[Openvas-discuss] Why is a tiny fraction of NVTs excluded from scans?
Hi, When the Openvas-manager initiates an OTP exchange with the Openvas-scanner, one of the first things it sends is a list of NVT OIDs. However, I noticed that this list does not include all NVTs present in the DB. Presently, out of over fifty-eight thousand NVTs, there are nineteen which are excluded [1]. My question concerns the criteria used for excluding these NVTs. I've managed to figure out that there are in the DB only four NVTs whose "family" is "Credentials", and all four are excluded. I reckon there's a good change this is one criterion. But what about the others? The pattern is not clear to me. Thanks in advance for your help! Best regards, Dario Teixeira [1] Here are the nineteen excluded NVT OIDs: 1.3.6.1.4.1.25623.1.0.10335 1.3.6.1.4.1.25623.1.0.103591 1.3.6.1.4.1.25623.1.0.104000 1.3.6.1.4.1.25623.1.0.105058 1.3.6.1.4.1.25623.1.0.105076 1.3.6.1.4.1.25623.1.0.105924 1.3.6.1.4.1.25623.1.0.10796 1.3.6.1.4.1.25623.1.0.11219 1.3.6.1.4.1.25623.1.0.11840 1.3.6.1.4.1.25623.1.0.14274 1.3.6.1.4.1.25623.1.0.14663 1.3.6.1.4.1.25623.1.0.8 1.3.6.1.4.1.25623.1.0.80001 1.3.6.1.4.1.25623.1.0.80002 1.3.6.1.4.1.25623.1.0.80009 1.3.6.1.4.1.25623.1.0.80109 1.3.6.1.4.1.25623.1.0.810002 1.3.6.1.4.1.25623.1.0.810003 1.3.6.1.4.1.25623.1.0.90023 ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Communicating directly with the OpenVAS scanner
Hi, Since I want to communicate with Openvassd, I reckon I'll need to talk OTP, at least for now. I've found some docs [1], which I trust are up-to-date, correct? Also, is OTP also layered on top of TLS, or can I directly send the text commands down the wire? Replying to myself, since Hani has already answered these questions in a separate message: Basically the docs I mentioned may not be up-to-date, and the wire protocol is lot layered on top of TLS. Best regards, Dario Teixeira ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Communicating directly with the OpenVAS scanner
Hi, openvassd still uses OTP. It is the ospd-* scanners that use the OSP protocol. If you're still interested in communicating directly with openvassd, here is a little example on how to do it: $ echo -en '< OTP/2.0 >\nCLIENT <|> NVT_INFO\n' | ncat -U /usr/var/run/openvassd.sock You can find some very outdated OTP documentation here [1]. [1] http://www.openvas.org/compendium/openvas-compendium.html Thanks for the info! This should be enough to get me started. Though it's a shame the docs are out of date, at least the source code is available... ;-) Best regards, Dario Teixeira ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Communicating directly with the OpenVAS scanner
Hi, OSP is not the same as OTP. OSP is meant to replace OTP in some kind of future, but the current openvassd does only talk OTP as Hani said. Thanks for the clarification. I jumped the gun, because I assumed OTP was already a thing of the past... If you're looking for scanners that can talk the 'OSP' protocol, you can find various example under the trunk/osp-servers directory in svn: https://wald.intevation.org/scm/viewvc.php/trunk/osp-servers/?root=openvas At the moment, none of them is able to process nasl code. Since I want to communicate with Openvassd, I reckon I'll need to talk OTP, at least for now. I've found some docs [1], which I trust are up-to-date, correct? Also, is OTP also layered on top of TLS, or can I directly send the text commands down the wire? Thanks again for your time! Best regards, Dario Teixeira [1] http://www.openvas.org/compendium/general-aspects-of-otp.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss