from:"Brandon Perry"

Re: [Openvas-discuss] OpenVAS Metasploit

2014-06-21 Thread Brandon Perry

Do you know what broke exactly? I wrote the openvas report parser. If it is
broken, I such fix it. :P


On Sat, Jun 21, 2014 at 2:34 AM, Geoff Galitz ge...@galitz.org wrote:



 If you (or anyone else) gets that to work, please say so.   The plugin
 broke in the early  days of OpenVAS 6 due to changes in how data gets
 exported.  I worked with the metasploit frameworks folks a bit to fix
 it... but for whatever reason on their side they weren't able to push the
 fix at the time.

 It'd be awesome to know if it works now.

 -G




  Absolutely, but it is not exposed in the fancy web UI. You must use the
  console.
 
 
  On Fri, Jun 20, 2014 at 2:29 PM, W Scott Lockwood III 
 sc...@guppylog.com
  wrote:
 
  Awesome! Is that included in the commercial version as well?
 
  On Fri, 2014-06-20 at 14:25 -0500, Brandon Perry wrote:
   There is an openvas plugin.
  
  
   In msfconsole, type 'load openvas' and it will enable the openvas
   specific commands.
  
  
  
 
 https://github.com/rapid7/metasploit-framework/blob/master/plugins/openvas.rb
 
 
 
  --
  William Scott Lockwood III
  GWB2009033817
  AMC Technology
  GWB BoD
 
 
 
 
  --
  http://volatile-minds.blogspot.com -- blog
  http://www.volatileminds.net -- website
  ___
  Openvas-discuss mailing list
  Openvas-discuss@wald.intevation.org
 
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


 --
 Geoff Galitz
 http://www.galitz.org




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS v7 Not Working

2014-07-09 Thread Brandon Perry

And you clearly ran it, my bad. :)

Maybe run --update after ensuring all of the openvas processes are stopped. And 
then --migrate for thoroughness.

Sent from a computer

 On Jul 9, 2014, at 9:44 AM, Robert Debs rdeb...@gmail.com wrote:
 
 
 We are a networking company that uses OpenVAS to support our customers. 
 Currently we use CentOS 6.5 as our platform and we just recently ran into 
 some issues. Below is the error I am getting for v7 install.
 
 [root@pentester-cli ~]# openvas-check-setup --server --v7
 openvas-check-setup 2.2.1
   Test completeness and readiness of OpenVAS-7
 
   Please report us any non-detected problems and
   help us to improve this check routine:
   http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
 
   Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the 
 problem.
 
 Step 1: Checking OpenVAS Scanner ... 
 OK: OpenVAS Scanner is present in version 4.0.1.
 OK: OpenVAS Scanner CA Certificate is present as 
 /var/lib/openvas/CA/cacert.pem.
 OK: NVT collection in /var/lib/openvas/plugins contains 35454 NVTs.
 WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
 SUGGEST: Enable signature checking (see 
 http://www.openvas.org/trusted-nvts.html).
 Step 2: Checking OpenVAS Manager ... 
 OK: OpenVAS Manager is present in version 5.0.2.
 OK: OpenVAS Manager client certificate is present as 
 /var/lib/openvas/CA/clientcert.pem.
 OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
 OK: Access rights for the OpenVAS Manager database are correct.
 OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
 OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
 OK: sqlite3 found, extended checks of the OpenVAS Manager 
 installation enabled.
 OK: OpenVAS Manager database is at revision 116.
 OK: OpenVAS Manager expects database at revision 123.
 ERROR: Database schema is out of date.
 FIX: Run 'openvasmd --migrate'.
 
  ERROR: Your OpenVAS-7 installation is not yet complete!
 
 Please follow the instructions marked with FIX above and run this
 script again.
 
 If you think this result is wrong, please report your observation
 and help us to improve this check routine:
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
 Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze 
 the problem.
 
 [root@pentester-cli ~]# openvasmd --migrate -v
 md   main:  DEBUG:4315:2014-07-09 09h34.09 CDT:sql: ATTACH DATABASE 
 '/var/lib/openvas/scap-data/scap.db' AS scap;
 md   main:  DEBUG:4315:2014-07-09 09h34.09 CDT:sql: ATTACH DATABASE 
 '/var/lib/openvas/cert-data/cert.db' AS cert;
 md   main:  DEBUG:4315:2014-07-09 09h34.09 CDT:sql_x: SELECT count (*) 
 FROM main.sqlite_master WHERE type = 'table' AND name = 'meta';
 md   main:  DEBUG:4315:2014-07-09 09h34.09 CDT:sql_x end
 md   main:  DEBUG:4315:2014-07-09 09h34.09 CDT:sql_x: SELECT value FROM 
 main.meta WHERE name = 'database_version' LIMIT 1;
 md   main:  DEBUG:4315:2014-07-09 09h34.09 CDT:sql_x end
 Aborted (core dumped)
 
 Any help would be appreciated.
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] updating via yum...

2014-07-09 Thread Brandon Perry

Hmm, any reason you are on i686? Maybe the build of the lib you need isn't
available for i686.


On Wed, Jul 9, 2014 at 1:10 PM, Jack Harvey ja...@synnex.com wrote:

  From the Quick-Setup and Quick-Start page, following the steps for
 CentOS 6 install, after adding the Atomicorp repository

 when I execute yum upgrade I get this:



 Error: Package: gstreamer-plugins-bad-free-0.10.19-2.el6.i686
 (@anaconda-CentOS-201311271240.i386/6.5)

Requires: libvpx.so.0

Removing: libvpx-0.9.0-8.el6_0.i686
 (@anaconda-CentOS-201311271240.i386/6.5)

libvpx.so.0

Updated By: libvpx-1.2.0-2.el6.art.i686 (atomic)

Not found

 You could try using --skip-broken to work around the problem

 You could try running: rpm -Va --nofiles –nodigest



 I would appreciate any insight/info regarding steps needed to be able to
 upgrade/add updates/





 Jack Harvey  CISSP

 Synnex Corporation

 864-349-4939



 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] next steps for development in OpenVAS

2014-07-21 Thread Brandon Perry

I would grok the following:

http://www.openvas.org/protocol-doc.html

The OMP protocol will be what you use for the most part, I think, for
instrumentation and automation.


On Mon, Jul 21, 2014 at 1:12 PM, Pham, Tam T tam.t.p...@hp.com wrote:

 Everyone:

 I have done some digging into Openvas including install from RPM in RHEL,
 DEB install into Ubuntu, and source install into Ubuntu.  I have previous
 exposure to NASL from working on Nessus when it was still open source.

 I am instrumenting Openvas to do automated scans in my production
 environment and am also interested in contributing to the development
 effort.

 At this point I would like some suggestions on how to get more deeply
 involved in two areas of interest:
 1) Developing plugins in OVAL to extend the tool set.
 2) Contributing to the development of Openvas security scanner.  I am
 interested in just digging in now and getting general understanding of the
 data flow.  Also getting a handle on the development and debugging
 environment.

 Regards,
 Tam
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVas7 Manager to Scanner error

2014-07-22 Thread Brandon Perry

What happens when you try to start a scan with raw OMP? start_task / iirc


On Tue, Jul 22, 2014 at 4:54 PM, Brian Diehl bdi...@christensenfarms.com
wrote:

  Hello,
 I just completed an upgrade of OpenVas from version 6 to version 7.  I am
 running 64bit Ubuntu 13.10 (Saucy).  GSAD works great.  I’m able to login
 and view the results of past scans.  However, when I try to launch a new
 scan it fails with a GSAD status code of error 503, service temporarily
 down.  When I look in /usr/local/var/log/openvas/ the only file with errors
 in it is openvasmd.log.  This is the error I get:

 event task:MESSAGE:2014-07-22 16h21.47 CDT:24457: Task
 20ba6b3d-ab49-4676-ba04-20b7e81c014a could not be started by admin

 Below is the output from the openvas-check-setup script:


 Step 1: Checking OpenVAS Scanner ...
 OK: OpenVAS Scanner is present in version 4.0.1.
 OK: OpenVAS Scanner CA Certificate is present as
 /usr/local/var/lib/openvas/CA/cacert.pem.
 OK: NVT collection in /usr/local/var/lib/openvas/plugins contains
 35581 NVTs.
 WARNING: Signature checking of NVTs is not enabled in OpenVAS
 Scanner.
 SUGGEST: Enable signature checking (see
 http://www.openvas.org/trusted-nvts.html).
 OK: The NVT cache in /usr/local/var/cache/openvas contains 35582
 files for 35581 NVTs.
 Step 2: Checking OpenVAS Manager ...
 OK: OpenVAS Manager is present in version 5.0.2.
 OK: OpenVAS Manager client certificate is present as
 /usr/local/var/lib/openvas/CA/clientcert.pem.
 OK: OpenVAS Manager database found in
 /usr/local/var/lib/openvas/mgr/tasks.db.
 OK: Access rights for the OpenVAS Manager database are correct.
 OK: sqlite3 found, extended checks of the OpenVAS Manager
 installation enabled.
 OK: OpenVAS Manager database is at revision 123.
 OK: OpenVAS Manager expects database at revision 123.
 OK: Database schema is up to date.
 OK: OpenVAS Manager database contains information about 32692 NVTs.
 OK: OpenVAS SCAP database found in
 /usr/local/var/lib/openvas/scap-data/scap.db.
 OK: OpenVAS CERT database found in
 /usr/local/var/lib/openvas/cert-data/cert.db.
 OK: xsltproc found.
 Step 3: Checking user configuration ...
 WARNING: Your password policy is empty.
 SUGGEST: Edit the /usr/local/etc/openvas/pwpolicy.conf file to set
 a password policy.
 Step 4: Checking Greenbone Security Assistant (GSA) ...
 OK: Greenbone Security Assistant is present in version 5.0.1.
 Step 5: Checking OpenVAS CLI ...
 OK: OpenVAS CLI version 1.3.0.
 Step 6: Checking Greenbone Security Desktop (GSD) ...
 SKIP: Skipping check for Greenbone Security Desktop.
 Step 7: Checking if OpenVAS services are up and running ...
 OK: netstat found, extended checks of the OpenVAS services enabled.
 OK: OpenVAS Scanner is running and listening on all interfaces.
 OK: OpenVAS Scanner is listening on port 9391, which is the
 default port.
 OK: OpenVAS Manager is running and listening on all interfaces.
 OK: OpenVAS Manager is listening on port 9390, which is the
 default port.
 OK: Greenbone Security Assistant is running and listening on all
 interfaces.
 OK: Greenbone Security Assistant is listening on port 443, which
 is the default port.
 Step 8: Checking nmap installation ...
 WARNING: Your version of nmap is not fully supported: 6.40
 SUGGEST: You should install nmap 5.51.
 Step 9: Checking presence of optional tools ...
 OK: pdflatex found.
 WARNING: PDF generation failed, most likely due to missing LaTeX
 packages. The PDF report format will not work.
 SUGGEST: Install required LaTeX packages.
 OK: ssh-keygen found, LSC credential generation for GNU/Linux
 targets is likely to work.
 WARNING: Could not find rpm binary, LSC credential package
 generation for RPM and DEB based targets will not work.
 SUGGEST: Install rpm.
 WARNING: Could not find makensis binary, LSC credential package
 generation for Microsoft Windows targets will not work.
 SUGGEST: Install nsis.

 It seems like your OpenVAS-7 installation is OK.


 Any thoughts?

 Thank you in advance.

 Brian Diehl
 Christensen Farms IT Manager
 Phone: 507-794-8585




 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVas7 Manager to Scanner error

2014-07-22 Thread Brandon Perry

You can also use the omp to directly list the current statuses of the tasks
in the database. Does this say that scan hasn't started?


On Tue, Jul 22, 2014 at 5:13 PM, Brian Diehl bdi...@christensenfarms.com
wrote:

  Nothing appears to happen including nothing in the logs.  Here is the
 output from the screen capture in case I’m doing something wrong:



 bdiehl@ubuntu1:/usr/local/var/log/openvas$ date

 Tue Jul 22 17:11:33 CDT 2014

 bdiehl@ubuntu1:/usr/local/var/log/openvas$ ls -ltr

 total 104

 -rw-r--r-- 1 root root88 Jul 22 17:01 openvasad.log

 -rw-r--r-- 1 root root  3508 Jul 22 17:06 gsad.log

 -rw-r--r-- 1 root root   297 Jul 22 17:06 openvassd.messages

 -rw--- 1 root root 86179 Jul 22 17:07 openvasmd.log

 bdiehl@ubuntu1:/usr/local/var/log/openvas$ sudo omp -v -u admin -w admin
 -S 20ba6b3d-ab49-4676-ba04-20b7e81c014a

 bdiehl@ubuntu1:/usr/local/var/log/openvas$ echo $?

 0

 bdiehl@ubuntu1:/usr/local/var/log/openvas$ ls -ltr

 total 104

 -rw-r--r-- 1 root root88 Jul 22 17:01 openvasad.log

 -rw-r--r-- 1 root root  3508 Jul 22 17:06 gsad.log

 -rw-r--r-- 1 root root   297 Jul 22 17:06 openvassd.messages

 -rw--- 1 root root 86179 Jul 22 17:07 openvasmd.log



 bdiehl@ubuntu1:/usr/local/var/log/openvas$ ps -ef | grep open

 root 25093 1  5 17:06 ?00:00:20 openvassd: Waiting for
 incoming connections

 root 25097 1  0 17:06 pts/100:00:00 openvasmd



 Brian Diehl

 Christensen Farms IT Manager

 Phone: 507-794-8585



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Tuesday, July 22, 2014 5:06 PM
 *To:* Brian Diehl
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] OpenVas7 Manager to Scanner error



 What happens when you try to start a scan with raw OMP? start_task / iirc



 On Tue, Jul 22, 2014 at 4:54 PM, Brian Diehl bdi...@christensenfarms.com
 wrote:

 Hello,

 I just completed an upgrade of OpenVas from version 6 to version 7.  I am
 running 64bit Ubuntu 13.10 (Saucy).  GSAD works great.  I’m able to login
 and view the results of past scans.  However, when I try to launch a new
 scan it fails with a GSAD status code of error 503, service temporarily
 down.  When I look in /usr/local/var/log/openvas/ the only file with errors
 in it is openvasmd.log.  This is the error I get:



 event task:MESSAGE:2014-07-22 16h21.47 CDT:24457: Task
 20ba6b3d-ab49-4676-ba04-20b7e81c014a could not be started by admin



 Below is the output from the openvas-check-setup script:





 Step 1: Checking OpenVAS Scanner ...

 OK: OpenVAS Scanner is present in version 4.0.1.

 OK: OpenVAS Scanner CA Certificate is present as
 /usr/local/var/lib/openvas/CA/cacert.pem.

 OK: NVT collection in /usr/local/var/lib/openvas/plugins contains
 35581 NVTs.

 WARNING: Signature checking of NVTs is not enabled in OpenVAS
 Scanner.

 SUGGEST: Enable signature checking (see
 http://www.openvas.org/trusted-nvts.html).

 OK: The NVT cache in /usr/local/var/cache/openvas contains 35582
 files for 35581 NVTs.

 Step 2: Checking OpenVAS Manager ...

 OK: OpenVAS Manager is present in version 5.0.2.

 OK: OpenVAS Manager client certificate is present as
 /usr/local/var/lib/openvas/CA/clientcert.pem.

 OK: OpenVAS Manager database found in
 /usr/local/var/lib/openvas/mgr/tasks.db.

 OK: Access rights for the OpenVAS Manager database are correct.

 OK: sqlite3 found, extended checks of the OpenVAS Manager
 installation enabled.

 OK: OpenVAS Manager database is at revision 123.

 OK: OpenVAS Manager expects database at revision 123.

 OK: Database schema is up to date.

 OK: OpenVAS Manager database contains information about 32692 NVTs.

 OK: OpenVAS SCAP database found in
 /usr/local/var/lib/openvas/scap-data/scap.db.

 OK: OpenVAS CERT database found in
 /usr/local/var/lib/openvas/cert-data/cert.db.

 OK: xsltproc found.

 Step 3: Checking user configuration ...

 WARNING: Your password policy is empty.

 SUGGEST: Edit the /usr/local/etc/openvas/pwpolicy.conf file to set
 a password policy.

 Step 4: Checking Greenbone Security Assistant (GSA) ...

 OK: Greenbone Security Assistant is present in version 5.0.1.

 Step 5: Checking OpenVAS CLI ...

 OK: OpenVAS CLI version 1.3.0.

 Step 6: Checking Greenbone Security Desktop (GSD) ...

 SKIP: Skipping check for Greenbone Security Desktop.

 Step 7: Checking if OpenVAS services are up and running ...

 OK: netstat found, extended checks of the OpenVAS services enabled.

 OK: OpenVAS Scanner is running and listening on all interfaces.

 OK: OpenVAS Scanner is listening on port 9391, which is the
 default port.

 OK: OpenVAS Manager is running and listening on all interfaces.

 OK: OpenVAS Manager is listening on port 9390, which is the
 default port.

 OK: Greenbone

Re: [Openvas-discuss] Manager error

2014-07-23 Thread Brandon Perry

If authentication were an issue, then the previous omp command you ran
wouldn't have worked.

I don't recall you posting the result of listing the current tasks via omp
after attempting to start a task. Did this not work?


On Wed, Jul 23, 2014 at 10:33 AM, Brian Diehl bdi...@christensenfarms.com
wrote:

  I believe this is the reason why I can’t start any tasks.  I started the
 manager process in verbose and found this error in the log.  How to I setup
 authentication properly?

 md   main:   INFO:2014-07-23 15h29.33 utc:27174:Manager bound to
 address * port 9390
 md   main:   INFO:2014-07-23 15h29.33 utc:27174:Set to connect to
 address 127.0.0.1 port 9391
 lib auth:   INFO:2014-07-23 15h29.33 utc:27174: Authentication
 configuration not found.

 Brian Diehl
 Christensen Farms IT Manager
 Phone: 507-794-8585




 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Manager error

2014-07-23 Thread Brandon Perry

I think you can also pass -vvv to omp to get super verbose output.


On Wed, Jul 23, 2014 at 10:49 AM, Brandon Perry bperry.volat...@gmail.com
wrote:

 If authentication were an issue, then the previous omp command you ran
 wouldn't have worked.

 I don't recall you posting the result of listing the current tasks via omp
 after attempting to start a task. Did this not work?


 On Wed, Jul 23, 2014 at 10:33 AM, Brian Diehl bdi...@christensenfarms.com
  wrote:

  I believe this is the reason why I can’t start any tasks.  I started
 the manager process in verbose and found this error in the log.  How to I
 setup authentication properly?

 md   main:   INFO:2014-07-23 15h29.33 utc:27174:Manager bound to
 address * port 9390
 md   main:   INFO:2014-07-23 15h29.33 utc:27174:Set to connect to
 address 127.0.0.1 port 9391
 lib auth:   INFO:2014-07-23 15h29.33 utc:27174: Authentication
 configuration not found.

 Brian Diehl
 Christensen Farms IT Manager
 Phone: 507-794-8585




 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] SMTP problems not discovered

2014-07-25 Thread Brandon Perry

Does it respond to ICMP pings? OpenVAS may be skipping it due to no
response from a ping.

On Fri, Jul 25, 2014 at 10:35 AM, deepak deepak...@gmail.com wrote:

Hi,

I have a target host that runs an SMTP server on port 25. I have the
target configured with All IANA assigned TCP and UDP 2012-02-10
https://10.25.25.159:9392/omp?cmd=get_port_listport_list_id=4a4717fe-57d2-11e1-9a26-406186ea4fc5token=22433b51-ac0f-494e-b727-e11b89fb0fb0
port list, so it should include port 25.

I created a task with the above target and Full and very deep ultimate
scan config, which should include running SMTP related tests.
However, I do not see any SMTP related log messages in the results. When
I manually test the target's SMTP, I see that it replies to
EXPN command and this should have been detected. Moreover, it should have
at least logged a log level message saying that it found an SMTP server,
which I don't see in the results. I suspect the related family of NVTs
isn't being run at all.

I have made sure that the target host and port are reachable from the host
where openvas is installed (I can telnet to it).

Anything I'm missing?

--
Deepak

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

--
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] SMTP problems not discovered

2014-07-25 Thread Brandon Perry

So configuring the target to be considered alive resolved the issue?

On Fri, Jul 25, 2014 at 10:44 AM, deepak deepak...@gmail.com wrote:

from command line, yes. However I had to configure the target's Alive
Test: to be Consider Alive because it always logged host is dead or
such when it was left with the default Scan Config Default.

Thanks,
Deepak

On Fri, Jul 25, 2014 at 10:39 AM, Brandon Perry bperry.volat...@gmail.com
wrote:

Does it respond to ICMP pings? OpenVAS may be skipping it due to no
response from a ping.

On Fri, Jul 25, 2014 at 10:35 AM, deepak deepak...@gmail.com wrote:

Hi,

I created a task with the above target and Full and very deep ultimate
scan config, which should include running SMTP related tests.
However, I do not see any SMTP related log messages in the results.
When I manually test the target's SMTP, I see that it replies to
EXPN command and this should have been detected. Moreover, it should
have at least logged a log level message saying that it found an SMTP
server, which I don't see in the results. I suspect the related family of
NVTs isn't being run at all.

I have made sure that the target host and port are reachable from the
host where openvas is installed (I can telnet to it).

Anything I'm missing?

--
Deepak

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org

https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

--
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website

Re: [Openvas-discuss] high load in master-slave mode

2014-07-28 Thread Brandon Perry

Is there another process, such as nmap, or dirb running as well? Maybe it
is hung up on a NASL script that hadn't finished...


On Mon, Jul 28, 2014 at 5:59 AM, red0queen red0qu...@red-net.info wrote:

  Hello,

 I was trying the master slave mode and I have a strange behavior : when
 the scan end, a scan process (openvassd) stay alive on the master node, and
 use 100% cpu. If I lauch another scan, a second will stay alive with full
 cpu usage (the master node is a dual core). I must to kill this process by
 hand to avoid the load.
 ps aux tell  : root  8070 41.5  2.1  33032 22600 ?Rs   11:41
 27:23 openvassd: Serving 127.0.0.1
 No significant entries was logged in openvassd.dump, and my
 openvassd.messages is full of :
 [Mon Jul 28 10:52:32 2014][9375] Communication closed by client
 [Mon Jul 28 10:52:32 2014][9375] Client not present
 [Mon Jul 28 10:53:06 2014][9384] Communication closed by client
 [Mon Jul 28 10:53:06 2014][9384] Client not present
 [Mon Jul 28 10:53:37 2014][9393] Communication closed by client
 [Mon Jul 28 10:53:37 2014][9393] Client not present

 I don't know how-to investigate more.

 (Of course, a scan executed from the master node without delegation to a
 slave node don't do that.)
 Thanks
 --
 *Red0queen*
 --
 *Mèl* : red0queen(at)red-net(dot)info red0qu...@red-net.info
 *GPG Id* : B75F141B
 www.red-net.info

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] don't ping...

2014-07-29 Thread Brandon Perry

Not sure exactly how you are configuring the scan config, but someone
recently had this same issue:

https://www.mail-archive.com/openvas-discuss@wald.intevation.org/msg06133.html


On Tue, Jul 29, 2014 at 11:55 AM, Jack Harvey ja...@synnex.com wrote:

  By way of further explanation of my issue:

 I have a linux-based computer with a firewall.  This computer does not
 respond to “pings”.  If I run a scan with the “Full and very deep” config,
 the scan takes seconds and

 returns no results.  If I do a port scan with nmap (from my OpenVAS
 computer) and the –Pn parameter (treat all hosts as online), it finds
 several ports open…verified by the system owner.

 I have cloned the “Full and very deep” config and tried to modify the port
 scanner section “launch nmap for network scanning” and enable “treat all
 hosts as online”, but still have no success

 scanning and getting some results.

 Help appreciated!





 *From:* Jack Harvey
 *Sent:* Tuesday, July 29, 2014 11:34 AM
 *To:* openvas-discuss@wald.intevation.org
 *Subject:* don't ping...



 Sorry for the ignorant question.  I am looking for the right scan config
 setting so that all hosts are treated as live.

 Direction appreciated.



 Jack Harvey  CISSP

 Synnex Corporation

 864-349-4939



 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] don't ping...

2014-07-29 Thread Brandon Perry

I believe they were using GSA to do it, and it is at the host level, not
the config level IIRC.


On Tue, Jul 29, 2014 at 12:18 PM, Jack Harvey ja...@synnex.com wrote:

  I think that’s what I’m trying to do/ask how to do.  Apologies for being
 slow…but where do I configure this “Consider Alive” parameter for the host?



 Jack Harvey  CISSP

 Synnex Corporation

 864-349-4939



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Tuesday, July 29, 2014 1:00 PM
 *To:* Jack Harvey
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] don't ping...



 Not sure exactly how you are configuring the scan config, but someone
 recently had this same issue:




 https://www.mail-archive.com/openvas-discuss@wald.intevation.org/msg06133.html



 On Tue, Jul 29, 2014 at 11:55 AM, Jack Harvey ja...@synnex.com wrote:

  By way of further explanation of my issue:

 I have a linux-based computer with a firewall.  This computer does not
 respond to “pings”.  If I run a scan with the “Full and very deep” config,
 the scan takes seconds and

 returns no results.  If I do a port scan with nmap (from my OpenVAS
 computer) and the –Pn parameter (treat all hosts as online), it finds
 several ports open…verified by the system owner.

 I have cloned the “Full and very deep” config and tried to modify the port
 scanner section “launch nmap for network scanning” and enable “treat all
 hosts as online”, but still have no success

 scanning and getting some results.

 Help appreciated!





 *From:* Jack Harvey
 *Sent:* Tuesday, July 29, 2014 11:34 AM
 *To:* openvas-discuss@wald.intevation.org
 *Subject:* don't ping...



 Sorry for the ignorant question.  I am looking for the right scan config
 setting so that all hosts are treated as live.

 Direction appreciated.



 Jack Harvey  CISSP

 Synnex Corporation

 864-349-4939




 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss





 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Time Zone

2014-07-29 Thread Brandon Perry

I thought it used the system time, but I am willing to eat my words on this.

Setting the system time correctly still yields an incorrect time in openvas
reports/schedules?


On Tue, Jul 29, 2014 at 12:10 PM, luciano fain lucianof...@hotmail.com
wrote:

 Hi all, where can i change the openvas time zone? i'm not using GSA, I'm
 using all background services for scanning.
 Best regards.
 Luciano

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take credentials, hosts or tasks

2014-08-13 Thread Brandon Perry

Can you create targets with raw OMP?


On Wed, Aug 13, 2014 at 2:45 PM, Tom Powers t...@sound-solutions.biz
wrote:


  Sound Solutions, Inc.
 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Hello Openvas..





 I have a fresh build of Open Vas 7 running on Ubuntu 14.04. Installed from
 sources. Install went great.



 Current versions of each app are:



 Libraries 7.01

 Scanner 4.01

 Manager 5.0

 GSAD 5.0

 CLI 1.30



 Openvas-check comes back perfectly clean.



 I can log into the Greenbone web console. When I try to add a target, or a
 credential, the site simply sits there. it doesn’t time out, it doesn’t
 fail, and it’s not frozen because I can navigate to other parts of the GSAD
 site….yet the credential or the target, or whatever, never gets created.



 What could be the issue and where can I go to start looking for a problem?
 The GSAD, Scanner, and Manager log files are all clean



 Thanks



 Tom Powers


 --
   Sound Solutions, Inc. - Since 1995
 We Appreciate Your Business and Referrals

 This message (and any associated files) is intended only for the use of
 the individual or entity to which it is addressed and may contain
 information that is confidential, subject to copyright or constitutes a
 trade secret. If you are not the intended recipient you are hereby notified
 that any dissemination, copying or distribution of this message, or files
 associated with this message, is strictly prohibited. If you have received
 this message in error, please notify us immediately by replying to the
 message and deleting it from your computer. Messages sent to and from us
 may be monitored.

 Internet communications cannot be guaranteed to be secure or error-free as
 information could be intercepted, corrupted, lost, destroyed, arrive late
 or incomplete, or contain viruses. Therefore, we do not accept
 responsibility for any errors or omissions that are present in this
 message, or any attachment, that have arisen as a result of e-mail
 transmission. If verification is required, please request a hard-copy
 version. Any views or opinions presented are solely those of the author and
 do not necessarily represent those of the company.


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take credentials, hosts or tasks

2014-08-13 Thread Brandon Perry

You can use the 'omp' utility to talk with the openvas manager directly,
either with some of the prebuilt arguments, or with explicit XML.

http://www.openvas.org/protocol-doc.html


On Wed, Aug 13, 2014 at 2:59 PM, Tom Powers t...@sound-solutions.biz
wrote:


  Sound Solutions, Inc.
 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Not sure…how does one try that in the OpenVas 7?  I made the jump from 3
 to 7 here…so I’m sure I’ve missed some of the commands along the way



 All insight is appreciated



 Thanks


 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 2:52 PM
 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Can you create targets with raw OMP?



 On Wed, Aug 13, 2014 at 2:45 PM, Tom Powers t...@sound-solutions.biz
 wrote:

  Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Hello Openvas..





 I have a fresh build of Open Vas 7 running on Ubuntu 14.04. Installed from
 sources. Install went great.



 Current versions of each app are:



 Libraries 7.01

 Scanner 4.01

 Manager 5.0

 GSAD 5.0

 CLI 1.30



 Openvas-check comes back perfectly clean.



 I can log into the Greenbone web console. When I try to add a target, or a
 credential, the site simply sits there. it doesn’t time out, it doesn’t
 fail, and it’s not frozen because I can navigate to other parts of the GSAD
 site….yet the credential or the target, or whatever, never gets created.



 What could be the issue and where can I go to start looking for a problem?
 The GSAD, Scanner, and Manager log files are all clean



 Thanks



 Tom Powers


 --

 Sound Solutions, Inc. - Since 1995

 We Appreciate Your Business and Referrals


 This message (and any associated files) is intended only for the use of
 the individual or entity to which it is addressed and may contain
 information that is confidential, subject to copyright or constitutes a
 trade secret. If you are not the intended recipient you are hereby notified
 that any dissemination, copying or distribution of this message, or files
 associated with this message, is strictly prohibited. If you have received
 this message in error, please notify us immediately by replying to the
 message and deleting it from your computer. Messages sent to and from us
 may be monitored.

 Internet communications cannot be guaranteed to be secure or error-free as
 information could be intercepted, corrupted, lost, destroyed, arrive late
 or incomplete, or contain viruses. Therefore, we do not accept
 responsibility for any errors or omissions that are present in this
 message, or any attachment, that have arisen as a result of e-mail
 transmission. If verification is required, please request a hard-copy
 version. Any views or opinions presented are solely those of the author and
 do not necessarily represent those of the company.


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss





 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website
 --
   Sound Solutions, Inc. - Since 1995
 We Appreciate Your Business and Referrals

 This message (and any associated files) is intended only for the use of
 the individual or entity to which it is addressed and may contain
 information that is confidential, subject to copyright or constitutes a
 trade secret. If you are not the intended recipient you are hereby notified
 that any dissemination, copying or distribution of this message, or files
 associated with this message, is strictly prohibited. If you have received
 this message in error, please notify us immediately by replying to the
 message and deleting it from your computer. Messages sent to and from us
 may be monitored.

 Internet communications cannot be guaranteed to be secure or error-free as
 information could be intercepted, corrupted, lost, destroyed, arrive late
 or incomplete, or contain viruses. Therefore, we do not accept
 responsibility for any errors or omissions that are present in this
 message, or any attachment, that have arisen as a result of e-mail
 transmission. If verification is required, please request a hard-copy
 version. Any views or opinions presented are solely those of the author and
 do not necessarily represent those of the company.




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] 7 task in paralell

2014-08-13 Thread Brandon Perry

TBH it would actually be awesome if SQLite were supported out of the box,
but you could configure OpenVAS to use PostgreSQL. Would resolve this
issue, and would allow you to reduce IO during scans on the engine, and put
it on a dedicated database.


On Wed, Aug 13, 2014 at 6:26 PM, luciano fain lucianof...@hotmail.com
wrote:

 Dear all, any of you knows why when you run 7 / 8 task in paralell each
 one with one host, the gsad intrface stucks?

 I can see the key problem in tasks.db access, do you have any suggestion
 to execute 7 or more tasks in paralell with good response of tasks.db?

 I know the same sqlite db is used by scanner and gsad gr.interface.

 Any tip will be appreciated.
 Regards.

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take credentials, hosts or tasks

2014-08-14 Thread Brandon Perry

Yep, you will need to build a small XML snippet to create a target, then
you can use --get-targets to ensure it was created:

omp --xml=create_targetnameAll GNU/Linux
machines/namehosts192.168.1.0/24/hosts/create_target

omp --get-targets



On Wed, Aug 13, 2014 at 3:23 PM, Tom Powers t...@sound-solutions.biz
wrote:


  Sound Solutions, Inc.
 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Looks promising…but I must be stuck on a syntax error or something.  The
 commands on the OMP site documentation don't match what I get when I tryp
 omp --help



 I get this for options…and all I see is create task, no create credentials
 or targets



 root@BFN-Securscan7:~# omp --help

 Usage:

   omp [OPTION...] - OpenVAS OMP Command Line Interface



 Help Options:

   -?, --help  Show help options



 Application Options:

   -h, --host=host   Connect to manager on host host

   -p, --port=number Use port number number

   -V, --version   Print version.

   -v, --verbose   Verbose messages (WARNING: may reveal
 passwords).

   --use-certs Use client certificates to authenticate

   -u, --username=username   OMP username

   -w, --password=password   OMP password

   --config-file=config-file Configuration file for connection
 parameters.

   -P, --promptPrompt to exit.

   -O, --get-omp-version   Print OMP version.

   -n, --name=name   Name for create-task.

   -C, --create-task   Create a task.

   -m, --comment=nameComment for create-task.

   -c, --config=config   Config for create-task.

   -r, --rcCreate task with RC read from stdin.

   -t, --target=target   Target for create-task.

   -E, --delete-report Delete one or more reports.

   -D, --delete-task   Delete one or more tasks.

   -R, --get-reportGet report of one task.

   -F, --get-report-formatsGet report formats. (OMP 2.0 only)

   -f, --format=format   Format for get-report.

   -G, --get-tasks Get status of one, many or all tasks.

   -g, --get-configs   Get configs.

   -T, --get-targets   Get targets.

   -i, --pretty-print  In combination with -X, pretty print the
 response.

   -S, --start-taskStart one or more tasks.

   -M, --modify-task   Modify a task.

   --file  Add text in stdin as file on task.

   -X, --xml=command XML command (e.g. help/).  - to
 read from stdin.



 root@BFN-Securscan7:~#



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:05 PM

 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 You can use the 'omp' utility to talk with the openvas manager directly,
 either with some of the prebuilt arguments, or with explicit XML.



 http://www.openvas.org/protocol-doc.html



 On Wed, Aug 13, 2014 at 2:59 PM, Tom Powers t...@sound-solutions.biz
 wrote:

  Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Not sure…how does one try that in the OpenVas 7?  I made the jump from 3
 to 7 here…so I’m sure I’ve missed some of the commands along the way



 All insight is appreciated



 Thanks


 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 2:52 PM
 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Can you create targets with raw OMP?



 On Wed, Aug 13, 2014 at 2:45 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Hello Openvas..





 I have a fresh build of Open Vas 7 running on Ubuntu 14.04. Installed from
 sources. Install went great.



 Current versions of each app are:



 Libraries 7.01

 Scanner 4.01

 Manager 5.0

 GSAD 5.0

 CLI 1.30



 Openvas-check comes back perfectly clean.



 I can log into the Greenbone web console. When I try to add a target, or a
 credential, the site simply sits there. it doesn’t time out, it doesn’t
 fail, and it’s not frozen because I can navigate to other parts of the GSAD
 site….yet the credential or the target, or whatever, never gets created.



 What could be the issue and where can I go to start looking for a problem?
 The GSAD, Scanner, and Manager log files are all clean



 Thanks



 Tom Powers


 --

 Sound Solutions, Inc. - Since 1995

 We Appreciate Your Business and Referrals


 This message (and any associated files) is intended only for the use of
 the individual or entity

Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take credentials, hosts or tasks

2014-08-14 Thread Brandon Perry

This will basically tell you whether the manager or GSA is the issue.


On Wed, Aug 13, 2014 at 3:26 PM, Brandon Perry bperry.volat...@gmail.com
wrote:

 Yep, you will need to build a small XML snippet to create a target, then
 you can use --get-targets to ensure it was created:

 omp --xml=create_targetnameAll GNU/Linux 
 machines/namehosts192.168.1.0/24/hosts/create_target

 omp --get-targets



 On Wed, Aug 13, 2014 at 3:23 PM, Tom Powers t...@sound-solutions.biz
 wrote:


  Sound Solutions, Inc.
 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Looks promising…but I must be stuck on a syntax error or something.  The
 commands on the OMP site documentation don't match what I get when I tryp
 omp --help



 I get this for options…and all I see is create task, no create
 credentials or targets



 root@BFN-Securscan7:~# omp --help

 Usage:

   omp [OPTION...] - OpenVAS OMP Command Line Interface



 Help Options:

   -?, --help  Show help options



 Application Options:

   -h, --host=host   Connect to manager on host host

   -p, --port=number Use port number number

   -V, --version   Print version.

   -v, --verbose   Verbose messages (WARNING: may reveal
 passwords).

   --use-certs Use client certificates to authenticate

   -u, --username=username   OMP username

   -w, --password=password   OMP password

   --config-file=config-file Configuration file for connection
 parameters.

   -P, --promptPrompt to exit.

   -O, --get-omp-version   Print OMP version.

   -n, --name=name   Name for create-task.

   -C, --create-task   Create a task.

   -m, --comment=nameComment for create-task.

   -c, --config=config   Config for create-task.

   -r, --rcCreate task with RC read from stdin.

   -t, --target=target   Target for create-task.

   -E, --delete-report Delete one or more reports.

   -D, --delete-task   Delete one or more tasks.

   -R, --get-reportGet report of one task.

   -F, --get-report-formatsGet report formats. (OMP 2.0 only)

   -f, --format=format   Format for get-report.

   -G, --get-tasks Get status of one, many or all tasks.

   -g, --get-configs   Get configs.

   -T, --get-targets   Get targets.

   -i, --pretty-print  In combination with -X, pretty print
 the response.

   -S, --start-taskStart one or more tasks.

   -M, --modify-task   Modify a task.

   --file  Add text in stdin as file on task.

   -X, --xml=command XML command (e.g. help/).  - to
 read from stdin.



 root@BFN-Securscan7:~#



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:05 PM

 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 You can use the 'omp' utility to talk with the openvas manager directly,
 either with some of the prebuilt arguments, or with explicit XML.



 http://www.openvas.org/protocol-doc.html



 On Wed, Aug 13, 2014 at 2:59 PM, Tom Powers t...@sound-solutions.biz
 wrote:

  Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Not sure…how does one try that in the OpenVas 7?  I made the jump from 3
 to 7 here…so I’m sure I’ve missed some of the commands along the way



 All insight is appreciated



 Thanks


 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 2:52 PM
 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Can you create targets with raw OMP?



 On Wed, Aug 13, 2014 at 2:45 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Hello Openvas..





 I have a fresh build of Open Vas 7 running on Ubuntu 14.04. Installed
 from sources. Install went great.



 Current versions of each app are:



 Libraries 7.01

 Scanner 4.01

 Manager 5.0

 GSAD 5.0

 CLI 1.30



 Openvas-check comes back perfectly clean.



 I can log into the Greenbone web console. When I try to add a target, or
 a credential, the site simply sits there. it doesn’t time out, it doesn’t
 fail, and it’s not frozen because I can navigate to other parts of the GSAD
 site….yet the credential or the target, or whatever, never gets created.



 What could be the issue and where can I go to start looking for a
 problem? The GSAD, Scanner, and Manager log files are all clean



 Thanks



 Tom Powers


 --

 Sound Solutions, Inc

Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take credentials, hosts or tasks

2014-08-14 Thread Brandon Perry

Is openvasmd running?


On Wed, Aug 13, 2014 at 3:33 PM, Tom Powers t...@sound-solutions.biz
wrote:


  Sound Solutions, Inc.
 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 OK…tried that…and it came back and asked for a password. I entered the
 admin one (as that’s the only one I have setup)  and it said : Failed to
 Acquire socket.



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:27 PM

 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 This will basically tell you whether the manager or GSA is the issue.



 On Wed, Aug 13, 2014 at 3:26 PM, Brandon Perry bperry.volat...@gmail.com
 wrote:

 Yep, you will need to build a small XML snippet to create a target, then
 you can use --get-targets to ensure it was created:



 omp --xml=create_targetnameAll GNU/Linux 
 machines/namehosts192.168.1.0/24/hosts/create_target

 omp --get-targets



 On Wed, Aug 13, 2014 at 3:23 PM, Tom Powers t...@sound-solutions.biz
 wrote:

  Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Looks promising…but I must be stuck on a syntax error or something.  The
 commands on the OMP site documentation don't match what I get when I tryp
 omp --help



 I get this for options…and all I see is create task, no create credentials
 or targets



 root@BFN-Securscan7:~# omp --help

 Usage:

   omp [OPTION...] - OpenVAS OMP Command Line Interface



 Help Options:

   -?, --help  Show help options



 Application Options:

   -h, --host=host   Connect to manager on host host

   -p, --port=number Use port number number

   -V, --version   Print version.

   -v, --verbose   Verbose messages (WARNING: may reveal
 passwords).

   --use-certs Use client certificates to authenticate

   -u, --username=username   OMP username

   -w, --password=password   OMP password

   --config-file=config-file Configuration file for connection
 parameters.

   -P, --promptPrompt to exit.

   -O, --get-omp-version   Print OMP version.

   -n, --name=name   Name for create-task.

   -C, --create-task   Create a task.

   -m, --comment=nameComment for create-task.

   -c, --config=config   Config for create-task.

   -r, --rcCreate task with RC read from stdin.

   -t, --target=target   Target for create-task.

   -E, --delete-report Delete one or more reports.

   -D, --delete-task   Delete one or more tasks.

   -R, --get-reportGet report of one task.

   -F, --get-report-formatsGet report formats. (OMP 2.0 only)

   -f, --format=format   Format for get-report.

   -G, --get-tasks Get status of one, many or all tasks.

   -g, --get-configs   Get configs.

   -T, --get-targets   Get targets.

   -i, --pretty-print  In combination with -X, pretty print the
 response.

   -S, --start-taskStart one or more tasks.

   -M, --modify-task   Modify a task.

   --file  Add text in stdin as file on task.

   -X, --xml=command XML command (e.g. help/).  - to
 read from stdin.



 root@BFN-Securscan7:~#



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:05 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 You can use the 'omp' utility to talk with the openvas manager directly,
 either with some of the prebuilt arguments, or with explicit XML.



 http://www.openvas.org/protocol-doc.html



 On Wed, Aug 13, 2014 at 2:59 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Not sure…how does one try that in the OpenVas 7?  I made the jump from 3
 to 7 here…so I’m sure I’ve missed some of the commands along the way



 All insight is appreciated



 Thanks


 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 2:52 PM
 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Can you create targets with raw OMP?



 On Wed, Aug 13, 2014 at 2:45 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Hello Openvas..





 I have a fresh build of Open Vas 7 running on Ubuntu 14.04. Installed from
 sources. Install went great.



 Current versions of each app

Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take credentials, hosts or tasks

2014-08-14 Thread Brandon Perry

Glad to help!


On Wed, Aug 13, 2014 at 3:46 PM, Tom Powers t...@sound-solutions.biz
wrote:


  Sound Solutions, Inc.
 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 OK…that’s what I did and I got a successful response.



 When I listed out the –get-targets omp command, I actually saw the ones I
 tried to create in GSAD.



 So I go back into GSAD and it shows my targets and my credentials that I
 tried to create before.



 That’s interesting.  Nonetheless…it seems to be working now…it’s taking
 tasks through the GSAD…so whatever was hung up is OK now.



 Must have been the OMP commands because I restarted this thing a truck
 load of times trying to see if it clears up.



 Thanks for all your help





 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:41 PM

 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 You can pass -u and -w (username and password, respectively) as arguments
 as well.



 On Wed, Aug 13, 2014 at 3:39 PM, Tom Powers t...@sound-solutions.biz
 wrote:

  Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 I just restarted all the services as you asked that. They all came back up
 fine…and it now says “Failed to authenticate”



 Do I need a username and password in this XML string to correctly Identify
 myself?

 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:36 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Is openvasmd running?



 On Wed, Aug 13, 2014 at 3:33 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 OK…tried that…and it came back and asked for a password. I entered the
 admin one (as that’s the only one I have setup)  and it said : Failed to
 Acquire socket.



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:27 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 This will basically tell you whether the manager or GSA is the issue.



 On Wed, Aug 13, 2014 at 3:26 PM, Brandon Perry bperry.volat...@gmail.com
 wrote:

 Yep, you will need to build a small XML snippet to create a target, then
 you can use --get-targets to ensure it was created:



 omp --xml=create_targetnameAll GNU/Linux 
 machines/namehosts192.168.1.0/24/hosts/create_target

 omp --get-targets



 On Wed, Aug 13, 2014 at 3:23 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Looks promising…but I must be stuck on a syntax error or something.  The
 commands on the OMP site documentation don't match what I get when I tryp
 omp --help



 I get this for options…and all I see is create task, no create credentials
 or targets



 root@BFN-Securscan7:~# omp --help

 Usage:

   omp [OPTION...] - OpenVAS OMP Command Line Interface



 Help Options:

   -?, --help  Show help options



 Application Options:

   -h, --host=host   Connect to manager on host host

   -p, --port=number Use port number number

   -V, --version   Print version.

   -v, --verbose   Verbose messages (WARNING: may reveal
 passwords).

   --use-certs Use client certificates to authenticate

   -u, --username=username   OMP username

   -w, --password=password   OMP password

   --config-file=config-file Configuration file for connection
 parameters.

   -P, --promptPrompt to exit.

   -O, --get-omp-version   Print OMP version.

   -n, --name=name   Name for create-task.

   -C, --create-task   Create a task.

   -m, --comment=nameComment for create-task.

   -c, --config=config   Config for create-task.

   -r, --rcCreate task with RC read from stdin.

   -t, --target=target   Target for create-task.

   -E, --delete-report Delete one or more reports.

   -D, --delete-task   Delete one or more tasks.

   -R, --get-reportGet report of one task.

   -F, --get-report-formatsGet report formats. (OMP 2.0 only)

   -f, --format=format   Format for get-report.

   -G, --get-tasks Get status of one, many or all tasks.

   -g, --get-configs   Get configs.

   -T, --get-targets   Get targets.

   -i, --pretty-print  In combination with -X, pretty print the
 response.

   -S

Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take credentials, hosts or tasks

2014-08-14 Thread Brandon Perry

You can pass -u and -w (username and password, respectively) as arguments
as well.


On Wed, Aug 13, 2014 at 3:39 PM, Tom Powers t...@sound-solutions.biz
wrote:


  Sound Solutions, Inc.
 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 I just restarted all the services as you asked that. They all came back up
 fine…and it now says “Failed to authenticate”



 Do I need a username and password in this XML string to correctly Identify
 myself?

 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:36 PM

 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Is openvasmd running?



 On Wed, Aug 13, 2014 at 3:33 PM, Tom Powers t...@sound-solutions.biz
 wrote:

  Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 OK…tried that…and it came back and asked for a password. I entered the
 admin one (as that’s the only one I have setup)  and it said : Failed to
 Acquire socket.



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:27 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 This will basically tell you whether the manager or GSA is the issue.



 On Wed, Aug 13, 2014 at 3:26 PM, Brandon Perry bperry.volat...@gmail.com
 wrote:

 Yep, you will need to build a small XML snippet to create a target, then
 you can use --get-targets to ensure it was created:



 omp --xml=create_targetnameAll GNU/Linux 
 machines/namehosts192.168.1.0/24/hosts/create_target

 omp --get-targets



 On Wed, Aug 13, 2014 at 3:23 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Looks promising…but I must be stuck on a syntax error or something.  The
 commands on the OMP site documentation don't match what I get when I tryp
 omp --help



 I get this for options…and all I see is create task, no create credentials
 or targets



 root@BFN-Securscan7:~# omp --help

 Usage:

   omp [OPTION...] - OpenVAS OMP Command Line Interface



 Help Options:

   -?, --help  Show help options



 Application Options:

   -h, --host=host   Connect to manager on host host

   -p, --port=number Use port number number

   -V, --version   Print version.

   -v, --verbose   Verbose messages (WARNING: may reveal
 passwords).

   --use-certs Use client certificates to authenticate

   -u, --username=username   OMP username

   -w, --password=password   OMP password

   --config-file=config-file Configuration file for connection
 parameters.

   -P, --promptPrompt to exit.

   -O, --get-omp-version   Print OMP version.

   -n, --name=name   Name for create-task.

   -C, --create-task   Create a task.

   -m, --comment=nameComment for create-task.

   -c, --config=config   Config for create-task.

   -r, --rcCreate task with RC read from stdin.

   -t, --target=target   Target for create-task.

   -E, --delete-report Delete one or more reports.

   -D, --delete-task   Delete one or more tasks.

   -R, --get-reportGet report of one task.

   -F, --get-report-formatsGet report formats. (OMP 2.0 only)

   -f, --format=format   Format for get-report.

   -G, --get-tasks Get status of one, many or all tasks.

   -g, --get-configs   Get configs.

   -T, --get-targets   Get targets.

   -i, --pretty-print  In combination with -X, pretty print the
 response.

   -S, --start-taskStart one or more tasks.

   -M, --modify-task   Modify a task.

   --file  Add text in stdin as file on task.

   -X, --xml=command XML command (e.g. help/).  - to
 read from stdin.



 root@BFN-Securscan7:~#



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:05 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 You can use the 'omp' utility to talk with the openvas manager directly,
 either with some of the prebuilt arguments, or with explicit XML.



 http://www.openvas.org/protocol-doc.html



 On Wed, Aug 13, 2014 at 2:59 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Not sure…how does one try that in the OpenVas 7?  I made the jump from 3
 to 7 here…so I’m sure I’ve

Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take credentials, hosts or tasks

2014-08-15 Thread Brandon Perry

Yes, you would use that exact XML command to create your credentials.


On Thu, Aug 14, 2014 at 1:32 PM, Tom Powers t...@sound-solutions.biz
wrote:


  Sound Solutions, Inc.
 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Might have spoken too soon…



 Looks like I can create targets just fine…but Credentials…are a no go….it
 sits and hangs on the  credentials



 Would I use the create_lsc_credentials manually in omp to check this?


 TP

 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:48 PM

 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Glad to help!



 On Wed, Aug 13, 2014 at 3:46 PM, Tom Powers t...@sound-solutions.biz
 wrote:

  Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 OK…that’s what I did and I got a successful response.



 When I listed out the –get-targets omp command, I actually saw the ones I
 tried to create in GSAD.



 So I go back into GSAD and it shows my targets and my credentials that I
 tried to create before.



 That’s interesting.  Nonetheless…it seems to be working now…it’s taking
 tasks through the GSAD…so whatever was hung up is OK now.



 Must have been the OMP commands because I restarted this thing a truck
 load of times trying to see if it clears up.



 Thanks for all your help





 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:41 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 You can pass -u and -w (username and password, respectively) as arguments
 as well.



 On Wed, Aug 13, 2014 at 3:39 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 I just restarted all the services as you asked that. They all came back up
 fine…and it now says “Failed to authenticate”



 Do I need a username and password in this XML string to correctly Identify
 myself?

 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:36 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Is openvasmd running?



 On Wed, Aug 13, 2014 at 3:33 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 OK…tried that…and it came back and asked for a password. I entered the
 admin one (as that’s the only one I have setup)  and it said : Failed to
 Acquire socket.



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:27 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 This will basically tell you whether the manager or GSA is the issue.



 On Wed, Aug 13, 2014 at 3:26 PM, Brandon Perry bperry.volat...@gmail.com
 wrote:

 Yep, you will need to build a small XML snippet to create a target, then
 you can use --get-targets to ensure it was created:



 omp --xml=create_targetnameAll GNU/Linux 
 machines/namehosts192.168.1.0/24/hosts/create_target

 omp --get-targets



 On Wed, Aug 13, 2014 at 3:23 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Looks promising…but I must be stuck on a syntax error or something.  The
 commands on the OMP site documentation don't match what I get when I tryp
 omp --help



 I get this for options…and all I see is create task, no create credentials
 or targets



 root@BFN-Securscan7:~# omp --help

 Usage:

   omp [OPTION...] - OpenVAS OMP Command Line Interface



 Help Options:

   -?, --help  Show help options



 Application Options:

   -h, --host=host   Connect to manager on host host

   -p, --port=number Use port number number

   -V, --version   Print version.

   -v, --verbose   Verbose messages (WARNING: may reveal
 passwords).

   --use-certs Use client certificates to authenticate

   -u, --username=username   OMP username

   -w, --password=password   OMP password

   --config-file=config-file Configuration file for connection
 parameters.

   -P, --promptPrompt to exit.

   -O, --get-omp-version   Print OMP version.

   -n, --name=name   Name for create-task.

   -C, --create-task   Create a task.

   -m, --comment=nameComment for create-task.

   -c, --config=config

Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take credentials, hosts or tasks

2014-08-15 Thread Brandon Perry

I am really not sure, it sounds like a lock on the sqlite databases perhaps.

Can you kill the omp command that is hanging, then use lsof to figure out
if another process has locked the sqlite db?


On Thu, Aug 14, 2014 at 1:47 PM, Tom Powers t...@sound-solutions.biz
wrote:


  Sound Solutions, Inc.
 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 OK…here's what I tried



 omp
 --xml=create_lsc_credentialnametestcreds/nameloginDOWNTOWN\test/loginpassword12345/password/create_lsc_credentials
 --username=admin --password=password





 And it just hangs there.



 And yes…right now the admin user is admin with a password of password.
 The Credential I am trying to make is an smb login to a windows domain



 Ideas?


 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Thursday, August 14, 2014 1:34 PM

 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Yes, you would use that exact XML command to create your credentials.



 On Thu, Aug 14, 2014 at 1:32 PM, Tom Powers t...@sound-solutions.biz
 wrote:

  Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Might have spoken too soon…



 Looks like I can create targets just fine…but Credentials…are a no go….it
 sits and hangs on the  credentials



 Would I use the create_lsc_credentials manually in omp to check this?


 TP

 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:48 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Glad to help!



 On Wed, Aug 13, 2014 at 3:46 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 OK…that’s what I did and I got a successful response.



 When I listed out the –get-targets omp command, I actually saw the ones I
 tried to create in GSAD.



 So I go back into GSAD and it shows my targets and my credentials that I
 tried to create before.



 That’s interesting.  Nonetheless…it seems to be working now…it’s taking
 tasks through the GSAD…so whatever was hung up is OK now.



 Must have been the OMP commands because I restarted this thing a truck
 load of times trying to see if it clears up.



 Thanks for all your help





 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:41 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 You can pass -u and -w (username and password, respectively) as arguments
 as well.



 On Wed, Aug 13, 2014 at 3:39 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 I just restarted all the services as you asked that. They all came back up
 fine…and it now says “Failed to authenticate”



 Do I need a username and password in this XML string to correctly Identify
 myself?

 TP



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:36 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 Is openvasmd running?



 On Wed, Aug 13, 2014 at 3:33 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 OK…tried that…and it came back and asked for a password. I entered the
 admin one (as that’s the only one I have setup)  and it said : Failed to
 Acquire socket.



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Wednesday, August 13, 2014 3:27 PM


 *To:* Tom Powers
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take
 credentials, hosts or tasks



 This will basically tell you whether the manager or GSA is the issue.



 On Wed, Aug 13, 2014 at 3:26 PM, Brandon Perry bperry.volat...@gmail.com
 wrote:

 Yep, you will need to build a small XML snippet to create a target, then
 you can use --get-targets to ensure it was created:



 omp --xml=create_targetnameAll GNU/Linux 
 machines/namehosts192.168.1.0/24/hosts/create_target

 omp --get-targets



 On Wed, Aug 13, 2014 at 3:23 PM, Tom Powers t...@sound-solutions.biz
 wrote:

   Sound Solutions, Inc.

 8400 Highland Dr.
 Wausau, WI 54401
 Tel: 715-842-7665
 Fax: 715-842-7620

 Looks promising…but I must be stuck on a syntax error or something.  The
 commands on the OMP site documentation don't match what I get when I tryp
 omp --help



 I get this for options…and all I see is create task, no create credentials

Re: [Openvas-discuss] 7 task in paralell

2014-08-15 Thread Brandon Perry

Yes, I didn't mean it SQLite wasn't supported out of the box, I meant it
would be awesome if it were supported out of the box, with an option to use
pgsql. :)


On Fri, Aug 15, 2014 at 2:17 AM, Jan-Oliver Wagner 
jan-oliver.wag...@greenbone.net wrote:

 On Donnerstag, 14. August 2014, Brandon Perry wrote:
  TBH it would actually be awesome if SQLite were supported out of the box,

 to my understanding it is supported out of the box ... ?


  but you could configure OpenVAS to use PostgreSQL. Would resolve this
  issue, and would allow you to reduce IO during scans on the engine, and
 put
  it on a dedicated database.

 The PostgreSQL backend will be supported from OpenVAS-8 on. Current
 trunk version is not yet fully functional.



 --
 Dr. Jan-Oliver Wagner |  +49-541-335084-0  |  http://www.greenbone.net/
 Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück,
 HR B 202460
 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Openvas metasploit msfconsole

2014-08-23 Thread Brandon Perry

You should open up a bug with this on the metasploit-framework github issue
tracker. You can also cc @brandonprry on it.


On Fri, Aug 22, 2014 at 6:13 AM, Jack Daniels 
jackdaniels7...@googlemail.com wrote:

 Hello all.

 This might be a silly mistake, but I am stuck, please help me out.


 I am using openvas 4.0 in metasploit msf console.

 I am able to perform scan on local lan. I am able to export that scan to
 my local drive.

 But I am unable to import scan report in to console database using 
 *openvas_report_import
 11 5, * the response was like


 msf  openvas_report_import 11 5
 [*] Importing report to database.
 [-] Error while running command openvas_report_import: Could not
 automatically determine file type

 Call stack:
 /usr/share/metasploit-framework/lib/msf/core/db.rb:3178:in
 `import_filetype_detect'
 /usr/share/metasploit-framework/lib/msf/core/db.rb:2953:in `import'
 /usr/share/metasploit-framework/plugins/openvas.rb:527:in
 `cmd_openvas_report_import'
 /usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:427:in
 `run_command'
 /usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:389:in
 `block in run_single'
 /usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:383:in
 `each'
 /usr/share/metasploit-framework/lib/rex/ui/text/dispatcher_shell.rb:383:in
 `run_single'
 /usr/share/metasploit-framework/lib/rex/ui/text/shell.rb:200:in `run'
 /usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:15:in
 `start'
 /usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in
 `start'
 /opt/metasploit/apps/pro/msf3/msfconsole:22:in `main'
 msf 


 when I tried to do *openvas_report_import 11 8, * the response was like

 msf 
 msf  openvas_report_import 11 8
 [*] Importing report to database.
 [-] Error while running command openvas_report_import: could not connect
 to server: Connection refused
 Is the server running on host 192.168.56.102 and accepting
  TCP/IP connections on port 5432?


 Call stack:
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:1222:in
 `initialize'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:1222:in
 `new'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:1222:in
 `connect'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:324:in
 `initialize'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:28:in
 `new'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/postgresql_adapter.rb:28:in
 `postgresql_connection'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:315:in
 `new_connection'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:325:in
 `checkout_new_connection'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:247:in
 `block (2 levels) in checkout'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:242:in
 `loop'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:242:in
 `block in checkout'
 /usr/lib/ruby/1.9.1/monitor.rb:211:in `mon_synchronize'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:239:in
 `checkout'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:102:in
 `block in connection'
 /usr/lib/ruby/1.9.1/monitor.rb:211:in `mon_synchronize'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:101:in
 `connection'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:410:in
 `retrieve_connection'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_specification.rb:171:in
 `retrieve_connection'
 /opt/metasploit/apps/pro/vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_specification.rb:145:in
 `connection'

Re: [Openvas-discuss] Credentialed Scans - Not Working

2014-09-09 Thread Brandon Perry

Did you install openvas from the Atomic repos? What version of openvas are
you using?

Do credentialed scans for SSH on linux boxen work? Is it just SMB that is
not behaving as you expect?

On Tue, Sep 9, 2014 at 10:13 AM, Turner, Jonas jotur...@hcr-manorcare.com
wrote:

  I have tried it several ways up and down and still am having no luck.  I
 have read other posts about this and I haven’t seen actual results that
 stated the scans work with credentials.  I have three different
 credentials, all have been verified with NeXpose as a test.  I have scanned
 a range three times with all three credentials and all the results are the
 same with the no credentialed scan.  I tried the local admin on the machine
 and two other domain accounts.  I put in COMPANY\USERNAME and then a
 password, and the results are the same.  I installed OpenVAS using “yum
 install openvas” and I saw that wmi is installed, which I assumed would be
 “supported” for the wmi-client portion.  I cannot seem to verify that it is
 though since I am not compiling it and can see the actual results.  Any way
 to verify that it’s working correctly? Could this be the issue?



 *Jonas Turner │ Security Analyst II*

 *Ph: 419.254.4890 419.254.4890│Fax: 419.252.5557 419.252.5557*

 *E-mail:  **jotur...@hcr-manorcare.com jotur...@hcr-manorcare.com*



 CONFIDENTIALITY NOTICE The information contained in this transmission is
 intended only for the person or entity to which it is addressed and may
 contain confidential and/or privileged material. If you are not the
 intended recipient of this information, do not review, retransmit,
 disclose, disseminate, use, or take any action in reliance upon, this
 information. If you received this transmission in error, please contact the
 sender, destroy all printed copies, and delete the material from all
 computers.   

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] arachni, etc.

2014-09-30 Thread Brandon Perry

Not sure about those at all.

On Tue, Sep 30, 2014 at 3:06 PM, Jack Harvey ja...@synnex.com wrote:

  So I just clone the desired config, edit and UN-select both wapiti and
 arachni.  Are there any others?  I ask because previously dirb and nikto
 gave similar “can’t be found, etc.’ messages.

 I believe this is not currently the case with them.



 Jack Harvey  RHCE CISSP

 Synnex Corporation

 864-349-4939



 *From:* Brandon Perry [mailto:bperry.volat...@gmail.com]
 *Sent:* Tuesday, September 30, 2014 3:59 PM
 *To:* Jack Harvey
 *Cc:* Reindl Harald; openvas-discuss@wald.intevation.org

 *Subject:* Re: [Openvas-discuss] arachni, etc.



 Arachni and wapiti I would highly recommend running separately from
 OpenVAS. These tools can be highly customized to be as effective as
 possible for web applications, and any generic check that runs them will
 certainly not be the optimal settings for your web applications.



 In fact, archni just went through a major rewrite, most of the command
 line arguments have been changed. I would not be surprised if the arachni
 check were broken by this latest rewrite.



 These should be separate touch points in your environment scanning and not
 be embedded in a solution like OpenVAS.



 On Tue, Sep 30, 2014 at 2:54 PM, Jack Harvey ja...@synnex.com wrote:

 Thanks!  I'll disable arachni.  What about the wapiti-related messages?

 Jack Harvey  RHCE CISSP
 Synnex Corporation
 864-349-4939

 -Original Message-
 From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org]
 On Behalf Of Reindl Harald
 Sent: Tuesday, September 30, 2014 3:45 PM
 To: openvas-discuss@wald.intevation.org
 Subject: Re: [Openvas-discuss] arachni, etc.


 Am 30.09.2014 um 21:39 schrieb Jack Harvey:
  I realize this has been asked...and asked...and...but enquiring minds
 want
  to know...
 
  OpenVAS v7 install via atomic repo  includes in the pre-built scan
  configs components arachni and wapiti (and of course others)
 
  I am getting this when I run a scan using Full and very deep ultimate
 config:
 
  Vulnerability Detection Result:
  arachni report filename is empty. that could mean that wrong version
  of arachni is used or tmp dir is not accessible.
  In short: check installation of arachni and OpenVAS
 
  I found this which was posted 2/22/2013 by Tasos Laskos:
 
  I'm sorry, that OpenVAS plugin was written a long time ago by a
  third-party and has been incompatible with Arachni for a long time.
 
  It's not supported by the Arachni project nor OpenVAS and from what I
  remember it used to parse the text report using regular expressions
  (which is a really unreliable way to extract the necessary information)
 so you're actually better off being unable to use it.
 
  Should I disable the arachni NASL wrapper?

 * openvas should not ship it for years
 * atomic should not add it to deps for years

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss





 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] arachni, etc.

2014-10-01 Thread Brandon Perry

I agree that utilities like dirb and nikto are useful as plugins for
OpenVAS since these are generally applicable to any web server.

Arachni and wapiti require such application specific configurations that I
wouldn't want to give people using OpenVAS the idea that running arachni
through OpenVAS is as good as running it independently. Both are very
powerful (particularly arachni), but I do think they almost serve a
different purpose than OpenVAS in that OpenVAS in my mind is about finding
and remediating known vulnerabilities such as missing patches and a /backup
folder on a web server.

Finding SQL injections and XSS should be in the development lifecycle, not
the patch management and insecure configuration discovery.

Just my 2c.


On Wed, Oct 1, 2014 at 8:51 AM, Geoff Galitz ge...@galitz.org wrote:


 FWIW, openvas as a wrapper around other established tools/projects is half
 the point of openvas (to me anyways).  It would be great if the project
 somehow identifies what needs to be done to get these to work again.
 There's no real reason the appropriate scripts/configs cannot be edited or
 added..  just lack of develpment resources.

 It's not my intention to whine about technical debt and inefficiencies...
 but it's something to consider as the project continues to gain momentum
 and moves forward.

 We've stopped using openvas on some projects as a result of these
 not-really-supported and mostly broken plugins that cause more trouble
 than they're worth.

 -G



  I have (at least) one last question regarding components.  The version of
  nmap which I end up with after the install is 6.47.  It seems I had
  recently encountered something
  Indicating nmap (somewhere around) 5.51 as the preferred version.  Could
  someone please elaborate on the appropriate version of nmap?
  Thanks in advance for your help!
 
  Jack Harvey  RHCE CISSP
  Synnex Corporation
  864-349-4939
 
  -Original Message-
  From: Openvas-discuss [mailto:
 openvas-discuss-boun...@wald.intevation.org]
  On Behalf Of Reindl Harald
  Sent: Tuesday, September 30, 2014 3:45 PM
  To: openvas-discuss@wald.intevation.org
  Subject: Re: [Openvas-discuss] arachni, etc.
 
 
  Am 30.09.2014 um 21:39 schrieb Jack Harvey:
  I realize this has been asked...and asked...and...but enquiring minds
  want
  to know...
 
  OpenVAS v7 install via atomic repo  includes in the pre-built scan
  configs components arachni and wapiti (and of course others)
 
  I am getting this when I run a scan using Full and very deep ultimate
  config:
 
  Vulnerability Detection Result:
  arachni report filename is empty. that could mean that wrong version
  of arachni is used or tmp dir is not accessible.
  In short: check installation of arachni and OpenVAS
 
  I found this which was posted 2/22/2013 by Tasos Laskos:
 
  I'm sorry, that OpenVAS plugin was written a long time ago by a
  third-party and has been incompatible with Arachni for a long time.
 
  It's not supported by the Arachni project nor OpenVAS and from what I
  remember it used to parse the text report using regular expressions
  (which is a really unreliable way to extract the necessary information)
  so you're actually better off being unable to use it.
 
  Should I disable the arachni NASL wrapper?
 
  * openvas should not ship it for years
  * atomic should not add it to deps for years
 
  ___
  Openvas-discuss mailing list
  Openvas-discuss@wald.intevation.org
 
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
 


 --
 Geoff Galitz
 http://www.galitz.org

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] arachni, etc.

2014-10-01 Thread Brandon Perry

I will also admit however that I do not use OpenVAS as a pen-tester, as
others might. My use cases could obviously differ from those of another
OpenVAS user. :)

On Wed, Oct 1, 2014 at 9:52 AM, Brandon Perry bperry.volat...@gmail.com
wrote:

 I agree that utilities like dirb and nikto are useful as plugins for
 OpenVAS since these are generally applicable to any web server.

 Arachni and wapiti require such application specific configurations that I
 wouldn't want to give people using OpenVAS the idea that running arachni
 through OpenVAS is as good as running it independently. Both are very
 powerful (particularly arachni), but I do think they almost serve a
 different purpose than OpenVAS in that OpenVAS in my mind is about finding
 and remediating known vulnerabilities such as missing patches and a /backup
 folder on a web server.

 Finding SQL injections and XSS should be in the development lifecycle, not
 the patch management and insecure configuration discovery.

 Just my 2c.


 On Wed, Oct 1, 2014 at 8:51 AM, Geoff Galitz ge...@galitz.org wrote:


 FWIW, openvas as a wrapper around other established tools/projects is half
 the point of openvas (to me anyways).  It would be great if the project
 somehow identifies what needs to be done to get these to work again.
 There's no real reason the appropriate scripts/configs cannot be edited or
 added..  just lack of develpment resources.

 It's not my intention to whine about technical debt and inefficiencies...
 but it's something to consider as the project continues to gain momentum
 and moves forward.

 We've stopped using openvas on some projects as a result of these
 not-really-supported and mostly broken plugins that cause more trouble
 than they're worth.

 -G



  I have (at least) one last question regarding components.  The version
 of
  nmap which I end up with after the install is 6.47.  It seems I had
  recently encountered something
  Indicating nmap (somewhere around) 5.51 as the preferred version.  Could
  someone please elaborate on the appropriate version of nmap?
  Thanks in advance for your help!
 
  Jack Harvey  RHCE CISSP
  Synnex Corporation
  864-349-4939
 
  -Original Message-
  From: Openvas-discuss [mailto:
 openvas-discuss-boun...@wald.intevation.org]
  On Behalf Of Reindl Harald
  Sent: Tuesday, September 30, 2014 3:45 PM
  To: openvas-discuss@wald.intevation.org
  Subject: Re: [Openvas-discuss] arachni, etc.
 
 
  Am 30.09.2014 um 21:39 schrieb Jack Harvey:
  I realize this has been asked...and asked...and...but enquiring minds
  want
  to know...
 
  OpenVAS v7 install via atomic repo  includes in the pre-built scan
  configs components arachni and wapiti (and of course others)
 
  I am getting this when I run a scan using Full and very deep ultimate
  config:
 
  Vulnerability Detection Result:
  arachni report filename is empty. that could mean that wrong version
  of arachni is used or tmp dir is not accessible.
  In short: check installation of arachni and OpenVAS
 
  I found this which was posted 2/22/2013 by Tasos Laskos:
 
  I'm sorry, that OpenVAS plugin was written a long time ago by a
  third-party and has been incompatible with Arachni for a long time.
 
  It's not supported by the Arachni project nor OpenVAS and from what I
  remember it used to parse the text report using regular expressions
  (which is a really unreliable way to extract the necessary information)
  so you're actually better off being unable to use it.
 
  Should I disable the arachni NASL wrapper?
 
  * openvas should not ship it for years
  * atomic should not add it to deps for years
 
  ___
  Openvas-discuss mailing list
  Openvas-discuss@wald.intevation.org
 
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
 


 --
 Geoff Galitz
 http://www.galitz.org

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] arachni, etc.

2014-10-01 Thread Brandon Perry

If you want to perform possibly destructive web audit scans on production
systems, that is fine.


I think you are taking what I said and making an overly-general statement
about any kind of security scanning.

On Wed, Oct 1, 2014 at 10:21 AM, Reindl Harald h.rei...@thelounge.net
wrote:



 Am 01.10.2014 um 16:52 schrieb Brandon Perry:
  I agree that utilities like dirb and nikto are useful as plugins for
 OpenVAS since these are generally applicable
  to any web server.
 
  Arachni and wapiti require such application specific configurations that
 I wouldn't want to give people using
  OpenVAS the idea that running arachni through OpenVAS is as good as
 running it independently. Both are very
  powerful (particularly arachni), but I do think they almost serve a
 different purpose than OpenVAS in that OpenVAS
  in my mind is about finding and remediating known vulnerabilities such
 as missing patches and a /backup folder on a
  web server.
 
  Finding SQL injections and XSS should be in the development lifecycle,
 not the patch management and insecure
  configuration discovery

 no - finding SQL injections and XSS is *by definition* the purpose of a
 security scan


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Parsing OpenVAS XML from Dradis

2014-10-06 Thread Brandon Perry

TBH there should be a published XSD of the XML report so that programs can
validate the reports they are getting against them, and so that multiple
versions of the reports can be supported.

On Mon, Oct 6, 2014 at 4:31 AM, Matthew Mundell 
matthew.mund...@greenbone.net wrote:

  I don't think I made my self clear.
 
  We don't have access to the OpenVAS instance, can't run any commands
  against it.
 
  As far as I understand the results XML has nothing to do with the OMP or
  OAP protocols (but I may be wrong here).

 The report is part of the GET_REPORTS command response.  So the results XML
 is part of OMP.  Here are the static OMP docs:

 http://openvas.org/protocol-doc.html

 The way to get the OMP version is with GET_VERSION, like Hani said.

 You could check that the tags like summary are there, and if not, search
 in the description.

 --
 Greenbone Networks GmbH
 Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS OMP CLI Examples :Comprehensive Configuration Guide/Tutorial?

2014-10-13 Thread Brandon Perry

All of the omp protocol documentation lives here;

http://www.openvas.org/protocol-doc.html

On Mon, Oct 13, 2014 at 11:37 AM, Traiano Welcome 
traiano.welc...@alshaya.com wrote:

  Hi



 Is there a through guide or tutorial on how to configure and use OMP via
 the cli ?



 The scattered examples on the net are mostly outdated and incomplete, and
 the documentation on this is pretty thin on actual working examples.



 Thanks in advance!

 Traiano



 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Scanning target behind firewall

2014-10-16 Thread Brandon Perry

Or OpenVPN

On Thu, Oct 16, 2014 at 1:21 PM, Eero Volotinen eero.voloti...@iki.fi
wrote:



 2014-10-16 18:14 GMT+03:00 Nick darknovan...@gmail.com:

 Hello,

 I am a new user of OpenVAS. So far I have successfully used it to do an
 external vulnerability test of my server. However, our firewall blocks many
 of the ports (as it should).


 How about using IPSec ?

 --
 Eero

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVas Disk Requirements

2014-10-28 Thread Brandon Perry

Technically /32 is 'subnet'... How large are your subnets? /16? /22? /24?

On Tue, Oct 28, 2014 at 8:42 AM, Turner, Jonas jotur...@hcr-manorcare.com
wrote:

  I am looking to scan over 650 subnets.  How much disk space do you
 recommend? I am not sure on the data retention at this time, but I would
 assume 30 days at most currently. I was thinking about 250GB would be
 sufficient.  Suggestions?



 *Jonas Turner │ Security Analyst II*

 *Ph: 419.254.4890 419.254.4890│Fax: 419.252.5557 419.252.5557*

 *E-mail:  jotur...@hcr-manorcare.com jotur...@hcr-manorcare.com*



 CONFIDENTIALITY NOTICE The information contained in this transmission is
 intended only for the person or entity to which it is addressed and may
 contain confidential and/or privileged material. If you are not the
 intended recipient of this information, do not review, retransmit,
 disclose, disseminate, use, or take any action in reliance upon, this
 information. If you received this transmission in error, please contact the
 sender, destroy all printed copies, and delete the material from all
 computers.   

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVas Disk Requirements

2014-10-28 Thread Brandon Perry

I think 250gb for 30 days of data retention is just fine. You might use
half of it to be honest.

On Tue, Oct 28, 2014 at 11:38 AM, William Scott Lockwood III 
sc...@guppylog.com wrote:


 On Tue, Oct 28, 2014 at 10:26 AM, Turner, Jonas 
 jotur...@hcr-manorcare.com wrote:

 Correct. My bad. /24. I wanted to break them down as low as I could for
 naming scheme reasons. An easier way would be to do 10.0.0.0/8 but the
 scan would never finish. ;)


 There is a limit to the number of hosts you can have in a single scan as
 well. That greatly exceeds the limit.


 --
 W. Scott Lockwood III




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] nmap custom folder

2014-11-08 Thread Brandon Perry

Just add your custom folder to the beginning of your PATH

On Sat, Nov 8, 2014 at 10:21 AM, paky...@libero.it paky...@libero.it
wrote:

 Hi,
 i have installed openvas and it work properly.
 I want to install nmap on my machine, in this way when i start the scan,
 openvas invoke also nmap.
 I have installed nmap in the default path using ./configure  make  make
 install, and it work fine!

 But now i want install nmap in a my custom folder, so i have installed
 nmap with:
 ./configure --prefix=/my/custom/folder  make   make install

 The problem is that when i start that scan, opens don't invoke nmap
 because it is installed in my custom path :(

 There is an environment variable that i can set??

 Help Me please

 Thank You in advance


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] web vulnerability detection

2014-11-18 Thread Brandon Perry

What's wrong with the apache license? Arachni is awesome. It is modular,
flexible, and incredibly automatable. You can also perform distributed
scans with specific nodes running specific subsets of tests.

On Tue, Nov 18, 2014 at 8:24 AM, Winfried Neessen nees...@cleverbridge.com
wrote:

 Hi,

 I'm pretty happy with Acunetix: http://www.acunetix.com/


 Winni

 --

 *From: *red0queen red0qu...@red-net.info
 *To: *openvas-discuss openvas-discuss@wald.intevation.org
 *Sent: *Tuesday, November 18, 2014 2:05:33 PM
 *Subject: *[Openvas-discuss] web vulnerability detection

 Dear openvas comunity,

 I search a tool to scan vulnerability on web applications. My first try
 was arachni, but I'm not ok with the licence. I've see wapiti, nikto and
 w3af, if anyone had some advice on this tools ?

 I've also see it's possible to use the database of this tools with
 openvas, what is the way ?

 Thanks
 --
 *Red0queen*
 --
 *MÃ¨l* : red0queen(at)red-net(dot)info red0qu...@red-net.info
 *GPG Id* : B75F141B
 www.red-net.info

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] RSYNC Alternative for scapdata-sync

2015-02-19 Thread Brandon Perry

You could set up a local rsync server and mirror the scap data internally,
updating the SCAP mirror over HTTP.

On Thu, Feb 19, 2015 at 9:10 AM, Alter Ego alterego...@gmail.com wrote:

 I am wondering if there is any option or solution to being able to do a
 SYNC of scapdata without the use of RSYNC. I have requested of our network
 team and CISO for unblocking of the RSYNC port 873 through our firewall,
 even if for my OpenVAS system only and the answer has been NO.
 I thought about setting up an external machine to tunnel through in order
 to retrieve the RSYNC from by sending it to my port 80 or 443 and was
 quickly advised that doing so is a violation of our Network Policy
 purposeful workaround of established security procedures.
 I have viewed the script for the Scapdata sync and it seems that there may
 have been an option for utilization of WGET and/or CURL at one point,
 bu the line is now commented with  [w] Download of SCAP data via HTTP is
 currently not supported!.

 Is there no other way to update scapdata outside of RSYNC and if so, may
 I inquire as to why no other option has been or is considered viable?

 Many thanks,

 alterego...@gmail.com

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] RSYNC Alternative for scapdata-sync

2015-02-19 Thread Brandon Perry

While slightly off topic, it may not be his need in and of itself that is
increasing risk.

The problem could very well be, if you open this thing for this user, while
legitimate, now you have other users saying Well you opened this up for
him! Why not open this up for me?. It is easier for the security team to
simply deny anything that doesn't adhere to a given policy. Not saying that
is the correct way to manage security risk, but it is certainly the easiest.

On Thu, Feb 19, 2015 at 12:33 PM, Kevin ktne...@astroturfgarden.com wrote:

 Is there not a specific destination server for the rsync services? What is
 the stated risk of opening rsync to a specific, known destination? How is
 this risk lessened by using http?

 Seems like a knee-jerk security reaction, where that team doesn't
 understand how to do risk assessments.

 /end soapbox

 K
 --
 From: Alter Ego alterego...@gmail.com
 Sent: ‎2/‎19/‎2015 7:11 AM
 To: openvas-discuss@wald.intevation.org
 Subject: [Openvas-discuss] RSYNC Alternative for scapdata-sync

 I am wondering if there is any option or solution to being able to do a
 SYNC of scapdata without the use of RSYNC. I have requested of our network
 team and CISO for unblocking of the RSYNC port 873 through our firewall,
 even if for my OpenVAS system only and the answer has been NO.
 I thought about setting up an external machine to tunnel through in order
 to retrieve the RSYNC from by sending it to my port 80 or 443 and was
 quickly advised that doing so is a violation of our Network Policy
 purposeful workaround of established security procedures.
 I have viewed the script for the Scapdata sync and it seems that there may
 have been an option for utilization of WGET and/or CURL at one point,
 bu the line is now commented with  [w] Download of SCAP data via HTTP is
 currently not supported!.

 Is there no other way to update scapdata outside of RSYNC and if so, may
 I inquire as to why no other option has been or is considered viable?

 Many thanks,

 alterego...@gmail.com

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Handling CentOS False Positives

2015-02-05 Thread Brandon Perry

Are these authenticated or unauthenticated scans?

On Thu, Feb 5, 2015 at 12:22 PM, Kevin T. Neely ktne...@astroturfgarden.com
 wrote:

 Michael,

 Pretty much any check that uses presented banner information on RedHat or
 CentOS will trigger this.  The one I was specifically looking at yesterday
 is  PHP version 5.3 5.3.6 (OID: 1.3.6.1.4.1.25623.1.0.110013) which lists
 a large number of CVEs from 2011, but we have applied the latest 5.3.3 on
 CentOS 5.11, which has those fixes backported.

 Another repeat offender is the OpenSSH installed on the remote host is
 older than 5.7 check.  While it is true that CentOS presents a version
 older than 5.7, the vulnerabilities listed in the OpenVAS check are no
 longer present because the security fixes have been backported.  Sorry, I
 don't have the OID handy for that one.

 thank you!
 K



 On Thu, Feb 5, 2015 at 2:01 AM, Michael Meyer michael.me...@greenbone.net
  wrote:

 *** Kevin T. Neely wrote:

  As a result, I am running into an increasing number of false positives
 when
  scanning CentOS systems

 What kind of false positives? Please give some examples...

 Micha

 --
 Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6
 http://www.greenbone.net/
 Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
 Osnabrück, HR B 202460
 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Handling CentOS False Positives

2015-02-05 Thread Brandon Perry

Are these false positives still present when performing authenticated
scans? Or are you unable to do authenticated patch scans for
technical/political reasons?

On Thu, Feb 5, 2015 at 12:26 PM, Kevin T. Neely ktne...@astroturfgarden.com
 wrote:

 These are unauthenticated scans.

 On Thu, Feb 5, 2015 at 10:24 AM, Brandon Perry bperry.volat...@gmail.com
 wrote:

 Are these authenticated or unauthenticated scans?

 On Thu, Feb 5, 2015 at 12:22 PM, Kevin T. Neely 
 ktne...@astroturfgarden.com wrote:

 Michael,

 Pretty much any check that uses presented banner information on RedHat
 or CentOS will trigger this.  The one I was specifically looking at
 yesterday is  PHP version 5.3 5.3.6 (OID: 1.3.6.1.4.1.25623.1.0.110013)
 which lists a large number of CVEs from 2011, but we have applied the
 latest 5.3.3 on CentOS 5.11, which has those fixes backported.

 Another repeat offender is the OpenSSH installed on the remote host is
 older than 5.7 check.  While it is true that CentOS presents a version
 older than 5.7, the vulnerabilities listed in the OpenVAS check are no
 longer present because the security fixes have been backported.  Sorry, I
 don't have the OID handy for that one.

 thank you!
 K



 On Thu, Feb 5, 2015 at 2:01 AM, Michael Meyer 
 michael.me...@greenbone.net wrote:

 *** Kevin T. Neely wrote:

  As a result, I am running into an increasing number of false
 positives when
  scanning CentOS systems

 What kind of false positives? Please give some examples...

 Micha

 --
 Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6
 http://www.greenbone.net/
 Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
 Osnabrück, HR B 202460
 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org

 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org

 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website





-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] W3af with OpenVAS 8 beta version

2015-01-05 Thread Brandon Perry

Ah, my mistake. Will need to play with this, didn't realize there were new 
mechanisms for this.

Sent from a phone

 On Jan 5, 2015, at 09:49, Michael Meyer michael.me...@greenbone.net wrote:
 
 *** Brandon Perry wrote:
 
 Really shouldn't be doing w3af/arachni/etc scans through OpenVAS to begin
 with. The NASL isn't up to date to the current w3af releases anyway and
 will not work properly.
 
 It's not about w3af through NASL, it's a new concept.
 
 https://svn.wald.intevation.org/svn/openvas/trunk/ospd/
 
 Micha
 
 -- 
 Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6 
 http://www.greenbone.net/
 Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
 Osnabrück, HR B 202460
 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS NVT feed syncing, but new plugins not loading

2015-03-20 Thread Brandon Perry

Have you rebuilt and restarted openvas manager?

On Fri, Mar 20, 2015 at 5:29 PM, Russell Jones russell-l...@jonesmail.me
wrote:

 Hi all,

 I was checking to see if OpenVAS had a FREAK test yet and I see that it
 does (http://plugins.openvas.org/nasl.php?oid=805142). When I check my
 NVT feed I see that the plugin has been downloaded and apparently has been
 loaded enough that it is in the cache:

 [root@scanner 2015]# locate freak_attack
 /var/cache/openvas/2015/gb_openssl_export_rsa_freak_attack.nasl.nvti
 /var/lib/openvas/plugins/2015/gb_openssl_export_rsa_freak_attack.nasl
 /var/lib/openvas/plugins/2015/gb_openssl_export_rsa_freak_attack.nasl.asc


 However if in GSAD I go to SecInfo Management  NVTs and search for FREAK,
 this plugin does not show in the list.

 How do I troubleshoot why this plugin isn't loading? I have done a manual
 nvt-sync, as well as restarted all of the processes.

 Thanks!
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] installing openvas 8 from source on CentOS 7

2015-04-27 Thread Brandon Perry

Within the error message printed is:

 ERROR: No users found. You need to create at least one user to log in.
It is recommended to have at least one user with role Admin.
FIX: create a user by running 'openvasmd --create-user=name
--role=Admin  openvasmd --user=name --new-password=password'

Did you run the create user command in the FIX line and rerun the check
script?

On Mon, Apr 27, 2015 at 1:43 PM, Deepak Jha dee...@eventtracker.com wrote:

  Hi,


  I have copied tasks.db from openvas-6 to openvas-8 system under mgr
 folder.And also copied users folder from openvas6 to openvas 8 system under
 openvas folder.


  I tried running openvasmd --migrate but it completes in seconds.

 running openvas --migrate -v gives below message.


  md   main:  DEBUG:2623:2015-04-27 06h37.43 EDT:sql: ATTACH DATABASE
 '/usr/local/var/lib/openvas/scap-data/scap.db' AS scap;
 md   main:  DEBUG:2623:2015-04-27 06h37.43 EDT:sql: ATTACH DATABASE
 '/usr/local/var/lib/openvas/cert-data/cert.db' AS cert;
 md   main:  DEBUG:2623:2015-04-27 06h37.43 EDT:sql: SELECT count (*)
 FROM main.sqlite_master WHERE type = 'table' AND name = 'meta';
 md   main:  DEBUG:2623:2015-04-27 06h37.43 EDT:sql_x end
 md   main:  DEBUG:2623:2015-04-27 06h37.43 EDT:sql: SELECT value FROM
 main.meta WHERE name = 'database_version' LIMIT 1;
 md   main:  DEBUG:2623:2015-04-27 06h37.43 EDT:sql_x end


  running ./openvas-check-setup shows below message.


  Step 1: Checking OpenVAS Scanner ...
 OK: OpenVAS Scanner is present in version 5.0.1.
 OK: OpenVAS Scanner CA Certificate is present as
 /usr/local/var/lib/openvas/CA/cacert.pem.
 OK: NVT collection in /usr/local/var/lib/openvas/plugins contains
 38674 NVTs.
 WARNING: Signature checking of NVTs is not enabled in OpenVAS
 Scanner.
 SUGGEST: Enable signature checking (see
 http://www.openvas.org/trusted-nvts.html).
 OK: The NVT cache in /usr/local/var/cache/openvas contains 38674
 files for 38674 NVTs.
 OK: redis-server is present in version v=2.8.19.
 OK: scanner (kb_location setting) is configured properly using the
 redis-server socket: /tmp/redis.sock
 OK: redis-server is running and listening on socket:
 /tmp/redis.sock.
 OK: redis-server configuration is OK and redis-server is running.
 Step 2: Checking OpenVAS Manager ...
 OK: OpenVAS Manager is present in version 6.0.1.
 OK: OpenVAS Manager client certificate is present as
 /usr/local/var/lib/openvas/CA/clientcert.pem.
 OK: OpenVAS Manager database found in
 /usr/local/var/lib/openvas/mgr/tasks.db.
 OK: Access rights for the OpenVAS Manager database are correct.
 ERROR: No users found. You need to create at least one user to log
 in.
 It is recommended to have at least one user with role Admin.
 FIX: create a user by running 'openvasmd --create-user=name
 --role=Admin  openvasmd --user=name --new-password=password'

  ERROR: Your OpenVAS-8 installation is not yet complete!


  Please let me know am i missing some steps.

 can you please let me know after copying users directory and Tasks.db from
 openvas-6 to openvas-8 what all steps i have to follow?


  Regards,
 Deepak jha


 -


  On Samstag, 25. April 2015, Deepak Jha wrote:
  I have installed openvas 8 from source on centOS8.I am already using
 openvas 6 .
  I want to migrate all configuration from openvas6 to openvas 8.
  I copied Tasks.db from openvas6 and replaced it on openvas 8 and trying
 to run openvasmd -migrate it is not working also when I run
 openvas-check-setup  I get below error.
  ERROR: No users found. You need to create at least one user to log in.
  It is recommended to have at least one user with role Admin.
 
  Please let me know how I can migrate openvas 6 database to openvas8

 what you actually did was not just migrate. You transferred the entire
 setup
 to another location/system. Seems like you did not copy over the users
 directory
 which is used by the migration routine to more the users into the database
 where they are managed since OpenVAS-7.

 So, copy the users dir and copy again the tasks.db and retry the migration.

  --
 *From:* Deepak Jha
 *Sent:* Saturday, April 25, 2015 12:17 PM
 *To:* Eero Volotinen
 *Cc:* openvas-discuss@wald.intevation.org
 *Subject:* RE: [Openvas-discuss] installing openvas 8 from source on
 CentOS 7


 Hi,



 I have installed openvas 8 from source on centOS8.I am already using
 openvas 6 .

 I want to migrate all configuration from openvas6 to openvas 8.

 I copied Tasks.db from openvas6 and replaced it on openvas 8 and trying to
 run openvasmd –migrate it is not working also when I run
 openvas-check-setup  I get below error.

 ERROR: No users found. You need to create at least

Re: [Openvas-discuss] Install from Binary Packages on CentOS

2015-05-11 Thread Brandon Perry

That should be OpenVAS 8. Glad to see this thread, have been having the
same issue. We may want to add these details to the openvas install binary
packages page. EPEL7 isn't there by default.

On Mon, May 11, 2015 at 7:56 AM, Brian Chabot bcha...@millennialmedia.com
wrote:

 Yup.  I got it working in CentOS7 with epel 7.

 Does anyone know if/when RPMs for OpenVAS 8 will be available?

 On Mon, May 11, 2015 at 10:54 AM, Eero Volotinen
 eero.t.voloti...@gmail.com wrote:
  well, you need to use epel 7, not epel 5 (el5) packages
 
  eero
 
  Sent from my iPad
 
  On 11 May 2015, at 16:18, Brian Chabot bcha...@millennialmedia.com
 wrote:
 
  Thanks!  That cleared up a lot of issues but not all.
 
  Whoever maintains the OpenVAS documentation may like to add installing
  the EPEL repo to the binary installation instructions.
 
  I still see:
 
  Error: Package: python-httplib2-0.7.7-1.el5.noarch (epel)
Requires: python(abi) = 2.4
Installed: python-2.6.6-52.el6.x86_64
  (@anaconda-CentOS-201410241409.x86_64/6.6)
python(abi) = 2.6
Available: python26-2.6.8-2.el5.x86_64 (epel)
python(abi) = 2.6
 
 
 
 
  On Mon, May 11, 2015 at 2:15 AM, Eero Volotinen eero.voloti...@iki.fi
 wrote:
  Well, looks like you need to install epel 7 rpm repository to your
 machine,
  before installing packages.
 
  --
  Eero
 
  2015-05-08 18:48 GMT+03:00 Brian Chabot bcha...@millennialmedia.com:
 
  Hello,
 
  I inherited a set of OpenVAS installations and am in the process of
  setting up a process to install and maintain OpenVAS on new systems.
  I am currently testing the concept on virtual machines, but will be
  performing the final roll-out on some much beefier physical boxes.
 
  I have tried following the instructions on the OpenVAS web site using
  CentOS 6 and 7.  I have tried skipping the initial update. So fat, all
  variations have failed.
 
  Here is the summary of what I've done (verbose log attached.)
  Install CentOS6, minimal from ISO, all defaults.
  Enable eth0.
  ssh to the VM. (Verbose log attached begins here.)
  Install wget.
 
  Follow instructions at:
 http://www.openvas.org/install-packages-v7.html
 
  # wget -q -O - http://www.atomicorp.com/installers/atomic |sh
  (no problem)
  # yum upgrade
  (no problem)
  # yum install openvas
  (many dependency errors ending with:)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libroken.so.18()(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libasn1.so.8(HEIMDAL_ASN1_1.0)(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libgssapi.so.3()(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libgssapi.so.3(HEIMDAL_GSS_2.0)(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libhdb.so.9()(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libheimntlm.so.0()(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libhdb.so.9(HEIMDAL_HDB_1.0)(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libroken.so.18(HEIMDAL_ROKEN_1.0)(64bit)
  Error: Package: openvas-libraries-7.0.9-18.el6.art.x86_64 (atomic)
Requires: libwmiclient.so.1()(64bit)
Available: wmi-1.3.14-3.el6.art.x86_64 (atomic)
libwmiclient.so.1()(64bit)
Available: wmi-1.3.14-4.el6.art.x86_64 (atomic)
libwmiclient.so.1()(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libkrb5.so.26(HEIMDAL_KRB5_2.0)(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libhx509.so.5()(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libwind.so.0()(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libasn1.so.8()(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libhcrypto.so.4()(64bit)
  Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
Requires: libkrb5.so.26()(64bit)
  You could try using --skip-broken to work around the problem
  You could try running: rpm -Va --nofiles --nodigest
  #
 
  Similar errors using CentOS 7 and without the preliminary yum
 upgrade
 
  In the interest of version maintenance, I'd like to stick with RPMs.
 
  Is there a known *working* procedure I should be following?
 
  Any word yet on RPMs for OpenVAS-8?
 
  Thanks for whatever help you might be able to provide.
 
  Brian
 
  --
  __
 
  Brian Chabot | Infrastructure Systems Administrator
 
  millennial media
 
  Mobile:  +1 603.728.1469
  Email: bcha...@millennialmedia.com
  Web: www.millennialmedia.com

Re: [Openvas-discuss] Broken WMI dep for OpenVAS from Atomic repo?

2015-05-05 Thread Brandon Perry

Sure, I just wanted to see if anyone else was having an issue with WMI
before debugging too deeply.

Error: Package: openvas-1.0-14.el7.art.noarch (atomic)
   Requires: wmi
   Available: wmi-1.3.14-4.el7.art.x86_64 (atomic)
   wmi = 1.3.14-4.el7.art
Error: Package: openvas-libraries-7.0.9-18.el7.art.x86_64 (atomic)
   Requires: libwmiclient.so.1()(64bit)
   Available: wmi-1.3.14-4.el7.art.x86_64 (atomic)
   libwmiclient.so.1()(64bit)
Error: Package: openvas-libraries-7.0.9-18.el7.art.x86_64 (atomic)
   Requires: wmi
   Available: wmi-1.3.14-4.el7.art.x86_64 (atomic)
   wmi = 1.3.14-4.el7.art
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest


On Tue, May 5, 2015 at 11:26 AM, Eero Volotinen eero.voloti...@iki.fi
wrote:

 How about pasting error messages to mailinglist? Crystalball is broken..
 5.5.2015 7.24 ip. Brandon Perry bperry.volat...@gmail.com kirjoitti:

 Hey guys,

 Attempting to do a fresh install of some openvas servers last night, I am
 getting a broken dep on wmi from the atomic repos. Anyone else seeing an
 issue or would it just be me? Have freshened up my repo defs and caches.

 Thanks!

 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Broken WMI dep for OpenVAS from Atomic repo?

2015-05-05 Thread Brandon Perry

Hey guys,

Attempting to do a fresh install of some openvas servers last night, I am
getting a broken dep on wmi from the atomic repos. Anyone else seeing an
issue or would it just be me? Have freshened up my repo defs and caches.

Thanks!

-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Broken WMI dep for OpenVAS from Atomic repo?

2015-05-05 Thread Brandon Perry

Thanks, just joined, will wait to see if there was a bad push or something.

On Tue, May 5, 2015 at 12:18 PM, Michael Meyer michael.me...@greenbone.net
wrote:

 *** Brandon Perry wrote:

  Attempting to do a fresh install of some openvas servers last night, I am
  getting a broken dep on wmi from the atomic repos.

 If you have this kind of trouble with OpenVAS from atomic repo, an easy way
 to get help is to just ask Scott (atomicturtle) on the OpenVAS IRC channel.
 (http://openvas.org/online-chat.html).

 Micha

 --
 Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6
 http://www.greenbone.net/
 Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
 Osnabrück, HR B 202460
 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Broken WMI dep for OpenVAS from Atomic repo?

2015-05-10 Thread Brandon Perry

I mentioned in IRC that I was having issues, confirmed that the packages had 
broken with OpenVAS 8 (wmi is no longer a dep, it is openvas-smb).

However, now, the openvas-smb package seems to have broken dependencies. 
Posting this simply for visibility.


 On May 5, 2015, at 12:18 PM, Michael Meyer michael.me...@greenbone.net 
 wrote:
 
 *** Brandon Perry wrote:
 
 Attempting to do a fresh install of some openvas servers last night, I am
 getting a broken dep on wmi from the atomic repos.
 
 If you have this kind of trouble with OpenVAS from atomic repo, an easy way
 to get help is to just ask Scott (atomicturtle) on the OpenVAS IRC channel.
 (http://openvas.org/online-chat.html).
 
 Micha
 
 --
 Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6
 http://www.greenbone.net/
 Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
 Osnabrück, HR B 202460
 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Install from Binary Packages on CentOS

2015-05-12 Thread Brandon Perry

Why should he do that? That seems a bit overkill?

On Tue, May 12, 2015 at 2:02 AM, Eero Volotinen eero.voloti...@iki.fi
wrote:

 you should also disable selinux permanently

 --
 Eero

 2015-05-11 23:13 GMT+03:00 Brian Chabot bcha...@millennialmedia.com:

 Correction:
 # systemctl status firewalld

 should be:
 # systemctl stop firewalld
 # systemctl disable firewalld

 On Mon, May 11, 2015 at 4:02 PM, Brian Chabot
 bcha...@millennialmedia.com wrote:
  So I got it installed... Here's what I have:
 
  Install CentOS7 Minimum.  Connect to network/internet.
 
  # yum install wget
  # rpm -Uvh
 http://download.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
  # wget -q -O - http://www.atomicorp.com/installers/atomic |sh
  # yum upgrade -y
  # yum install openvas -y
  # openvas-setup
  # systemctl status firewalld
 
  Note that the first 2 commands are required and are NOT in the
  documentation and the last one could be substituted with opening port
  9392.
 
  I'll have other, more technical questions later... Thank you all for
  the help so far.
 
  Brian
 
 
  On Mon, May 11, 2015 at 11:00 AM, Brandon Perry
  bperry.volat...@gmail.com wrote:
  That should be OpenVAS 8. Glad to see this thread, have been having
 the same
  issue. We may want to add these details to the openvas install binary
  packages page. EPEL7 isn't there by default.
 
  On Mon, May 11, 2015 at 7:56 AM, Brian Chabot 
 bcha...@millennialmedia.com
  wrote:
 
  Yup.  I got it working in CentOS7 with epel 7.
 
  Does anyone know if/when RPMs for OpenVAS 8 will be available?
 
  On Mon, May 11, 2015 at 10:54 AM, Eero Volotinen
  eero.t.voloti...@gmail.com wrote:
   well, you need to use epel 7, not epel 5 (el5) packages
  
   eero
  
   Sent from my iPad
  
   On 11 May 2015, at 16:18, Brian Chabot 
 bcha...@millennialmedia.com
   wrote:
  
   Thanks!  That cleared up a lot of issues but not all.
  
   Whoever maintains the OpenVAS documentation may like to add
 installing
   the EPEL repo to the binary installation instructions.
  
   I still see:
  
   Error: Package: python-httplib2-0.7.7-1.el5.noarch (epel)
 Requires: python(abi) = 2.4
 Installed: python-2.6.6-52.el6.x86_64
   (@anaconda-CentOS-201410241409.x86_64/6.6)
 python(abi) = 2.6
 Available: python26-2.6.8-2.el5.x86_64 (epel)
 python(abi) = 2.6
  
  
  
  
   On Mon, May 11, 2015 at 2:15 AM, Eero Volotinen
   eero.voloti...@iki.fi wrote:
   Well, looks like you need to install epel 7 rpm repository to your
   machine,
   before installing packages.
  
   --
   Eero
  
   2015-05-08 18:48 GMT+03:00 Brian Chabot 
 bcha...@millennialmedia.com:
  
   Hello,
  
   I inherited a set of OpenVAS installations and am in the process
 of
   setting up a process to install and maintain OpenVAS on new
 systems.
   I am currently testing the concept on virtual machines, but will
 be
   performing the final roll-out on some much beefier physical
 boxes.
  
   I have tried following the instructions on the OpenVAS web site
 using
   CentOS 6 and 7.  I have tried skipping the initial update. So
 fat,
   all
   variations have failed.
  
   Here is the summary of what I've done (verbose log attached.)
   Install CentOS6, minimal from ISO, all defaults.
   Enable eth0.
   ssh to the VM. (Verbose log attached begins here.)
   Install wget.
  
   Follow instructions at:
   http://www.openvas.org/install-packages-v7.html
  
   # wget -q -O - http://www.atomicorp.com/installers/atomic |sh
   (no problem)
   # yum upgrade
   (no problem)
   # yum install openvas
   (many dependency errors ending with:)
   Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
 Requires: libroken.so.18()(64bit)
   Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
 Requires: libasn1.so.8(HEIMDAL_ASN1_1.0)(64bit)
   Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
 Requires: libgssapi.so.3()(64bit)
   Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
 Requires: libgssapi.so.3(HEIMDAL_GSS_2.0)(64bit)
   Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
 Requires: libhdb.so.9()(64bit)
   Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
 Requires: libheimntlm.so.0()(64bit)
   Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
 Requires: libhdb.so.9(HEIMDAL_HDB_1.0)(64bit)
   Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64 (atomic)
 Requires: libroken.so.18(HEIMDAL_ROKEN_1.0)(64bit)
   Error: Package: openvas-libraries-7.0.9-18.el6.art.x86_64
 (atomic)
 Requires: libwmiclient.so.1()(64bit)
 Available: wmi-1.3.14-3.el6.art.x86_64 (atomic)
 libwmiclient.so.1()(64bit)
 Available: wmi-1.3.14-4.el6.art.x86_64 (atomic)
 libwmiclient.so.1()(64bit)
   Error: Package: openvas-smb-1.0.1-0.2.el6.art.x86_64

Re: [Openvas-discuss] Install from Binary Packages on CentOS

2015-05-12 Thread Brandon Perry

Right, but *why*? I never disable SELinux and have never had an issue.

Also, disabling it completely is likely not correct. If there is a specific
process that SELinux doesn't play nice with, you can lower SELinux
restrictiveness on a per-process level.

What process in OpenVAS does SELinux supposedly not play well with and what
are the side-effects/symptoms?

On Tue, May 12, 2015 at 8:07 AM, Reindl Harald h.rei...@thelounge.net
wrote:


 Am 12.05.2015 um 15:05 schrieb Brandon Perry:

 Why should he do that? That seems a bit overkill?


 because OpenVAS should *always* run on a dedicated host / VM and deisable
 SELinux was mentioned a magnitude of times by the OpenVAS developers on
 that list?

  On Tue, May 12, 2015 at 2:02 AM, Eero Volotinen eero.voloti...@iki.fi
 mailto:eero.voloti...@iki.fi wrote:

 you should also disable selinux permanently



 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Install from Binary Packages on CentOS

2015-05-12 Thread Brandon Perry

On Tue, May 12, 2015 at 8:24 AM, Eero Volotinen eero.voloti...@iki.fi
wrote:

 OpenVAS will not work with selinux correctly.


I want to know what this means. I have run hundreds of OpenVAS instances,
never disabled SELinux, and never had any issues.

I get that we think it won't work correctly, but what in OpenVAS does not
function as intended when SELinux is enabled?

I hate telling people to just disable SELinux because one process doesn't
behave as expected. I compare it to telling people to disable their
firewall because one program can't access the internet.

If a process in OpenVAS does not behave correctly, there are simple
configuration changes you can make to let SELinux be more permissive on a
per-process basis to resolve the issue.



 You need to correctly configure redis as documented .

 --
 Eero

 2015-05-12 16:20 GMT+03:00 Brian Chabot bcha...@millennialmedia.com:

 I'm not sold on the need to disable SELinux here, but that may help.

 At this point, I have the installation of OpenVAS up and running, but
 when I ran my first scan, it completed with the following error:
 WARNING: Cannot connect to KB at '/tmp/redis.sock': Connection refused'

 So off to install redis.  Did the yum install, systemctl enable,
 systemctl start, and even restarted and re-ran openvas-setup.

 systemctl status redis shows it is running.

 The error persists in new scans.

 Any ideas here?

 --
 __

 Brian Chabot | Infrastructure Systems Administrator

 millennial media

 Mobile:  +1 603.728.1469
 Email: bcha...@millennialmedia.com
 Web: www.millennialmedia.com
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Delete Reports

2015-04-14 Thread Brandon Perry

You could easily modify that script to delete them:

http://www.openvas.org/omp-5-0.html#command_delete_report

On Tue, Apr 14, 2015 at 12:45 PM, Turner,Jonas jotur...@hcr-manorcare.com
wrote:

  Does anyone have a script that can delete all the reports that were
 generated by scans?



 Eero was SO kind to provide me a script to download the reports, but it
 would be nice to have a script that now deletes the reports.



 Thanks!



 *Jonas Turner │ Security Analyst II*

 *Ph: 419.254.4890 419.254.4890│Fax: 419.252.5557 419.252.5557*

 *E-mail:  jotur...@hcr-manorcare.com jotur...@hcr-manorcare.com*



 CONFIDENTIALITY NOTICE The information contained in this transmission is
 intended only for the person or entity to which it is addressed and may
 contain confidential and/or privileged material. If you are not the
 intended recipient of this information, do not review, retransmit,
 disclose, disseminate, use, or take any action in reliance upon, this
 information. If you received this transmission in error, please contact the
 sender, destroy all printed copies, and delete the material from all
 computers.   

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS 8 virtual appliance

2015-06-23 Thread Brandon Perry

I checked on this, cookie are enable in my web browser and the time is
correctly synced on the virtual appliance. Still get the Cookie bad or
missing. Please try again. error. Authing with the manager over OMP still
works though.

On Mon, Jun 22, 2015 at 8:15 AM, Brandon Perry bperry.volat...@gmail.com
wrote:

 Cookies are definitely enabled on the client (web browser) and time is
 correct on the client, not sure about the time on the OpenVAS VM. I can
 check this later today.

 On Mon, Jun 22, 2015 at 2:17 AM, Michael Meyer 
 michael.me...@greenbone.net wrote:

 *** Brandon Perry wrote:

  The error on screen after trying to auth via GSA is Cookie missing
  or bad. Please login again.

 Time is in sync on VM and Client?

 Micha

 --
 Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6
 http://www.greenbone.net/
 Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
 Osnabrück, HR B 202460
 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] OpenVAS 8 virtual appliance

2015-06-21 Thread Brandon Perry

Hello,

I am unable to login with admin/admin into GSA, but over OMP I am able to auth 
as admin. Am just playing around with the virtual appliance, so not a big deal.

The error on screen after trying to auth via GSA is Cookie missing or bad. 
Please login again.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS 8 virtual appliance

2015-06-22 Thread Brandon Perry

Cookies are definitely enabled on the client (web browser) and time is
correct on the client, not sure about the time on the OpenVAS VM. I can
check this later today.

On Mon, Jun 22, 2015 at 2:17 AM, Michael Meyer michael.me...@greenbone.net
wrote:

 *** Brandon Perry wrote:

  The error on screen after trying to auth via GSA is Cookie missing
  or bad. Please login again.

 Time is in sync on VM and Client?

 Micha

 --
 Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6
 http://www.greenbone.net/
 Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
 Osnabrück, HR B 202460
 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Syn cert data without using rsync?

2015-05-29 Thread Brandon Perry

You could create an internal mirror and rsync internally, create the mirror
with HTTP or whatnot.

On Fri, May 29, 2015 at 10:43 AM, Emily Crowe emilyvcr...@gmail.com wrote:

 Hi all,

 I'm trying to set up OpenVAS, but I keep getting stuck when openvas-setup
 attempts to rsync.

 The default method for rsync is rsh. My company has strict rules against
 tools like telnet and remote shell built into the firewall.

 Thankfully, the NVT and SCAP data feeds have wget and curL as alternative
 options to rsync. Cert data, however, does not.

 I can't use rsync to rsh into feed.openvas.org, and, in the absence of
 necessary credentials, I can't use rsync to ssh into feed.openvas.org
 either.

 It seems our use of OpenVAS hinges on this problem.

 Can OpenVAS please provide alternatives to rsync rsh for syncing cert
 data? If not, please give a rationale.

 Thanks,
 Emily Crowe
 P.S. I'm not sure if this is the correct listserv for this topic.
 Apologies if it's not.

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] local account used for scans

2015-07-01 Thread Brandon Perry

I actually don't recommend running scans as root if you can get away with
it. I use local accounts, can you SSH into the machine yourself? What
happens when you run rpm -qa/dpkg -l if you can SSH into the box?

On Wed, Jul 1, 2015 at 9:02 AM, Brian Thompson bthomp...@wyetechllc.com
wrote:

  Question about account permissions


 I'd like to use a local account for my scans instead of my personal LDAP
 entry but I can't seem to get the scans to work when I do.  If I use my
 personal credentials (in LDAP with Public/Private key authentication) a
 scan results in about 200 detections.  If I do the same scan but use a
 local account (useradd --create-home --uid=432 --gid=432 --groups=root
 openvas) I get only 50 detections.  I've confirmed the user/pass I provided
 for the credential is correct (I was able to ssh to localhost
 openvas@localhost and log in as openvas).  So I'm thinking something
 else is missing?  As you can see, I've created the account as a member of
 root's group.


 Are there other groups it needs?


 Is it not seeing the user because it's not in LDAP?  I'd rather not put
 the account in LDAP, is there a way to get OpenVAS to recognize a local
 account?


 Brian

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] local account used for scans

2015-07-01 Thread Brandon Perry

Ah, I misread your original post. Not sure then. :/

On Wed, Jul 1, 2015 at 9:15 AM, Brian Thompson bthomp...@wyetechllc.com
wrote:

  I'm not running the scans as root, I created a user (openvas) that is a
 member of root's group.


 ssh openvas @ localhost

 banner...

 openvas @ localhost's password: password entered

 [openvas @ localhost ~]$ rpm -qa

 yum-utils-1.1.30-14.el6.noarch

 100's more rpm's reported

 [openvas @ localhost ~]$



 On July 1, 2015 at 10:05 AM Brandon Perry bperry.volat...@gmail.com
 wrote:

 I actually don't recommend running scans as root if you can get away with
 it. I use local accounts, can you SSH into the machine yourself? What
 happens when you run rpm -qa/dpkg -l if you can SSH into the box?

 On Wed, Jul 1, 2015 at 9:02 AM, Brian Thompson bthomp...@wyetechllc.com
 wrote:

 Question about account permissions


 I'd like to use a local account for my scans instead of my personal LDAP
 entry but I can't seem to get the scans to work when I do.  If I use my
 personal credentials (in LDAP with Public/Private key authentication) a
 scan results in about 200 detections.  If I do the same scan but use a
 local account (useradd --create-home --uid=432 --gid=432 --groups=root
 openvas) I get only 50 detections.  I've confirmed the user/pass I provided
 for the credential is correct (I was able to ssh to localhost and log in as
 openvas).  So I'm thinking something else is missing?  As you can see, I've
 created the account as a member of root's group.


 Are there other groups it needs?


 Is it not seeing the user because it's not in LDAP?  I'd rather not put
 the account in LDAP, is there a way to get OpenVAS to recognize a local
 account?


 Brian

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website







-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] local account used for scans

2015-07-01 Thread Brandon Perry

They are just regular local users added with useradd, no special groups at
all.

On Wed, Jul 1, 2015 at 9:22 AM, Brian Thompson bthomp...@wyetechllc.com
wrote:

  No problem.  Hopefully someone else will have other ideas.  For your
 local accounts, are they members of any special groups (wheel, root, adm,
 sys, etc)?


 On July 1, 2015 at 10:17 AM Brandon Perry bperry.volat...@gmail.com
 wrote:

 Ah, I misread your original post. Not sure then. :/

 On Wed, Jul 1, 2015 at 9:15 AM, Brian Thompson bthomp...@wyetechllc.com
 wrote:

 I'm not running the scans as root, I created a user (openvas) that is a
 member of root's group.


 ssh openvas @ localhost

 banner...

 openvas @ localhost's password: password entered

 [openvas @ localhost ~]$ rpm -qa

 yum-utils-1.1.30-14.el6.noarch

 100's more rpm's reported

 [openvas @ localhost ~]$



 On July 1, 2015 at 10:05 AM Brandon Perry bperry.volat...@gmail.com
 wrote:

 I actually don't recommend running scans as root if you can get away with
 it. I use local accounts, can you SSH into the machine yourself? What
 happens when you run rpm -qa/dpkg -l if you can SSH into the box?

 On Wed, Jul 1, 2015 at 9:02 AM, Brian Thompson bthomp...@wyetechllc.com
 wrote:

 Question about account permissions


 I'd like to use a local account for my scans instead of my personal LDAP
 entry but I can't seem to get the scans to work when I do.  If I use my
 personal credentials (in LDAP with Public/Private key authentication) a
 scan results in about 200 detections.  If I do the same scan but use a
 local account (useradd --create-home --uid=432 --gid=432 --groups=root
 openvas) I get only 50 detections.  I've confirmed the user/pass I provided
 for the credential is correct (I was able to ssh to localhost and log in as
 openvas).  So I'm thinking something else is missing?  As you can see, I've
 created the account as a member of root's group.


 Are there other groups it needs?


 Is it not seeing the user because it's not in LDAP?  I'd rather not put
 the account in LDAP, is there a way to get OpenVAS to recognize a local
 account?


 Brian

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website







 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website







-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] `openvasmd --progress --verbose --rebuild` hangs forever

2015-07-30 Thread Brandon Perry

How long is forever?

On Thu, Jul 30, 2015 at 9:04 AM, Arthur calvin...@gmail.com wrote:

 Hello,

 As my title say, my problem today is that the command
 `openvasmd --progress --verbose --rebuild` never returns and hangs forever,
 locking the sqlite database and preventing any other action (including
 `openvas-check-setup` which is locked when trying to find users)

 $ sudo openvasmd --progress --verbose --rebuild
 Rebuilding NVT cache... /
 [hangs forever]


 $ sudo tail -f /var/log/openvas/openvasmd.log
 md   main:WARNING:2015-07-30 13h35.46 utc:4045: database must be
 initialised
 from scanner (with --update or --rebuild)
 lib auth:   INFO:2015-07-30 13h35.47 utc:4045: Authentication configuration
 not found.
 md   main:   INFO:2015-07-30 13h35.52 utc:4049:OpenVAS Manager version
 6.0.1 (DB revision 146)
 md   main:   INFO:2015-07-30 13h35.52 utc:4049: rebuild_nvt_cache_retry:
 Reloading NVT cache
 md   main:   INFO:2015-07-30 13h35.52 utc:4050:
 update_or_rebuild_nvt_cache:
 Rebuilding NVT cache
 md   main:   INFO:2015-07-30 13h35.52 utc:4050:Updating NVT cache.
 mdotp:MESSAGE:2015-07-30 13h35.52 utc:4050: Scanner loading: 16550 /
 40087
 nvts.
 md   main:   INFO:2015-07-30 13h36.02 utc:4060:
 update_or_rebuild_nvt_cache:
 Rebuilding NVT cache
 md   main:   INFO:2015-07-30 13h36.02 utc:4060:Updating NVT cache.
 mdotp:MESSAGE:2015-07-30 13h36.02 utc:4060: Scanner loading: 25400 /
 40087
 nvts.
 md   main:   INFO:2015-07-30 13h36.12 utc:4061:
 update_or_rebuild_nvt_cache:
 Rebuilding NVT cache
 md   main:   INFO:2015-07-30 13h36.12 utc:4061:Updating NVT cache.
 mdotp:MESSAGE:2015-07-30 13h36.12 utc:4061: Scanner loading: 32650 /
 40087
 nvts.
 md   main:   INFO:2015-07-30 13h36.22 utc:4062:
 update_or_rebuild_nvt_cache:
 Rebuilding NVT cache
 md   main:   INFO:2015-07-30 13h36.22 utc:4062:Updating NVT cache.
 mdotp:MESSAGE:2015-07-30 13h36.23 utc:4062: Scanner loading: 38800 /
 40087
 nvts.
 md   main:   INFO:2015-07-30 13h36.33 utc:4063:
 update_or_rebuild_nvt_cache:
 Rebuilding NVT cache
 md   main:   INFO:2015-07-30 13h36.33 utc:4063:Updating NVT cache.
 lib auth:   INFO:2015-07-30 13h44.38 utc:4225: Authentication configuration
 not found.
 [hang forever]


 I have the exact same problem when update

 $ sudo openvasmd --progress --verbose --update
 Updating NVT cache... \
 [hang forever]

 $ sudo tail -f /var/log/openvas/openvasmd.log
 md   main:   INFO:2015-07-30 13h56.11 utc:4298:OpenVAS Manager version
 6.0.1 (DB revision 146)
 md   main:   INFO:2015-07-30 13h56.11 utc:4298: rebuild_nvt_cache_retry:
 Reloading NVT cache
 md   main:   INFO:2015-07-30 13h56.11 utc:4299:
 update_or_rebuild_nvt_cache:
 Updating NVT cache

 I tried to move the database (/var/lib/openvas/mgr/tasks.db) and recreate
 it,
 with the same results.


 Any suggestions ?  Is it some server-side issue (maybe an unreachable host
 ?)
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] `openvasmd --progress --verbose --rebuild` hangs forever

2015-07-30 Thread Brandon Perry

Also, not sure what the specs on your box is. You should have at least 4gb
RAM and a nice proc to nicely run OpenVAS.

On Thu, Jul 30, 2015 at 9:16 AM, Brandon Perry bperry.volat...@gmail.com
wrote:

 Yes, while 30 mins is a bit long, let it sit a bit longer. I don't have
 much experience with the Ubuntu packages however.

 Also, don't stop them halfway through with Ctrl+c, I am not sure what kind
 of state that leaves openvasmd in. If you have done that, probably should
 reinstall and try again.

 --rebuild will completely rebuild the openvasmd database. --update simply
 takes the difference between what openvas-nvt-sync et al have added and
 updates the sqlite DB to include the new data. You probably do not need to
 run --rebuild.

 On Thu, Jul 30, 2015 at 9:11 AM, Arthur calvin...@gmail.com wrote:

 Haha good question ; around 30 minutes ? The first time I ran that
 command, it
 took at most 5 minutes. Should I wait more ?

 Also, the animated progress bar (the slashes `/|\-`) do not move anymore
 when
 it hangs ; I assume a call is blocking somewhere.


 On a side note, I am using mrazavi packages for Ubuntu 14.04
 (https://launchpad.net/~mrazavi/+archive/ubuntu/openvas)

 Le jeudi 30 juillet 2015 09:05:15, vous avez écrit :
  How long is forever?
 
  On Thu, Jul 30, 2015 at 9:04 AM, Arthur calvin...@gmail.com wrote:
   Hello,
  
   As my title say, my problem today is that the command
   `openvasmd --progress --verbose --rebuild` never returns and hangs
   forever,
   locking the sqlite database and preventing any other action (including
   `openvas-check-setup` which is locked when trying to find users)
  
   $ sudo openvasmd --progress --verbose --rebuild
   Rebuilding NVT cache... /
   [hangs forever]
  
  
   $ sudo tail -f /var/log/openvas/openvasmd.log
   md   main:WARNING:2015-07-30 13h35.46 utc:4045: database must be
   initialised
   from scanner (with --update or --rebuild)
   lib auth:   INFO:2015-07-30 13h35.47 utc:4045: Authentication
   configuration
   not found.
   md   main:   INFO:2015-07-30 13h35.52 utc:4049:OpenVAS Manager
 version
   6.0.1 (DB revision 146)
   md   main:   INFO:2015-07-30 13h35.52 utc:4049:
 rebuild_nvt_cache_retry:
   Reloading NVT cache
   md   main:   INFO:2015-07-30 13h35.52 utc:4050:
   update_or_rebuild_nvt_cache:
   Rebuilding NVT cache
   md   main:   INFO:2015-07-30 13h35.52 utc:4050:Updating NVT cache.
   mdotp:MESSAGE:2015-07-30 13h35.52 utc:4050: Scanner loading:
 16550 /
   40087
   nvts.
   md   main:   INFO:2015-07-30 13h36.02 utc:4060:
   update_or_rebuild_nvt_cache:
   Rebuilding NVT cache
   md   main:   INFO:2015-07-30 13h36.02 utc:4060:Updating NVT cache.
   mdotp:MESSAGE:2015-07-30 13h36.02 utc:4060: Scanner loading:
 25400 /
   40087
   nvts.
   md   main:   INFO:2015-07-30 13h36.12 utc:4061:
   update_or_rebuild_nvt_cache:
   Rebuilding NVT cache
   md   main:   INFO:2015-07-30 13h36.12 utc:4061:Updating NVT cache.
   mdotp:MESSAGE:2015-07-30 13h36.12 utc:4061: Scanner loading:
 32650 /
   40087
   nvts.
   md   main:   INFO:2015-07-30 13h36.22 utc:4062:
   update_or_rebuild_nvt_cache:
   Rebuilding NVT cache
   md   main:   INFO:2015-07-30 13h36.22 utc:4062:Updating NVT cache.
   mdotp:MESSAGE:2015-07-30 13h36.23 utc:4062: Scanner loading:
 38800 /
   40087
   nvts.
   md   main:   INFO:2015-07-30 13h36.33 utc:4063:
   update_or_rebuild_nvt_cache:
   Rebuilding NVT cache
   md   main:   INFO:2015-07-30 13h36.33 utc:4063:Updating NVT cache.
   lib auth:   INFO:2015-07-30 13h44.38 utc:4225: Authentication
   configuration
   not found.
   [hang forever]
  
  
   I have the exact same problem when update
  
   $ sudo openvasmd --progress --verbose --update
   Updating NVT cache... \
   [hang forever]
  
   $ sudo tail -f /var/log/openvas/openvasmd.log
   md   main:   INFO:2015-07-30 13h56.11 utc:4298:OpenVAS Manager
 version
   6.0.1 (DB revision 146)
   md   main:   INFO:2015-07-30 13h56.11 utc:4298:
 rebuild_nvt_cache_retry:
   Reloading NVT cache
   md   main:   INFO:2015-07-30 13h56.11 utc:4299:
   update_or_rebuild_nvt_cache:
   Updating NVT cache
  
   I tried to move the database (/var/lib/openvas/mgr/tasks.db) and
 recreate
   it,
   with the same results.
  
  
   Any suggestions ?  Is it some server-side issue (maybe an unreachable
 host
   ?)
   ___
   Openvas-discuss mailing list
   Openvas-discuss@wald.intevation.org
  
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




 --
 http://volatile-minds.blogspot.com -- blog
 http://www.volatileminds.net -- website




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] `openvasmd --progress --verbose --rebuild` hangs forever

2015-07-30 Thread Brandon Perry

Yes, while 30 mins is a bit long, let it sit a bit longer. I don't have
much experience with the Ubuntu packages however.

Also, don't stop them halfway through with Ctrl+c, I am not sure what kind
of state that leaves openvasmd in. If you have done that, probably should
reinstall and try again.

--rebuild will completely rebuild the openvasmd database. --update simply
takes the difference between what openvas-nvt-sync et al have added and
updates the sqlite DB to include the new data. You probably do not need to
run --rebuild.

On Thu, Jul 30, 2015 at 9:11 AM, Arthur calvin...@gmail.com wrote:

 Haha good question ; around 30 minutes ? The first time I ran that
 command, it
 took at most 5 minutes. Should I wait more ?

 Also, the animated progress bar (the slashes `/|\-`) do not move anymore
 when
 it hangs ; I assume a call is blocking somewhere.


 On a side note, I am using mrazavi packages for Ubuntu 14.04
 (https://launchpad.net/~mrazavi/+archive/ubuntu/openvas)

 Le jeudi 30 juillet 2015 09:05:15, vous avez écrit :
  How long is forever?
 
  On Thu, Jul 30, 2015 at 9:04 AM, Arthur calvin...@gmail.com wrote:
   Hello,
  
   As my title say, my problem today is that the command
   `openvasmd --progress --verbose --rebuild` never returns and hangs
   forever,
   locking the sqlite database and preventing any other action (including
   `openvas-check-setup` which is locked when trying to find users)
  
   $ sudo openvasmd --progress --verbose --rebuild
   Rebuilding NVT cache... /
   [hangs forever]
  
  
   $ sudo tail -f /var/log/openvas/openvasmd.log
   md   main:WARNING:2015-07-30 13h35.46 utc:4045: database must be
   initialised
   from scanner (with --update or --rebuild)
   lib auth:   INFO:2015-07-30 13h35.47 utc:4045: Authentication
   configuration
   not found.
   md   main:   INFO:2015-07-30 13h35.52 utc:4049:OpenVAS Manager
 version
   6.0.1 (DB revision 146)
   md   main:   INFO:2015-07-30 13h35.52 utc:4049:
 rebuild_nvt_cache_retry:
   Reloading NVT cache
   md   main:   INFO:2015-07-30 13h35.52 utc:4050:
   update_or_rebuild_nvt_cache:
   Rebuilding NVT cache
   md   main:   INFO:2015-07-30 13h35.52 utc:4050:Updating NVT cache.
   mdotp:MESSAGE:2015-07-30 13h35.52 utc:4050: Scanner loading: 16550
 /
   40087
   nvts.
   md   main:   INFO:2015-07-30 13h36.02 utc:4060:
   update_or_rebuild_nvt_cache:
   Rebuilding NVT cache
   md   main:   INFO:2015-07-30 13h36.02 utc:4060:Updating NVT cache.
   mdotp:MESSAGE:2015-07-30 13h36.02 utc:4060: Scanner loading: 25400
 /
   40087
   nvts.
   md   main:   INFO:2015-07-30 13h36.12 utc:4061:
   update_or_rebuild_nvt_cache:
   Rebuilding NVT cache
   md   main:   INFO:2015-07-30 13h36.12 utc:4061:Updating NVT cache.
   mdotp:MESSAGE:2015-07-30 13h36.12 utc:4061: Scanner loading: 32650
 /
   40087
   nvts.
   md   main:   INFO:2015-07-30 13h36.22 utc:4062:
   update_or_rebuild_nvt_cache:
   Rebuilding NVT cache
   md   main:   INFO:2015-07-30 13h36.22 utc:4062:Updating NVT cache.
   mdotp:MESSAGE:2015-07-30 13h36.23 utc:4062: Scanner loading: 38800
 /
   40087
   nvts.
   md   main:   INFO:2015-07-30 13h36.33 utc:4063:
   update_or_rebuild_nvt_cache:
   Rebuilding NVT cache
   md   main:   INFO:2015-07-30 13h36.33 utc:4063:Updating NVT cache.
   lib auth:   INFO:2015-07-30 13h44.38 utc:4225: Authentication
   configuration
   not found.
   [hang forever]
  
  
   I have the exact same problem when update
  
   $ sudo openvasmd --progress --verbose --update
   Updating NVT cache... \
   [hang forever]
  
   $ sudo tail -f /var/log/openvas/openvasmd.log
   md   main:   INFO:2015-07-30 13h56.11 utc:4298:OpenVAS Manager
 version
   6.0.1 (DB revision 146)
   md   main:   INFO:2015-07-30 13h56.11 utc:4298:
 rebuild_nvt_cache_retry:
   Reloading NVT cache
   md   main:   INFO:2015-07-30 13h56.11 utc:4299:
   update_or_rebuild_nvt_cache:
   Updating NVT cache
  
   I tried to move the database (/var/lib/openvas/mgr/tasks.db) and
 recreate
   it,
   with the same results.
  
  
   Any suggestions ?  Is it some server-side issue (maybe an unreachable
 host
   ?)
   ___
   Openvas-discuss mailing list
   Openvas-discuss@wald.intevation.org
  
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Arachni and Nikto plugin support OpenVas 8

2015-07-31 Thread Brandon Perry

I am not sure if the arachni plugin was updated after arachni released a major 
update a while back changing many of the command line arguments.

Sent from a phone

 On Jul 31, 2015, at 3:32 PM, Himanshu Kesar hke...@good.com wrote:
 
 Hi everyone,
  
 I am trying to setup Arachni and Nikto plugins on OpenVas 8 but I am running 
 out of options here. I need some help.
  
 Configuration
 OS – Kali Linux 1.1.0a
 Using OpenVas 8 with GSA
  
 Issue with Arachni Plugin
 “Arachni report filename is empty. that could mean that wrong version of 
 arachni is used or tmp dir is not accessible. In short: check installation of 
 arachni and OpenVAS.”
 I have installed ruby RVM, Arachni 1.2.1 and checked the PATH variable to 
 make sure it is setup correctly. Is there any setting I have to change in 
 openvas? Please let me know how to proceed on this.
  
 Issue with Nikto Plugin
 “The target server did not return 404 on requests for non-existent pages. 
 This scan has not been executed since Nikto is prone to reporting many false 
 positives in this case. If you wish to force this scan, you can enable it in 
 the Nikto preferences in your client”
 I am using the default scan config and modified it to enable “Force Scan even 
 without 404s” . I am not sure if that is what OpenVas wants me to.
  
 I am new to this and have spent lot of time searching through the internet 
 but not able to resolve both of these and I need help.
  
 Thanks for your time.
 Himanshu
  
  
 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] non Default scans

2015-08-04 Thread Brandon Perry

Wouldn't it be nmap that is being slow in the first 1%?

On Tue, Aug 4, 2015 at 2:57 PM, Eero Volotinen eero.voloti...@iki.fi
wrote:

 What is output of ps aux | grep openvas
 during scan?

 Eero
 3.8.2015 8.01 ip. Dury, John C. jd...@duqlight.com kirjoitti:

 I have built both OpenVAS 8 and OpenVAS 7 systems from source and also
 tried some pre built binaries like the ones that come with Kali and when I
 try to do a custom task with a scan using options other than default scan
 from with GSA, the task never seems to progress or complete. I haven’t
 tried every combination of options but the few that I have chosen, seem to
 start but never progress past 1%. This also happens when I tried this on
 Kali which comes with it’s own binaries and I did not build from source. I
 know there are other users with the same problem. Any suggestion on why
 this is happening and why scans other than the default, don’t seem to work
 or progress? For example, I picked “full and fast” for a target I just
 created, and it doesn’t seem to be doing anything. I don’t even see any
 processes running that have the target name in them.  This is being done
 with OpenVAS that comes with the latest version of Kali. I was hoping to
 just start using OpenVAS without a lot of debugging since that is
 definitely not my area, but between compiling from source not working
 correctly, and pre-built binaries in Kali not working correctly, I am
 giving up hope. Any suggestions on where to start?





 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Severity in error, access denied when scanning any remote hosts

2015-08-14 Thread Brandon Perry

Do you have redis installed?

On Fri, Aug 14, 2015 at 10:08 AM, Jeremy MJ jsk...@gmail.com wrote:

 I'm attempting to try out OpenVAS in ArchLinux. Everything is setup and
 running, but when I go to scan a host outside of my OpenVAS host, it fails,
 complaining about access being denied to a host(s) in the logs. The
 severity progress bar only displays an error in the gui.

 OpenVAS is running as root, so I don't see what could be wrong on the OS
 side. I'm running Greenbone as admin / all access as well. I have tried
 both discovery and credential scans, neither seem to work.

 Nmap 6.47
 OpenVAS component versions:

 https://www.archlinux.org/packages/?sort=arch=x86_64q=openvasmaintainer=flagged=

 Thanks in advance for any help,

 --
 Jeremy MJ

 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Streaming XML parser and low-memory systems

2015-08-10 Thread Brandon Perry

While scanning with low memory systems is still an issue, it seems like the 
largest issue with OpenVAS running on low memory systems is actually parsing 
large XML files. I see a recent feature was added that splits large XML files 
for parsing.

Would it be worthwhile to look into using a streaming XML parser for things 
like the sync utils? For instance, the first one to likely get streaming XML 
parsing treatment I think would be openvas-nvt-sync.

Here is a small streaming parsing library: http://www.ambiera.com/irrxml/ 
http://www.ambiera.com/irrxml/

The license seems like it is good enough for use in OpenVAS: 
http://www.ambiera.com/irrxml/license.html 
http://www.ambiera.com/irrxml/license.html

Any thoughts from a development standpoint on this type of endeavour? I am not 
asking Greenbone to do this per se, as I am open to looking into it, I think 
being able to run on a low memory system is one of the most useful things about 
OpenVAS.


signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS built from source on Ubuntu 14.04 but scans seem to hang

2015-07-27 Thread Brandon Perry

Using CentOS and the Atomic repos.

On Mon, Jul 27, 2015 at 12:29 PM, Dury, John C. jd...@duqlight.com wrote:

 I installed a fresh copy of Ubuntu 14.04 and then installed and configured
 OpenVAS 8 from the latest non-beta sources via the instructions on this
 page
 http://www.mockel.se/index.php/2015/04/openvas-8-on-ubuntu-server-14-04/
 and everything seemed to install and compile perfectly.

 I then created a target and defined a new task to scan it but after
 starting the task, it never seems to move beyond 1% no matter which options
 I choose or how many ports I choose. I have no idea where to even start
 debugging this. I also tried installing OpenVAS 8 from the PPA mentioned
 here https://launchpad.net/~mrazavi/+archive/ubuntu/openvas but it
 appears to be missing sync tools like “openvas-certdata-sync” and
 “openvas-scapdata-sync”.

 Essentially I am just looking to do scans and not really interested in
 having to compile the code. It looks like next version of Kali will have
 OpenVAS 8 built into the distro but it won’t be available until 8/11/2015.

 Any suggestion on what the easiest way to get a fully functional OpenVAS 8
 scanner is? Or  distro that maintains a working copy of OpenVAS 8 and later?

 John



 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Long delay when adding first credential

2015-07-16 Thread Brandon Perry

If there isn't a lot of entropy during key generation on the system, it can
take a long time to create strong RSA keys for encrypting the credentials
on the system.

On Thu, Jul 16, 2015 at 10:41 AM, Wesley Botham wes...@semcat.net wrote:

  I just set up OpenVAS 8 in an Ubuntu 14.04 VM. I ran openvas-check-setup
 2.3.1 and it looks fine (http://pastebin.com/mjAm2pYu). I also ran an
 immediate scan on 127.0.0.1, which finished quickly and successfully.

 Then I added a key via Configuration - Targets - Credentials. After
 clicking Create Credential, the page hangs. It took 16 minutes to finish,
 according to the logs:

 md  crypt:   INFO:2015-07-16 14h09.41 UTC:25498: starting key generation
 ...
 md  crypt:   INFO:2015-07-16 14h25.30 UTC:25498: OpenPGP key 'OpenVAS
 Credential Encryption' has been generated

 I didn't know what was happening, so I opened another Greenbone tab and
 tried to run an immediate scan, which did not start until after the key
 generation finished.

 While generating the key, openvas-check-setup also hangs upon running
 `openvasmd --get-users`, resulting in the following output:

 openvas-check-setup 2.3.1
  Test completeness and readiness of OpenVAS-8
  (add '--v6' or '--v7' or '--v9'
   if you want to check for another OpenVAS version)
  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the
 problem.
  Use the parameter --server to skip checks for client tools
  like GSD and OpenVAS-CLI.
 Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 5.0.3.
OK: OpenVAS Scanner CA Certificate is present as
 /usr/local/var/lib/openvas/CA/cacert.pem.
OK: redis-server is present in version v=2.8.4.
OK: scanner (kb_location setting) is configured properly using the
 redis-server socket: /tmp/redis.sock
OK: redis-server is running and listening on socket:
 /tmp/redis.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: NVT collection in /usr/local/var/lib/openvas/plugins contains
 39767 NVTs.
WARNING: Signature checking of NVTs is not enabled in OpenVAS
 Scanner.
SUGGEST: Enable signature checking (see
 http://www.openvas.org/trusted-nvts.html).
OK: The NVT cache in /usr/local/var/cache/openvas contains 39767
 files for 39767 NVTs.
 Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 6.0.3.
OK: OpenVAS Manager client certificate is present as
 /usr/local/var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in
 /usr/local/var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.

 This happens whenever I set up a new instance of OpenVAS. It only happens
 once; if I add a second credential, it succeeds immediately.

 What could be causing this one-time 16-minute delay? Is there a startup
 process in the background that delays other actions until it finishes? Is
 it (as it seems) triggered by my first attempt to add a credential? Is
 there something I can do to front-load this process or monitor it? (I can
 live with the delay, but ideally I want my bootstrap scripts to handle it
 or at least to make it transparent to the next user of my VM.)

 Thanks!

 *-- *
 *Wesley J. Botham* | Software Developer, U.S. Rating
 *Applied Systems, Inc.*
 www.appliedsystems.com | wes...@semcat.net


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Nessus comparison

2015-10-20 Thread Brandon Perry

Reported vulnerability count is not a useful measurement for comparing two 
vulnerability scanners.

One vulnerability scanner may report all missing patches, including ones that 
are superseded by others in the same report, while another does not.

For instance, OpenVAS is far more useful to me than Nessus due to the 
architecture of the scanner, and of course being open source is great. All the 
patch scanners out there will help you begin regularly auditing and patching 
your networks.

> On Oct 20, 2015, at 8:51 PM, Diego Gomes  wrote:
> 
> Hi guys!
> 
> We have here Nessus Professional!
> 
> I identified some different results while comparing...
> 
> For example, I noticed that OpenVAS found more vuls than Nessus. (ok, not 
> sure if false-positive or mismatch plugin, configuration, etc...)
> 
> But, what I mean is
> 
> Should be OpenVAS more efficient than Nessus? Should I trust in one and not 
> in other?
> 
> Of course, we always need to use 2 different tools for analysis, but my 
> questions is very interesting and I would like to check your opinions about 
> it!
> 
> Thanks,
> 
> Diego
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS 8 openvas-check-setup

2015-07-10 Thread Brandon Perry

Let's keep it civil please. This has gotten off track.

On Fri, Jul 10, 2015 at 9:46 AM, Reindl Harald h.rei...@thelounge.net
wrote:



 Am 10.07.2015 um 16:39 schrieb Eero Volotinen:

 disabling selinux required reboot, logging permissive mode is possible
 without rebooting.

 you can use setenforce 0 to temporary disable selinux (permissive
 mode), but you should make change permanent (in redhat configation file
 is located in /etc/sysconfig/selinux)

 Anyway, disabling selinux is not required, permissive mode works also fine


 i bet the guy who pretends permissive mode behaves different than disabled
 and calling people idiots offlist did not read manpages and rebootet after
 setenforce not realizing that he did not change the boot
 configuration..


 ___
 Openvas-discuss mailing list
 Openvas-discuss@wald.intevation.org
 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] debian 8 and openvas pdf generation?

2015-09-21 Thread Brandon Perry

While I can’t say the exact libs that are required, here is the dpkg -l 
printout of the openvas debian appliance (v8).

I expect the poppler and ghostscript libs are what are used.

Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name   Version Architecture 
Description
+++-==-===--===
ii  acl2.2.52-2amd64
Access control list utilities
ii  acpi   1.7-1   amd64
displays information on ACPI devices
ii  acpi-support-base  0.142-6 all  
scripts for handling base ACPI events such as the power button
ii  acpid  1:2.0.23-2  amd64
Advanced Configuration and Power Interface event daemon
ii  adduser3.113+nmu3  all  add 
and remove users and groups
ii  apt1.0.9.8 amd64
commandline package manager
ii  apt-utils  1.0.9.8 amd64
package management related utility programs
ii  base-files 8   amd64
Debian base system miscellaneous files
ii  base-passwd3.5.37  amd64
Debian base system master password and group files
ii  bash   4.3-11+b1   amd64GNU 
Bourne Again SHell
ii  binutils   2.25-5  amd64GNU 
assembler, linker and binary utilities
ii  binutils-mingw-w64-i6862.25-5+5.2  amd64
Cross-binutils for Win32 (x86) using MinGW-w64
ii  binutils-mingw-w64-x86-64  2.25-5+5.2  amd64
Cross-binutils for Win64 (x64) using MinGW-w64
ii  bison  2:3.0.2.dfsg-2  amd64
YACC-compatible parser generator
ii  bsdmainutils   9.0.6   amd64
collection of more utilities from FreeBSD
ii  bsdutils   1:2.25.2-6  amd64
basic utilities from 4.4BSD-Lite
ii  build-essential11.7amd64
Informational list of build-essential packages
ii  busybox1:1.22.0-9+deb8u1   amd64
Tiny utilities for small and embedded systems
ii  bzip2  1.0.6-7+b3  amd64
high-quality block-sorting file compressor - utilities
ii  cmake  3.0.2-1 amd64
cross-platform, open-source make system
ii  cmake-data 3.0.2-1 all  
CMake data files (modules, templates and documentation)
ii  comerr-dev 2.1-1.42.12-1.1 amd64
common error description library - headers and static libraries
ii  console-setup  1.123   all  
console font and keymap setup program
ii  console-setup-linux1.123   all  
Linux specific part of console-setup
ii  coreutils  8.23-4  amd64GNU 
core utilities
ii  cpio   2.11+dfsg-4.1   amd64GNU 
cpio -- a program to manage archives of files
ii  cpp4:4.9.2-2   amd64GNU 
C preprocessor (cpp)
ii  cpp-4.94.9.2-10amd64GNU 
C preprocessor
ii  cron   3.0pl1-127  amd64
process scheduling daemon
ii  dash   0.5.7-4+b1  amd64
POSIX-compliant shell
ii  debconf1.5.56  all  
Debian configuration management system
ii  debconf-i18n   1.5.56  all  
full internationalization support for debconf
ii  debian-archive-keyring 2014.3  all  
GnuPG archive keys of the Debian archive
ii  debianutils4.4+b1  amd64
Miscellaneous utilities specific to Debian
ii  diffutils  1:3.3-1+b1  amd64
File comparison utilities
ii  discover   2.1.2-7 amd64
hardware identification system
ii  discover-data  2.2013.01.11all  
Data lists for Discover hardware detection system
ii  dmeventd   2:1.02.90-2.2   amd64

Re: [Openvas-discuss] Openvas Agent

2016-02-25 Thread Brandon Perry


> On Feb 25, 2016, at 10:41 AM, Eero Volotinen  wrote:
> 
> Agent? There is no agents on openvas, only slaves.
> 

There are agents.

http://www.openvas.org/omp-6-0.html#command_create_agent 



But there isn’t an OpenVAS specific one.

> Eero
> 
> 25.2.2016 6.38 ip. "JULIAN BUSTOS DIAZ"  > kirjoitti:
> Hi there!
> 
> I would like to know how to use an agent on a scan. I use the Greenbone 
> Security Assistant but there is not a way of use an agent on a task. What is 
> the correct form of use an agent ?
> 
> Thank you!
> 
> --
> JULIAN BUSTOS DIAZ
> Universidad Carlos III de Madrid
> 
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org 
> 
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss 
> 
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Admin Role (restrictions) & Privileges

2016-05-14 Thread Brandon Perry


> On May 14, 2016, at 12:10 PM, TN TN <mpm7...@gmail.com> wrote:
> 
> Hi Brandon, that was quick. Thanks for the reply. I'm not looking for 
> multi-tenancy (even-though that concept would be nice), I've just had an 
> admin delete another admins profile, and trying to avoid that in the future, 
> if possible. Thanks, T

If you are trying to completely separate admin users (if you can’t trust them, 
why are they admins?), you are looking for multi-tenancy.

Best way to ensure it doesn’t happen again is give them two systems, not a 
shared one.

> 
> On 14 May 2016 at 13:04, Brandon Perry <bperry.volat...@gmail.com 
> <mailto:bperry.volat...@gmail.com>> wrote:
> 
> > On May 14, 2016, at 12:03 PM, TN TN <mpm7...@gmail.com 
> > <mailto:mpm7...@gmail.com>> wrote:
> >
> > Hi all, when I create two users and assign them an Admin role, lets name 
> > them admin1 and admin2 they can see each others username under 
> > Administration -> Users (in GSA). What privileges can I set to avoid having 
> > the admins see eachothers username? What if I create a new Role similar to 
> > the Admin role, what privileges would I need to assign it to avoid the 
> > above scenario? Any help would be greatly appreciated. Thanks, T
> 
> You are asking for multi-tenancy which I am not sure OpenVAS has a notion of. 
> You are better off creating two systems for them to access if you don’t want 
> this. Or use another vuln scanner.
> 
> > ___
> > Openvas-discuss mailing list
> > Openvas-discuss@wald.intevation.org 
> > <mailto:Openvas-discuss@wald.intevation.org>
> > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss 
> > <https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss>
> 
> 



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Admin Role (restrictions) & Privileges

2016-05-14 Thread Brandon Perry


> On May 14, 2016, at 12:03 PM, TN TN  wrote:
> 
> Hi all, when I create two users and assign them an Admin role, lets name them 
> admin1 and admin2 they can see each others username under Administration -> 
> Users (in GSA). What privileges can I set to avoid having the admins see 
> eachothers username? What if I create a new Role similar to the Admin role, 
> what privileges would I need to assign it to avoid the above scenario? Any 
> help would be greatly appreciated. Thanks, T

You are asking for multi-tenancy which I am not sure OpenVAS has a notion of. 
You are better off creating two systems for them to access if you don’t want 
this. Or use another vuln scanner.

> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] PHP not detected

2016-09-07 Thread Brandon Perry

You should be performing authenticated scans to detect these things, not 
unauthenticated external scans based on HTTP headers.

> On Sep 7, 2016, at 8:42 AM, Jiri K.  wrote:
> 
> Hello everyone,
> 
> I did a Full & Fast scan of our server which is running Apache and PHP
> 5.3.3, but OpenVAS (v8) couldn't detect that there was a PHP installed
> and didn't report any vulnerabilities (afaik there are several
> vulnerabilities in PHP 5.3.3).
> 
> I'm not sure how the php detection works, but I tried telnet and "GET
> / HTTP/1.0" and I noticed, that the returned header doesn't contain
> PHP version unless I do "GET /appfolder/ HTTP/1.0", could this be the
> reason why OpenVAS doesn't detect PHP on this server? If so, is there
> any way to tell it to try a specific path when doing PHP related
> tests?
> 
> Thank you for any help.
> 
> Best Regards,
>  Jiri K.
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Problem getting tasks to run - old and new

2016-09-14 Thread Brandon Perry

Please run openvasmd --rebuild and restart the manager (latter probably not 
needed).

> On Sep 14, 2016, at 2:41 PM, Allyn Baskerville  wrote:
> 
> The scans were running fine for a few weeks, but they stopped a couple days 
> ago. OpenVAS 8 is running on CentOS 7. I created a script to automatically 
> update the NVTs as follows:
> 
> #!/bin/sh
> PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
> /usr/sbin/openvas-nvt-sync | mail -s "OpenVAS NVT SYNC STATUS" 
> ad...@email.com 
> killall -s 1 openvassd
> 
> Crontab file:
> 0 18 * * *  /usr/local/bin/openvas-update.sh 2>&1 
> /tmp/CRONOUT-NVT-update.log;
> 
> I had accidentally created a task in UTC in lieu of CST, so the script ran 
> before a job was complete. This particular job was hung at 98% for two days 
> before I killed the process, but also after the script ran, no other jobs 
> would start up automatically. If I try to start them manually, the wheel 
> spins on the browser tab indefinitely, and eventually I have to log back into 
> the scanner. The tasks never start.
> 
> Here is what I see in the logs:
> 
> In gsad.log there are several of the following lines:
> gsad main:WARNING:2016-09-14 19h27.45 UTC:3668: MHD: Failed to receive data: 
> The TLS connection was non-properly terminated.
> gsad main:WARNING:2016-09-14 19h27.45 UTC:3668: MHD: Failed to receive data: 
> The TLS connection was non-properly terminated.
> 
> In openvasmd.log (just created a new task and tried to launch it 10 minutes 
> ago):
> event task:MESSAGE:2016-09-14 19h28.39 UTC:4693: Task Test 
> (660694a2-cbe2-4d6a-aa12-b0c86e40eb24) has been created by admin
> event task:MESSAGE:2016-09-14 19h28.53 UTC:4704: Task Test 
> (660694a2-cbe2-4d6a-aa12-b0c86e40eb24) has been modified by admin
> 
> Nothing new has been added to openvassd.log in 2 days since the problem 
> started.
> 
> I’m not sure what to do. Can anyone provide any guidance?
> 
> Thanks - baskervi
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org 
> 
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss 
> 


signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Problem getting tasks to run - old and new

2016-09-14 Thread Brandon Perry

Rebuilding takes a while. In the future —update is also a viable option, but I 
usually just run rebuild.


