Re: [Openvas-discuss] Communicating directly with the OpenVAS scanner

2017-06-21 Thread Dario Teixeira 

Hi,

Since I want to communicate with Openvassd, I reckon I'll need to talk 
OTP,
at least for now.  I've found some docs [1], which I trust are 
up-to-date,
correct?  Also, is OTP also layered on top of TLS, or can I directly 
send

the text commands down the wire?


Replying to myself, since Hani has already answered these questions in a
separate message:  Basically the docs I mentioned may not be up-to-date,
and the wire protocol is lot layered on top of TLS.

Best regards,
Dario Teixeira

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Communicating directly with the OpenVAS scanner

2017-06-21 Thread Dario Teixeira 

Hi,


openvassd still uses OTP. It is the ospd-* scanners that use the OSP
protocol. If you're still interested in communicating directly with
openvassd, here is a little example on how to do it:

$ echo -en '< OTP/2.0 >\nCLIENT <|> NVT_INFO\n' | ncat -U
/usr/var/run/openvassd.sock

You can find some very outdated OTP documentation here [1].

[1] http://www.openvas.org/compendium/openvas-compendium.html


Thanks for the info!  This should be enough to get me started.
Though it's a shame the docs are out of date, at least the source
code is available... ;-)

Best regards,
Dario Teixeira


___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Communicating directly with the OpenVAS scanner

2017-06-21 Thread Dario Teixeira 

Hi,


OSP is not the same as OTP. OSP is meant to replace OTP in some kind of
future, but the current openvassd does only talk OTP as Hani said.


Thanks for the clarification.  I jumped the gun, because I assumed OTP
was already a thing of the past...



If you're looking for scanners that can talk the 'OSP' protocol, you
can find various example under the trunk/osp-servers directory in svn:

https://wald.intevation.org/scm/viewvc.php/trunk/osp-servers/?root=openvas

At the moment, none of them is able to process nasl code.


Since I want to communicate with Openvassd, I reckon I'll need to talk 
OTP,
at least for now.  I've found some docs [1], which I trust are 
up-to-date,
correct?  Also, is OTP also layered on top of TLS, or can I directly 
send

the text commands down the wire?

Thanks again for your time!
Best regards,
Dario Teixeira

[1] http://www.openvas.org/compendium/general-aspects-of-otp.html

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Communicating directly with the OpenVAS scanner

2017-06-21 Thread Hani Benhabiles 

On 2017-06-21 11:50, Dario Teixeira wrote:

Hi,


You're trying to use the manager protocol, which is used by the
openvasmd not openvassd. Communicating with openvassd directly (over
OTP) is for internal usage and is not recommended for external clients
as it may change at any time.


Thanks for the reply.  I'm trying to communicate directly with 
Openvassd
using the OSP protocol (formerly known as OTP, if I understand 
correctly).
According to the docs [1], "" is part of the OSP API, 
which
is why I'm puzzled it doesn't work.  Note that I'm writing a daemon 
that
replaces Openvasmd, which is why using OMP or relying on Openvasmd is 
not

an option.

Best regards,
Dario Teixeira

[1] http://docs.greenbone.net/API/OSP/osp-1.0.html



openvassd still uses OTP. It is the ospd-* scanners that use the OSP 
protocol. If you're still interested in communicating directly with 
openvassd, here is a little example on how to do it:


$ echo -en '< OTP/2.0 >\nCLIENT <|> NVT_INFO\n' | ncat -U 
/usr/var/run/openvassd.sock


You can find some very outdated OTP documentation here [1].

[1] http://www.openvas.org/compendium/openvas-compendium.html

Best regards,

Hani.



___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Communicating directly with the OpenVAS scanner

2017-06-21 Thread BenoƮt Allard 
On Wed, 21 Jun 2017 11:50:18 +0100
Dario Teixeira  wrote:

> Hi,
> 
> > You're trying to use the manager protocol, which is used by the
> > openvasmd not openvassd. Communicating with openvassd directly (over
> > OTP) is for internal usage and is not recommended for external
> > clients as it may change at any time.
> 
> Thanks for the reply.  I'm trying to communicate directly with
> Openvassd using the OSP protocol (formerly known as OTP, if I
> understand correctly).
> According to the docs [1], "" is part of the OSP API, 
> which
> is why I'm puzzled it doesn't work.

OSP is not the same as OTP. OSP is meant to replace OTP in some kind of
future, but the current openvassd does only talk OTP as Hani said.

If you're looking for scanners that can talk the 'OSP' protocol, you
can find various example under the trunk/osp-servers directory in svn:

https://wald.intevation.org/scm/viewvc.php/trunk/osp-servers/?root=openvas

At the moment, none of them is able to process nasl code.

Regards,
Ben.

>  Note that I'm writing a daemon
> that replaces Openvasmd, which is why using OMP or relying on
> Openvasmd is not
> an option.
> 
> Best regards,
> Dario Teixeira
> 
> [1] http://docs.greenbone.net/API/OSP/osp-1.0.html
> 
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



pgpVttCA5rmlK.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss