://www.greenbone.net/learningcenter/task_it_grundschutz.html Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Unable to find expected entry Sources in Meta-index file (Malformed Release file?)
* IE_林虹廷(HT.Lin) [21. Mar 2011]: After run sudo apt-get update, the error msg is W: Failed to fetch http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_10.10/./Release Unable to find expected entry Sources in Meta-index file (Malformed Release file?) Remove the lines starting with deb-src http://download.opensuse.org; from your /etc/apt/sources.list. Did you use add-apt-repository or did you edit /etc/apt/sources.list manually? Regards, Michael -- Michael Wiegand | OpenPGP: D7D049EC | Intevation GmbH - www.intevation.de Neuer Graben 17, 49074 Osnabrück, Germany |AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
[Openvas-discuss] openvas 4.0 runs smooth out of the box on
What is most easiest distro to get openvas 4.0 up 'n running? (following the 4.0 manual) Is that debian? (in referring to the centos 5.5 issues) Thanks! -- Met vriendelijke groet, Erik van Dam RedBee / FortyTwo ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Scans not running properly
Export one of the scan configs (you can edit the name of it if you open it in an editor) and import it so you can configure the nvt's you actually want to use as default scan configs do not allow for editing. After customizing and dropping a lot of the NVT's I didn't need or that used external packages I don't have installed, the scan ran beautifully and has made me very happy. This should be equivalent to creating and editing a new config, especially if you exported Full and Fast. -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas 4.0 runs smooth out of the box on
What is most easiest distro to get openvas 4.0 up 'n running? (following the 4.0 manual) Is that debian? (in referring to the centos 5.5 issues) Many of the developers use Debian, which may add to the likelihood of things working, and of getting support here. CentOS has by far produced the most noise on the lists and IRC. Atomicturtle aims for a one step install, so one of the other Atomic distros will probably install very smoothly. -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas 4.0 runs smooth out of the box on
So are you going to update your site letting folks know that CentOS 5.5 and RHEL 5.5 do not work with 4.0 from packages so we don't waste lots of time like I have last and part of this week? Might be prudent, or at least someone should acknowledge the CentOS and Red Hat Enterprise Linux issues and provide a fix. Thanks. Let me know if I can provide any more information than I have to the list already. -Dan From: Matthew Mundell matthew.mund...@greenbone.net To: Erik van Dam e...@fortytwo.nl Cc: openvas-discuss@wald.intevation.org Sent: Tue, March 22, 2011 12:36:37 PM Subject: Re: [Openvas-discuss] openvas 4.0 runs smooth out of the box on What is most easiest distro to get openvas 4.0 up 'n running? (following the 4.0 manual) Is that debian? (in referring to the centos 5.5 issues) Many of the developers use Debian, which may add to the likelihood of things working, and of getting support here. CentOS has by far produced the most noise on the lists and IRC. Atomicturtle aims for a one step install, so one of the other Atomic distros will probably install very smoothly. -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
[Openvas-discuss] Web Service Implementation for OpenVAS!
Hi Group, Since am new to OpenVAS; wanted to give it a try, though have been using Nessus for more than a year now. I have scenario to simulate a web service based implementation of OpenVAS, where I want to define a Java class which can interact and calls the OpenVAS server. With a core method scanTarget which will call OpenVAS using its command line interface. Similarly the other methods will be used for updating plugins and viewing scan reports. I am then interested to secure these methods with some authorization models (XACML or PERMIS-RBAC); Using XACML policies, I will define who can invoke above methods and who cannot in what circumstances. Ideally these type of security requirement might be required where several site administrators contributing resources (nodes) to form a Virtual Organization (VO). I wanted to know the following: What language has OpenVAS been written? How can I use the source code to perform the above simulation? Would be developer's team can help me if I stuck somewhere..? Regards Thanks in advance for help! -Jan Muhammad ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
[Openvas-discuss] OMP 2.0 modify_config woes