> On Sep 14, 2016, at 3:31 PM, Allyn Baskerville <all...@adsne.com> wrote:
> 
> Thanks Brandon, but it doesn’t appear this is ever going to finish. I had 
> started the rebuild immediately upon receipt of your email, and 40 minutes 
> later it is still rebuilding.
> 
> From: Brandon Perry [mailto:bperry.volat...@gmail.com]
> Sent: Wednesday, September 14, 2016 2:50 PM
> To: Allyn Baskerville
> Cc: openvas-discuss@wald.intevation.org
> Subject: Re: [Openvas-discuss] Problem getting tasks to run - old and new
> 
> Please run openvasmd --rebuild and restart the manager (latter probably not 
> needed).
> 
> On Sep 14, 2016, at 2:41 PM, Allyn Baskerville <all...@adsne.com 
> <mailto:all...@adsne.com>> wrote:
> 
> The scans were running fine for a few weeks, but they stopped a couple days 
> ago. OpenVAS 8 is running on CentOS 7. I created a script to automatically 
> update the NVTs as follows:
> 
> #!/bin/sh
> PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
> /usr/sbin/openvas-nvt-sync | mail -s "OpenVAS NVT SYNC STATUS" 
> ad...@email.com <mailto:ad...@email.com>
> killall -s 1 openvassd
> 
> Crontab file:
> 0 18 * * *  /usr/local/bin/openvas-update.sh 2>&1 
> /tmp/CRONOUT-NVT-update.log;
> 
> I had accidentally created a task in UTC in lieu of CST, so the script ran 
> before a job was complete. This particular job was hung at 98% for two days 
> before I killed the process, but also after the script ran, no other jobs 
> would start up automatically. If I try to start them manually, the wheel 
> spins on the browser tab indefinitely, and eventually I have to log back into 
> the scanner. The tasks never start.
> 
> Here is what I see in the logs:
> 
> In gsad.log there are several of the following lines:
> gsad main:WARNING:2016-09-14 19h27.45 UTC:3668: MHD: Failed to receive data: 
> The TLS connection was non-properly terminated.
> gsad main:WARNING:2016-09-14 19h27.45 UTC:3668: MHD: Failed to receive data: 
> The TLS connection was non-properly terminated.
> 
> In openvasmd.log (just created a new task and tried to launch it 10 minutes 
> ago):
> event task:MESSAGE:2016-09-14 19h28.39 UTC:4693: Task Test 
> (660694a2-cbe2-4d6a-aa12-b0c86e40eb24) has been created by admin
> event task:MESSAGE:2016-09-14 19h28.53 UTC:4704: Task Test 
> (660694a2-cbe2-4d6a-aa12-b0c86e40eb24) has been modified by admin
> 
> Nothing new has been added to openvassd.log in 2 days since the problem 
> started.
> 
> I’m not sure what to do. Can anyone provide any guidance?
> 
> Thanks - baskervi
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org 
> <mailto:Openvas-discuss@wald.intevation.org>
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss 
> <https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss>


signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] experience with hackertarget.com or similar services

2017-04-28 Thread Brandon Perry


> On Apr 28, 2017, at 6:21 AM, Niklas Klein  wrote:
> 
> Hello,
> 
> Does anyone have experience with hackertarget.com or similar services? In 
> short: Hackertarget offers to make vulnaribility scans against an ip given to 
> them. That would be interesting for us since we can not leave our coporate 
> network
> with all the ports that would be necessary (only somy stuff like http, https, 
> rsync ... are allowed, the firewall is managed by an other agency) but we 
> would like to scan our corporate website which is hosted somewhere else 
> (Before you ask, I wont scan without permission of the hoster)

You should not rely on a service like hackertarget to scan and manage perimeter 
vulnerabilities. If you have to be external, use AWS or another cloud provider.

> 
> Thanks in advance,
> 
> Niklas
> 
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



signature.asc
Description: Message signed with OpenPGP
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] sql errors

2017-06-12 Thread Brandon Perry


> On Jun 12, 2017, at 8:33 AM, Thijs Stuurman 
>  wrote:
> 
> No, never. These are also the kind of errors I never ever wish to see!
> 
> If your data is still there, scan tasks .. history etc’ I strongly urge you 
> to make a backup and repeat making backups just in case.
> Many things can cause these errors, I cannot give you any specific place to 
> start looking for a problem or solution.
> Perhaps it helps to get more log/verbose/debug information out of sqlite if 
> possible.
> Check versions, is everything up to date? (sqlite, openvas)
> 

Perhaps consider PostgreSQL instead, simply for potential visibility and easier 
diagnostics.

> 
> Thijs Stuurman
> Security Operations Center | KPN Internedservices
> thijs.stuur...@internedservices.nl 
>  | thijs.stuur...@kpn.com 
> 
> T: +31(0)299476185 | M: +31(0)624366778
> PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/ )
> Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048
> 
> W: https://www.internedservices.nl  | 
> L:http://nl.linkedin.com/in/thijsstuurman 
> 
> 
> Van: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] 
> Namens Turner,Jonas
> Verzonden: maandag 12 juni 2017 15:05
> Aan: openvas-discuss@wald.intevation.org
> Onderwerp: [Openvas-discuss] sql errors
> 
> Does anyone else get these as well? In my openvasmd.log I get this quite 
> often.  It appears when this happens my scans never seem to finish properly 
> and things just get out of sorts.
> 
> event task:MESSAGE:2017-06-08 08h00.13 EDT:25517: Task network_device_91 
> (3b792a23-25ab-459c-90db-2eb880099898) could not be resumed by admin
> event task:MESSAGE:2017-06-08 08h00.14 EDT:25517: Status of task 
> network_device_91 (3b792a23-25ab-459c-90db-2eb880099898) has changed to 
> Requested
> event task:MESSAGE:2017-06-08 08h00.15 EDT:25517: Task network_device_91 
> (3b792a23-25ab-459c-90db-2eb880099898) has been requested to start by admin
> md manage:WARNING:2017-06-08 08h00.15 EDT:25758: sql_exec_internal: 
> sqlite3_step failed: disk I/O error
> md manage:WARNING:2017-06-08 08h00.15 EDT:25758: sqlv: sql_exec_internal 
> failed
> md manage:WARNING:2017-06-08 08h00.15 EDT:25758: sql_exec_internal: 
> sqlite3_step failed: file is encrypted or is not a database
> md manage:WARNING:2017-06-08 08h00.15 EDT:25758: sqlv: sql_exec_internal 
> failed
> event task:MESSAGE:2017-06-08 08h00.44 EDT:25758: Status of task 
> network_device_91 (3b792a23-25ab-459c-90db-2eb880099898) has changed to 
> Stopped
> md manage:WARNING:2017-06-08 12h30.22 utc:16585: sql_exec_internal: 
> sqlite3_step failed: disk I/O error
> md manage:WARNING:2017-06-08 12h30.22 utc:16585: sqlv: sql_exec_internal 
> failed
> 
> Jonas Turner │ Security Analyst II
> Ph: 419.254.4890│Fax: 419.252.5557
> E-mail:  jotur...@hcr-manorcare.com 
> 
> 
> CONFIDENTIALITY NOTICE The information contained in this transmission is 
> intended only for the person or entity to which it is addressed and may 
> contain confidential and/or privileged material. If you are not the intended 
> recipient of this information, do not review, retransmit, disclose, 
> disseminate, use, or take any action in reliance upon, this information. If 
> you received this transmission in error, please contact the sender, destroy 
> all printed copies, and delete the material from all computers.   
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



signature.asc
Description: Message signed with OpenPGP
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] problem after compiling omp: libopenvas_omp.so.8

2017-05-23 Thread Brandon Perry


> On May 23, 2017, at 9:04 AM, Dehm, Jochen  wrote:
> 
> I want to use a 2nd server  to control my OpenVAS server via omp.
> 
> After building openvas-libraries and openvas-cli from the source, I get the 
> following error:
> 
> root@sv-idoit ~ # omp
> omp: error while loading shared libraries: libopenvas_omp.so.8: cannot open 
> shared object file: No such file or directory
> 
> root@sv-idoit ~ # which omp
> /usr/local/bin/omp
> 
> The file is however available:
> 
> root@sv-idoit ~/OpenVAS/openvas-cli-1.4.5/build # locate libopenvas_omp.so.8
> /root/OpenVAS/openvas-libraries-8.0.8/build/omp/libopenvas_omp.so.8
> /root/OpenVAS/openvas-libraries-8.0.8/build/omp/libopenvas_omp.so.8.0.8
> /usr/local/lib/libopenvas_omp.so.8
> /usr/local/lib/libopenvas_omp.so.8.0.8


Either set your —prefix=/usr when configuring (before compiling) so that make 
install installs to /usr instead of /usr/local.

Or, for immediate gratification.

export PATH=$PATH:/usr/local
omp —help

> 
> Someone an idea what was wrong?
> 
> Regards Joed
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



signature.asc
Description: Message signed with OpenPGP
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] problem after compiling omp: libopenvas_omp.so.8

2017-05-23 Thread Brandon Perry


> On May 23, 2017, at 9:17 AM, Reindl Harald <h.rei...@thelounge.net> wrote:
> 
> 
> 
> Am 23.05.2017 um 16:10 schrieb Brandon Perry:
>>> On May 23, 2017, at 9:04 AM, Dehm, Jochen <jochen.d...@freenet.de> wrote:
>>> 
>>> I want to use a 2nd server  to control my OpenVAS server via omp.
>>> 
>>> After building openvas-libraries and openvas-cli from the source, I get the 
>>> following error:
>>> 
>>> root@sv-idoit ~ # omp
>>> omp: error while loading shared libraries: libopenvas_omp.so.8: cannot open 
>>> shared object file: No such file or directory
>>> 
>>> root@sv-idoit ~ # which omp
>>> /usr/local/bin/omp
>>> 
>>> The file is however available:
>>> 
>>> root@sv-idoit ~/OpenVAS/openvas-cli-1.4.5/build # locate libopenvas_omp.so.8
>>> /root/OpenVAS/openvas-libraries-8.0.8/build/omp/libopenvas_omp.so.8
>>> /root/OpenVAS/openvas-libraries-8.0.8/build/omp/libopenvas_omp.so.8.0.8
>>> /usr/local/lib/libopenvas_omp.so.8
>>> /usr/local/lib/libopenvas_omp.so.8.0.8
>> Either set your —prefix=/usr when configuring (before compiling) so that 
>> make install installs to /usr instead of /usr/local.
> 
> bad idea when you spit random stuff without proper packaging around
> 
>> Or, for immediate gratification.
>> export PATH=$PATH:/usr/local
>> omp —help
> 
> nonsense - libraries has *nothing* to do with PATH
> 
> echo "/usr/local/lib/" > /etc/ld.so.conf.d/usr-local-lib.conf
> chmod 0644 /etc/ld.so.conf.d/usr-local-lib.conf
> ldconfig

Sorry, you’re right. I meant LD_LIBRARY_PATH. Unfortunately the coffee is still 
brewing.

> 
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org 
> <mailto:Openvas-discuss@wald.intevation.org>
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss 
> <https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss>


signature.asc
Description: Message signed with OpenPGP
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvasmd don't start after upgrade

2017-10-30 Thread Brandon Perry


> On Oct 30, 2017, at 8:18 AM, Reindl Harald  wrote:
> 
> 
> 
> Am 30.10.2017 um 14:03 schrieb Reindl Harald:
>> openvas-libraries-9.0.1-1.fc26.x86_64
>> openvas-manager-7.0.2-1.fc26.x86_64
>> openvas-cli-1.4.5-3.fc26.x86_64
>> openvas-gsa-7.0.2-2.fc26.x86_64
>> openvas-scanner-5.1.1-1.fc26.x86_64
>> it's not terrible helpful when a process exits with a error code and no 
>> message at all
>> [root@openvas:/etc/sysconfig]$ openvasmd
>> [root@openvas:/etc/sysconfig]$ openvasmd -f
> 
> ERROR: Database schema is out of date.
> FIX: Run 'openvasmd —migrate'

You could try —rebuild is well.

> 
> yeah if it would do something
> 
> [root@openvas:~]$ openvasmd --migrate
> [root@openvas:~]$ openvas-check-setup --v9
> openvas-check-setup 2.3.7
>  Test completeness and readiness of OpenVAS-9
> 
>  Please report us any non-detected problems and
>  help us to improve this check routine:
>  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
> 
>  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the 
> problem.
> 
>  Use the parameter --server to skip checks for client tools
>  like GSD and OpenVAS-CLI.
> 
> Step 1: Checking OpenVAS Scanner ...
>OK: OpenVAS Scanner is present in version 5.1.1.
>OK: redis-server is present in version v=3.2.11.
>OK: scanner (kb_location setting) is configured properly using the 
> redis-server socket: /tmp/redis.sock
>OK: redis-server is running and listening on socket: /tmp/redis.sock.
>OK: redis-server configuration is OK and redis-server is running.
>OK: NVT collection in /var/lib/openvas/plugins contains 55675 NVTs.
>OK: Signature checking of NVTs is enabled in OpenVAS Scanner.
>OK: The NVT cache in /var/cache/openvas contains 56315 files for 55675 
> NVTs.
> Step 2: Checking OpenVAS Manager ...
>OK: OpenVAS Manager is present in version 7.0.2.
>OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
>OK: Access rights for the OpenVAS Manager database are correct.
>OK: sqlite3 found, extended checks of the OpenVAS Manager installation 
> enabled.
>OK: OpenVAS Manager database is at revision 158.
>OK: OpenVAS Manager expects database at revision 184.
>ERROR: Database schema is out of date.
>FIX: Run 'openvasmd --migrate'.
> 
>> [root@openvas:/etc/sysconfig]$ systemctl status openvas-manager.service
>> ? openvas-manager.service - OpenVAS Manager
>>Loaded: loaded (/etc/systemd/system/openvas-manager.service; enabled; 
>> vendor preset: disabled)
>>Active: failed (Result: exit-code) since Mon 2017-10-30 14:00:06 CET; 
>> 2min 3s ago
>>   Process: 1339 ExecStart=/usr/sbin/openvasmd -f $MANAGER_LISTEN 
>> $MANAGER_PORT $SCANNER_LISTEN $SCANNER_PORT $MANAGER_OTP (code=exited, 
>> status=1/FAILURE)
>>  Main PID: 1339 (code=exited, status=1/FAILURE)
>> Okt 30 14:00:04 openvas.thelounge.net systemd[1]: openvas-manager.service: 
>> Failed with result 'exit-code'.
>> Okt 30 14:00:06 openvas.thelounge.net systemd[1]: openvas-manager.service: 
>> Service hold-off time over, scheduling restart.
>> Okt 30 14:00:06 openvas.thelounge.net systemd[1]: Stopped OpenVAS Manager.
>> Okt 30 14:00:06 openvas.thelounge.net systemd[1]: openvas-manager.service: 
>> Start request repeated too quickly.
>> Okt 30 14:00:06 openvas.thelounge.net systemd[1]: Failed to start OpenVAS 
>> Manager.
>> Okt 30 14:00:06 openvas.thelounge.net systemd[1]: openvas-manager.service: 
>> Unit entered failed state.
>> Okt 30 14:00:06 openvas.thelounge.net systemd[1]: openvas-manager.service: 
>> Failed with result 'exit-code'.
>> [root@openvas:/etc/sysconfig]$
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



signature.asc
Description: Message signed with OpenPGP
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Empty vulnerabilities in report

2018-06-26 Thread Brandon Perry



Sent from my iPhone

> On Jun 25, 2018, at 10:01 PM, Daryn Utesbayev  wrote:
> 
> Hi, 
> We deployed OpenVas in our organization for monitoring vulnerabilities. After 
> that we checked many targets host to get reports of vulnerabilities. Further 
> OpenVAS scans produce reports displaying multiple services running but 
> without vulnerabilities results according to below. 

Are you doing authenticated scans?

> 
> CPE: cpe:/a:openbsd:openssh:7.4
> Concluded from remote connection attempt with credentials:
>   Login: VulnScan
>   Password: VulnScan
> nvt1.3.6.1.4.1.25623.1.0.10267Service
>  detection 
> (1.3.6.1.4.1.25623.1.0.10267)Appcpe:/a:openbsd:openssh:7.4nvt1.3.6.1.4.1.25623.1.0.10267Service
>  detection 
> (1.3.6.1.4.1.25623.1.0.10267)cpe:/a:openbsd:openssh:7.42/tcpnvt1.3.6.1.4.1.25623.1.0.10267Service
>  detection 
> 
> So why OpenVAS doesn't scan vulnerabilities?
> 
> Environment is
> VM Linux kali 4.16.0-kali2-686-pae #1 SMP Debian 4.16.12-1kali1 (2018-05-28) 
> i686 GNU/Linux with selinux disabled;
> openvas-check-setup 2.3.7
>   Test completeness and readiness of OpenVAS-9
> 
>   Please report us any non-detected problems and
>   help us to improve this check routine:
>   http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
> 
>   Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the 
> problem.
> 
>   Use the parameter --server to skip checks for client tools
>   like GSD and OpenVAS-CLI.
> 
> Step 1: Checking OpenVAS Scanner ...
> OK: OpenVAS Scanner is present in version 5.1.1.
> OK: redis-server is present in version v=4.0.10.
> OK: scanner (kb_location setting) is configured properly using the 
> redis-server socket: /var/run/redis-openvas/redis-server.sock
> OK: redis-server is running and listening on socket: 
> /var/run/redis-openvas/redis-server.sock.
> OK: redis-server configuration is OK and redis-server is running.
> OK: NVT collection in /var/lib/openvas/plugins contains 45687 NVTs.
> OK: Signature checking of NVTs is enabled in OpenVAS Scanner.
> OK: The NVT cache in /var/cache/openvas contains 45687 files for 
> 45687 NVTs.
> Step 2: Checking OpenVAS Manager ...
> OK: OpenVAS Manager is present in version 7.0.2.
> OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
> OK: Access rights for the OpenVAS Manager database are correct.
> OK: sqlite3 found, extended checks of the OpenVAS Manager 
> installation enabled.
> OK: OpenVAS Manager database is at revision 184.
> OK: OpenVAS Manager expects database at revision 184.
> OK: Database schema is up to date.
> OK: OpenVAS Manager database contains information about 45683 NVTs.
> OK: At least one user exists.
> OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
> OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
> OK: xsltproc found.
> Step 3: Checking user configuration ...
> WARNING: Your password policy is empty.
> SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password 
> policy.
> Step 4: Checking Greenbone Security Assistant (GSA) ...
> OK: Greenbone Security Assistant is present in version 7.0.2.
> OK: Your OpenVAS certificate infrastructure passed validation.
> Step 5: Checking OpenVAS CLI ...
> OK: OpenVAS CLI version 1.4.5.
> Step 6: Checking Greenbone Security Desktop (GSD) ...
> SKIP: Skipping check for Greenbone Security Desktop.
> Step 7: Checking if OpenVAS services are up and running ...
> OK: netstat found, extended checks of the OpenVAS services enabled.
> OK: OpenVAS Scanner is running and listening on a Unix domain socket.
> WARNING: OpenVAS Manager is running and listening only on the local 
> interface.
> This means that you will not be able to access the OpenVAS Manager 
> from the
> outside using GSD or OpenVAS CLI.
> SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless 
> you want
> a local service only.
> OK: Greenbone Security Assistant is listening on port 443, which is 
> the default port.
> Step 8: Checking nmap installation ...
> WARNING: Your version of nmap is not fully supported: 7.70
> SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE 
> NVTs.
> Step 10: Checking presence of optional tools ...
> OK: pdflatex found.
> OK: PDF generation successful. The PDF report format is likely to 
> work.
> OK: ssh-keygen found, LSC credential generation for GNU/Linux targets 
> is likely to work.
> OK: rpm found, LSC credential package generation for RPM based 
> targets is likely to work.
> OK: alien found, LSC credential package generation for DEB based 
> targets is likely to work.
> OK: nsis found, LSC credential package generation for

Re: [Openvas-discuss] stupid question

2017-10-27 Thread Brandon Perry


> On Oct 25, 2017, at 2:10 PM, AP - Alan Jackson  
> wrote:
> 
> I am brand new to the discussion list.  Is there a way to search through the 
> archive of all the past threads?  I don’t want to post a question that has 
> already been answered, and I would rather not open each archive month by 
> month to search for a topic.  That seems incredibly inefficient.

One point of the discussion list archives is that they are easily indexable by 
search engines. A well-crafted search will bring any relevant list posts as 
search results.

> 
> Thank you.
> 
> Alan Jackson, CISSP, CIPM
> Director of Cyber Security Services
> Ashland Partners & Company LLP
> 541.842.8458 Direct
> 541.857.8800 Main
> a...@ashlandpartners.com 
> www.ashlandpartners.com 
> This email and any files transmitted with it are confidential and intended 
> solely for the use of the individual or entity to whom they are addressed. 
> This footnote also confirms that this email message has been swept for the 
> presence of computer viruses.
> 
> 
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org 
> 
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss 
> 


signature.asc
Description: Message signed with OpenPGP
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] distribute the load for a single task amongst a list of scanners?

2018-08-07 Thread Brandon Perry



> On Aug 7, 2018, at 7:34 AM, Fichter, Frédéric  
> wrote:
> 
> Hello all,
> 
> Is there a way to distribute the load for a single task amongst a list of 
> scanners?

You should instead split the size of the task up and schedule smaller network 
blocks, rather than trying to run the single large task.

> 
> Thanks,
> 
> Fred
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



signature.asc
Description: Message signed with OpenPGP
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Scanning for vulnerabilities in Oracle Database

2018-04-07 Thread Brandon Perry



> On Apr 7, 2018, at 10:56 AM, Anantha Raghava  
> wrote:
> 
> Hi,
> 
> I have been using OpenVas vulnerability scanning for sometime now.
> 
> I am trying to scan for Oracle Database on Windows to start with for 
> vulnerabilities. When I select Full & Fast scan config, I receive report 
> "Oracle tns lister refused connection" error. It detects the ports properly, 
> but Oracle tns listner refuses the connection. I tried to create a new scan 
> config, selected Databases NVT. It resulted 0 vulnerabilites  whereas Oracle 
> 11g is running on the target host.
> 
> How do I scan Oracle for vulnerabilities? Can some one guide me how to 
> proceed further?
> 

Chances are you want to do an authenticated scan on the machine so that patch 
levels can be enumerated. Then you don’t have to worry about connecting to 
Oracle at all.

> --
> 
> Thanks & Regards,
> 
> Anantha Raghava
> Do not print this e-mail unless required. Save Paper & trees.
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org 
> 
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss 
> 


signature.asc
Description: Message signed with OpenPGP
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

< 1 2

101 - 188 of 188 matches

Mail list logo