Thanks Chris,
So, I need to:
vi /usr/lib/systemd/system/openvas-scanner.service
insert
"--gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0""
this line at the end of the file?
The same for /usr/lib/systemd/system/openvas-manager.service
?
Diego
> From:
You need to configure gnutls-priority string for each daemon, now you just
configured it for gsad (greenbone security assistant)
--
Eero
2015-10-20 15:07 GMT+03:00 Diego Gomes :
> Hello,
>
> I used this command:
>
> gsad
>
Eero, did you already do it?
Sorry but, do you mean that I need to run like this?
openvasmd
--gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0"
openvassd
--gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0"
Thanks,
Am 20.10.2015 um 14:15 schrieb Eero Volotinen:
You need to configure gnutls-priority string for each daemon, now you
just configured it for gsad (greenbone security assistant)
the main question remains why a vulnerability scanner complaining about
other services not at least starts with
Right, why did not have a step by step to fix it?
of course, everybody wants that no vulnerability in your scanner, right?
and it is very confused to apply those fix
Now, I am not sure if just running:
gsad
Hi,
> gsad
> --gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0"
>
> restarted openvas-manager, openvas-scanner, gsad
>
> Started scan against localhost and the same results:
you also need to add this gnutls-priorities to the openvas-manager (openvasmd)
and also remember to issue daemon reload to systemd to get modified
startup-script changes to effective.
--
Eero
2015-10-20 15:13 GMT+03:00 Chris :
> Hi,
>
> > gsad
> --gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0"
> >
> > restarted
Yes, It should enable only tlsv1.2 on default settings, if possible :)
--
Eero
2015-10-20 15:29 GMT+03:00 Reindl Harald :
>
> Am 20.10.2015 um 14:15 schrieb Eero Volotinen:
>
>> You need to configure gnutls-priority string for each daemon, now you
>> just configured it
Something like that, but should enable only TLSv1.2 for best security.
--
Eero
2015-10-20 15:30 GMT+03:00 Diego Gomes :
> Thanks Chris,
>
> So, I need to:
>
> vi /usr/lib/systemd/system/openvas-scanner.service
>
> insert
>
Thanks Matthew! Now I can see the Filter over there.
So, Can I understand that now, the report attached and sent by email will be
with that filter I created, right?
And for example:
Scan Management --> Reports --> Chose Report
Change the Report to Summary and Download
Almost in the end of the
Hi Carlos, did you already run with sucess the OpenVAS under FreeBSD?
(under what version and architecture,
if I may ask??)
thanks in advance,
VinÃcius
On Tue, Oct 20, 2015 at 11:24 AM, Carlos L. Martinez <
carlopm...@protonmail.ch> wrote:
> Hi all,
>
> Anyone had tried to install openvas 8
Am 20.10.2015 um 18:53 schrieb Diego Gomes:
Yes, it seems..
Maybe because I am not so familiar with this method of systemd!
I will try anyway,
it is as simple as i explained
just take a systemd-unit from /usr/lib/systemd/system and copy it to
/ect/systemd/system - the reason why you
Thanks Reindl,
It seems a little complicated, right? Does anyone applying it to secure the own
OpenVAS?
Diego
To: openvas-discuss@wald.intevation.org
From: h.rei...@thelounge.net
Date: Tue, 20 Oct 2015 14:35:23 +0200
Subject: Re: [Openvas-discuss] Vulnerabilities OpenVAS
Am 20.10.2015 um
Reported vulnerability count is not a useful measurement for comparing two
vulnerability scanners.
One vulnerability scanner may report all missing patches, including ones that
are superseded by others in the same report, while another does not.
For instance, OpenVAS is far more useful to me
Well, I was using nessus professional (commercial edition) for many years,
but about two years go I switched to OpenVAS.
For our PCI DSS needs openvas is enought good and it's more flexible than
Nessus. I think also that openvas lsc (local checks, patch check) support
is better than in Nessus.
15 matches
Mail list logo