I am having some difficulty updating a preference through the modify_config command. The following log details what I'm doing. First, I copy an existing config so that I have something fresh to work with... DEBUG test_log: Sending: ?xml version=1.0? create_config copydaba56c8-73ec-11df-a475-002264764cea/copy nameTest_2011-03-22_15:16:19/name /create_config DEBUG test_log: RECEIVED: ?xml version=1.0? create_config_response status=201 status_text=OK, resource created id=17cc6eb8-a126-4473-87fb-d7c9dbc79625/ Then I pull in the details of the configuration I just created. DEBUG test_log: Sending: ?xml version=1.0? get_configs sort_field=name families=1 config_id=17cc6eb8-a126-4473-87fb-d7c9dbc79625 preferences=1/ DEBUG test_log: RECEIVED: ?xml version=1.0? get_configs_response status=200 status_text=OK config id=17cc6eb8-a126-4473-87fb-d7c9dbc79625 nameTest_2011-03-22_15:16:19/name comment/ ... preferences ... preference nvt oid=1.3.6.1.4.1.25623.1.0.801822 nameNmap NSE: Citrix Enum Servers XML/name /nvt namehttp.pipeline :/name typeentry/type value/ /preference ... /preferences /config /get_configs_response I issue the modify config command. DEBUG test_log: Sending: ?xml version=1.0? modify_config config_id=17cc6eb8-a126-4473-87fb-d7c9dbc79625 preference nvt oid=1.3.6.1.4.1.25623.1.0.801822/ nameNmap NSE: Citrix Enum Servers XML[entry]:http.pipeline :/name valueNEW VALUE/value /preference /modify_config DEBUG test_log: RECEIVED: ?xml version=1.0? modify_config_response status=200 status_text=OK/ Then I pull the config again to verify my change. DEBUG test_log: Sending: ?xml version=1.0? get_configs sort_field=name families=1 config_id=17cc6eb8-a126-4473-87fb-d7c9dbc79625 preferences=1/ DEBUG test_log: RECEIVED: ?xml version=1.0? get_configs_response status=200 status_text=OK config id=17cc6eb8-a126-4473-87fb-d7c9dbc79625 nameTest_2011-03-22_15:16:19/name comment/ preferences ... preference nvt oid=1.3.6.1.4.1.25623.1.0.801822 nameNmap NSE: Citrix Enum Servers XML/name /nvt namehttp.pipeline :/name typeentry/type value/value /preference ... /preferences /config /get_configs_response Even though it says that the configuration took, I do not see my new preference value in the details... Any ideas? Thanks in advance! Reed ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OMP 2.0 modify_config woes
Please disregard. I figured out what I was doing. The value node in modify_config must be base64 encoded, but the value node in the preference structure is not base64 encoded. On Tue, Mar 22, 2011 at 3:50 PM, Reed Swenson fleur...@gmail.com wrote: I am having some difficulty updating a preference through the modify_config command. The following log details what I'm doing. First, I copy an existing config so that I have something fresh to work with... DEBUG test_log: Sending: ?xml version=1.0? create_config copydaba56c8-73ec-11df-a475-002264764cea/copy nameTest_2011-03-22_15:16:19/name /create_config DEBUG test_log: RECEIVED: ?xml version=1.0? create_config_response status=201 status_text=OK, resource created id=17cc6eb8-a126-4473-87fb-d7c9dbc79625/ Then I pull in the details of the configuration I just created. DEBUG test_log: Sending: ?xml version=1.0? get_configs sort_field=name families=1 config_id=17cc6eb8-a126-4473-87fb-d7c9dbc79625 preferences=1/ DEBUG test_log: RECEIVED: ?xml version=1.0? get_configs_response status=200 status_text=OK config id=17cc6eb8-a126-4473-87fb-d7c9dbc79625 nameTest_2011-03-22_15:16:19/name comment/ ... preferences ... preference nvt oid=1.3.6.1.4.1.25623.1.0.801822 nameNmap NSE: Citrix Enum Servers XML/name /nvt namehttp.pipeline :/name typeentry/type value/ /preference ... /preferences /config /get_configs_response I issue the modify config command. DEBUG test_log: Sending: ?xml version=1.0? modify_config config_id=17cc6eb8-a126-4473-87fb-d7c9dbc79625 preference nvt oid=1.3.6.1.4.1.25623.1.0.801822/ nameNmap NSE: Citrix Enum Servers XML[entry]:http.pipeline :/name valueNEW VALUE/value /preference /modify_config DEBUG test_log: RECEIVED: ?xml version=1.0? modify_config_response status=200 status_text=OK/ Then I pull the config again to verify my change. DEBUG test_log: Sending: ?xml version=1.0? get_configs sort_field=name families=1 config_id=17cc6eb8-a126-4473-87fb-d7c9dbc79625 preferences=1/ DEBUG test_log: RECEIVED: ?xml version=1.0? get_configs_response status=200 status_text=OK config id=17cc6eb8-a126-4473-87fb-d7c9dbc79625 nameTest_2011-03-22_15:16:19/name comment/ preferences ... preference nvt oid=1.3.6.1.4.1.25623.1.0.801822 nameNmap NSE: Citrix Enum Servers XML/name /nvt namehttp.pipeline :/name typeentry/type value/value /preference ... /preferences /config /get_configs_response Even though it says that the configuration took, I do not see my new preference value in the details... Any ideas? Thanks in advance! Reed ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Web Service Implementation for OpenVAS!
Since am new to OpenVAS; wanted to give it a try, though have been using Nessus for more than a year now. OpenVAS 4.0 was recently released. I recommend installing all components and trying the web and desktop interfaces (GSA and GSD) to see the direction OpenVAS has taken. Packages available at http://www.openvas.org/install-packages.html I have scenario to simulate a web service based implementation of OpenVAS, There is info about the OpenVAS architecture at http://www.openvas.org/about-software.html In particular in the middle diagram the management protocol OMP might interest you. It is designed with web services in mind. You can access the protocol directly from the Manager server component. You can also use the omp command in the openvas-cli module. -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss