Re: [Openvas-discuss] Upgrade from OpenVAS 2 - OpenVAS4
On Tuesday, 29. November 2011, --[ UxBoD ]-- wrote: 1) Is it possible to migrate the existing V2 knowledge base files to V4 or would be be better starting fresh ? I guess no one tried it so far. I'd recommend to start from fresh. 2) Once a scan configuration has been assigned it cannot be edited; why is that ? Because several runs of the same task must remain comparable. Best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
[Openvas-discuss] GSA still not working
Hi, a couple of weeks ago GSA stopped working, it consumes enourmes ammounts of cpu and the web ui doesn't load at all. I read this is caused by a compatibility issue with the newer versions of libmicrohttpd library, so i followed the steps to compile the older version libmicrohttpd-0.9.15. After compilation, without errors, i got libmicrohttpd.so.10.13.0, so i copied it to /usr/lib and changed the symbolic: lrwxrwxrwx 1 root root 24 2011-11-29 08:54 libmicrohttpd.so.10 - libmicrohttpd.so.10.13.0 -rw-r--r-- 1 root root 206176 2011-11-29 08:47 libmicrohttpd.so.10.13.0 -rw-r--r-- 1 root root 72440 2011-11-27 11:06 libmicrohttpd.so.10.14.0 -rw-r--r-- 1 root root 72440 2011-11-29 08:49 libmicrohttpd.so.10.14.0_bak Then i started GSA and this showed up: root@openvas:/usr/lib# /etc/init.d/greenbone-security-assistant start Starting Greenbone Security Assistant: MHD HTTPS option 8 passed to MHD compiled without HTTPS support ERROR. GSA doesn't work at all... is there another workaround??? -- Pavlik Juan José ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA still not working
I didn't set any particular flag during compilation, i read the README file and didn't find anything about it. It just says how to disable https to save some space. Any ideas about howto turn ssl support on? El 29 de noviembre de 2011 09:11, --[ UxBoD ]-- ux...@splatnix.netescribió: Did you compile libmicrohttpd with SSL support ? -- Thanks, Phil -- Hi, a couple of weeks ago GSA stopped working, it consumes enourmes ammounts of cpu and the web ui doesn't load at all. I read this is caused by a compatibility issue with the newer versions of libmicrohttpd library, so i followed the steps to compile the older version libmicrohttpd-0.9.15. After compilation, without errors, i got libmicrohttpd.so.10.13.0, so i copied it to /usr/lib and changed the symbolic: lrwxrwxrwx 1 root root 24 2011-11-29 08:54 libmicrohttpd.so.10 - libmicrohttpd.so.10.13.0 -rw-r--r-- 1 root root 206176 2011-11-29 08:47 libmicrohttpd.so.10.13.0 -rw-r--r-- 1 root root 72440 2011-11-27 11:06 libmicrohttpd.so.10.14.0 -rw-r--r-- 1 root root 72440 2011-11-29 08:49 libmicrohttpd.so.10.14.0_bak Then i started GSA and this showed up: root@openvas:/usr/lib# /etc/init.d/greenbone-security-assistant start Starting Greenbone Security Assistant: MHD HTTPS option 8 passed to MHD compiled without HTTPS support ERROR. GSA doesn't work at all... is there another workaround??? -- Pavlik Juan José ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Pavlik Juan José ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA still not working
I'm sorry.. i am using Ubuntu 10.04.3 LTS. El 29 de noviembre de 2011 09:18, Juan José Pavlik Salles jjpav...@gmail.com escribió: I didn't set any particular flag during compilation, i read the README file and didn't find anything about it. It just says how to disable https to save some space. Any ideas about howto turn ssl support on? El 29 de noviembre de 2011 09:11, --[ UxBoD ]-- ux...@splatnix.netescribió: Did you compile libmicrohttpd with SSL support ? -- Thanks, Phil -- Hi, a couple of weeks ago GSA stopped working, it consumes enourmes ammounts of cpu and the web ui doesn't load at all. I read this is caused by a compatibility issue with the newer versions of libmicrohttpd library, so i followed the steps to compile the older version libmicrohttpd-0.9.15. After compilation, without errors, i got libmicrohttpd.so.10.13.0, so i copied it to /usr/lib and changed the symbolic: lrwxrwxrwx 1 root root 24 2011-11-29 08:54 libmicrohttpd.so.10 - libmicrohttpd.so.10.13.0 -rw-r--r-- 1 root root 206176 2011-11-29 08:47 libmicrohttpd.so.10.13.0 -rw-r--r-- 1 root root 72440 2011-11-27 11:06 libmicrohttpd.so.10.14.0 -rw-r--r-- 1 root root 72440 2011-11-29 08:49 libmicrohttpd.so.10.14.0_bak Then i started GSA and this showed up: root@openvas:/usr/lib# /etc/init.d/greenbone-security-assistant start Starting Greenbone Security Assistant: MHD HTTPS option 8 passed to MHD compiled without HTTPS support ERROR. GSA doesn't work at all... is there another workaround??? -- Pavlik Juan José ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Pavlik Juan José -- Pavlik Juan José ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA still not working
Hi Juan, ssl is enabled by default *if* configure finds the files it needs. Can you check if the packages libgnutls-dev and libgcrypt-dev are installed? ./configure should spit out something like this at the end: configure: Configuration Summary: Operating System: linux-gnu libgcrypt: yes libcurl (testing): yes Target directory: /usr/local Messages: yes HTTP Authentic.: yes Postproc: yes HTTPS support: yes configure: HTTPS subsystem configuration: License : LGPL only On 11/29/2011 6:45 AM, Juan José Pavlik Salles wrote: I'm sorry.. i am using Ubuntu 10.04.3 LTS. El 29 de noviembre de 2011 09:18, Juan José Pavlik Salles jjpav...@gmail.com mailto:jjpav...@gmail.com escribió: I didn't set any particular flag during compilation, i read the README file and didn't find anything about it. It just says how to disable https to save some space. Any ideas about howto turn ssl support on? El 29 de noviembre de 2011 09:11, --[ UxBoD ]-- ux...@splatnix.net mailto:ux...@splatnix.net escribió: Did you compile libmicrohttpd with SSL support ? -- Thanks, Phil Hi, a couple of weeks ago GSA stopped working, it consumes enourmes ammounts of cpu and the web ui doesn't load at all. I read this is caused by a compatibility issue with the newer versions of libmicrohttpd library, so i followed the steps to compile the older version libmicrohttpd-0.9.15. After compilation, without errors, i got libmicrohttpd.so.10.13.0, so i copied it to /usr/lib and changed the symbolic: lrwxrwxrwx 1 root root 24 2011-11-29 08:54 libmicrohttpd.so.10 - libmicrohttpd.so.10.13.0 -rw-r--r-- 1 root root 206176 2011-11-29 08:47 libmicrohttpd.so.10.13.0 -rw-r--r-- 1 root root 72440 2011-11-27 11:06 libmicrohttpd.so.10.14.0 -rw-r--r-- 1 root root 72440 2011-11-29 08:49 libmicrohttpd.so.10.14.0_bak Then i started GSA and this showed up: root@openvas:/usr/lib# /etc/init.d/greenbone-security-assistant start Starting Greenbone Security Assistant: MHD HTTPS option 8 passed to MHD compiled without HTTPS support ERROR. GSA doesn't work at all... is there another workaround??? -- Pavlik Juan José ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org mailto:Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Pavlik Juan José -- Pavlik Juan José ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA still not working
Ryan you saved me!! That was the problem, i hadn't install libgnutls-dev nor libgcrypt-dev. I installed them and recompiled libmicrohttpd and now it works great!!! Thanks! One last thing... every time i perform a system update i should recompile this library, right? El 29 de noviembre de 2011 11:39, Ryan Schulze secur...@dopefish.deescribió: Hi Juan, ssl is enabled by default *if* configure finds the files it needs. Can you check if the packages libgnutls-dev and libgcrypt-dev are installed? ./configure should spit out something like this at the end: configure: Configuration Summary: Operating System: linux-gnu libgcrypt: yes libcurl (testing): yes Target directory: /usr/local Messages: yes HTTP Authentic.: yes Postproc: yes HTTPS support: yes configure: HTTPS subsystem configuration: License : LGPL only On 11/29/2011 6:45 AM, Juan José Pavlik Salles wrote: I'm sorry.. i am using Ubuntu 10.04.3 LTS. El 29 de noviembre de 2011 09:18, Juan José Pavlik Salles jjpav...@gmail.com escribió: I didn't set any particular flag during compilation, i read the README file and didn't find anything about it. It just says how to disable https to save some space. Any ideas about howto turn ssl support on? El 29 de noviembre de 2011 09:11, --[ UxBoD ]-- ux...@splatnix.netescribió: Did you compile libmicrohttpd with SSL support ? -- Thanks, Phil -- Hi, a couple of weeks ago GSA stopped working, it consumes enourmes ammounts of cpu and the web ui doesn't load at all. I read this is caused by a compatibility issue with the newer versions of libmicrohttpd library, so i followed the steps to compile the older version libmicrohttpd-0.9.15. After compilation, without errors, i got libmicrohttpd.so.10.13.0, so i copied it to /usr/lib and changed the symbolic: lrwxrwxrwx 1 root root 24 2011-11-29 08:54 libmicrohttpd.so.10 - libmicrohttpd.so.10.13.0 -rw-r--r-- 1 root root 206176 2011-11-29 08:47 libmicrohttpd.so.10.13.0 -rw-r--r-- 1 root root 72440 2011-11-27 11:06 libmicrohttpd.so.10.14.0 -rw-r--r-- 1 root root 72440 2011-11-29 08:49 libmicrohttpd.so.10.14.0_bak Then i started GSA and this showed up: root@openvas:/usr/lib# /etc/init.d/greenbone-security-assistant start Starting Greenbone Security Assistant: MHD HTTPS option 8 passed to MHD compiled without HTTPS support ERROR. GSA doesn't work at all... is there another workaround??? -- Pavlik Juan José ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Pavlik Juan José -- Pavlik Juan José ___ Openvas-discuss mailing listOpenvas-discuss@wald.intevation.orghttp://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Pavlik Juan José ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
[Openvas-discuss] OpenVAS4 issue with om user
Hello, I have configured a new install of OpenVAS4 to use our own issue certificates by placing them in /etc/pki/tls, as per all our other installations, and then when building OpenVAS I set in CMakeLists.txt : set (OPENVAS_SCANNER_CERTIFICATE /etc/pki/tls/certs/scanner01c_server.pem) set (OPENVAS_SCANNER_KEY /etc/pki/tls/private/scanner01k_server.pem) set (OPENVAS_CLIENT_CERTIFICATE /etc/pki/tls/certs/scanner01c_user.pem) set (OPENVAS_CLIENT_KEY /etc/pki/tls/private/scanner01k_user.pem) set (OPENVAS_CA_CERTIFICATE /etc/pki/CA/certs/OurCA.pem) This was done for each of the packages. When I connect to the GSA that works absolutely fine and presents the correct certificate; though when I try and launch a task it stops straight away with a message in openvassd.messages saying [Tue Nov 29 13:00:47 2011][2227] bad login attempt from 127.0.0.1. Is this because we need to create the user certificate with a DN of 'om' for the internal communication to work ? -- Thanks, Phil ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
[Openvas-discuss] Scans doesn't finish and only unfinished have results...
Hi list, I have run a couple of scans agains my servers on different VLAN's... (~3500 IPs)... I'm ONLY running 1 scan at a time and all of them are the default full and very deep ultimate. Haven't edited configdefaults either... Nov 29, 02:01:10 (not finished) 1 0 0 0 0 1 Nov 29, 02:01:10 Nov 29, 02:02:41 0 0 0 0 0 0 1. Some of my scans doesn't finnish eventhough they are set to run until finished... where can i look to troubleshoot ? 2. I only get results on hosts that have not finished...! and many of my servers are setup the same way (provisioning server) as they are running in a grid...has anyone seen this behaviour before...? Thanks in advance :-) ! Br. Maymann ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss