> -Ursprüngliche Nachricht-
>
> I wasn't aware that you need rpm and alien for windows stuff. The posted
> documentation by Michael also says that you just need nsis?
Yes, you need nsis. Without nsis all downloaded exe have 0 Byte.
Michael
--
Michael Helms, m.he...@wvigmbh.de
WVI
Hello,
I have ask this a few days ago, but the problem still exist. In short:
I scanned an Win7 machine, remote registry service = manual. Scan with domain
admin, login ok.
The scan don't start the remote registry service, and so the scanresults are
poor.
Can someone verify or falsify this
Hi All,
Since from a week and half, I am trying to search internet on fixing below
error.
I installed openvas on Kali Linux and noticed that scans are getting hanged.
For that I tried
#openvas-setup
And NVT is getting updated and hangs here. Not sure what is happening.
mdotp-Message:
Please help to find solution
openvas-check-setup 2.3.3
Mode: desktop
Date: Tue, 09 Feb 2016 10:17:41 +0530
Checking for old OpenVAS Scanner <= 2.0 ...
/usr/bin/openvas-check-setup: 177: /usr/bin/openvas-check-setup: openvasd: not found
Checking presence of OpenVAS Scanner ...
OpenVAS
Hi All,
Since from a week and half, I am trying to search internet on fixing below
error.
I installed openvas on Kali Linux and noticed that scans are getting hanged.
For that I tried
#openvas-setup
And NVT is getting updated and hangs here. Not sure what is happening.
mdotp-Message:
I have been trying everything I can find online, and still OpenVAS will only
listen on 127.0.0.1. I have installed Debian Linux (Jessie), and used apt to
install OpenVAS. The install appeared to go well, and openvas-check-setup
seems happy overall.
I have attached the openvas-check-setup.log
Hi,
Looks like openvas manager is not started start it.
To start run command openvasmd
cross verify manager is started or not by running command netstat -antp
following response you should gett
tcp6 0 0 :::9390 :::*LISTEN
15857/openvasmd
Thanks,
Antu
On
Hi,
You need create an administrator user with the --create-user option of
"openvasmd":
$ openvasmd --create-user=myuser
The new user's password is printed on success.
An administrator user can later create further users or
administrators via clients like the Greenbone Security Assistant
Thank you Rene Behring.
I followed your advise to upgrade to version 9. I removed openvas8 first and
then installed the version openvas9
Then, I did the following:
sudo openvas-nvt-sync
sudo openvas-scapdata-sync
sudo openvas-certdata-sync
sudo service openvas-manager stop
sudo service
I understand how to fix. Change the ‘SECURE’ by ‘NORMAL’ in a .c file. Sorry
for my stupid question..
I have compiled the source. Copied the certificate at the right place.
I’m currently running the scap data sync which takes time…
> Le 11 févr. 2016 à 14:24, Rene Behring
Your post made me doubt. I thought I had use the same settings but it seems
that not.
I made a new test and results are the same.
I still have to solve the gsa crashes
Thanks
> Le 11 févr. 2016 à 14:24, Rene Behring a écrit :
>
> Well i thought, that the ppa has it
I use openvas9 on ubuntu and openvas8 on Kali.
On both OS, I don’t have any firewall neither packet filter.
The only message I have in gsa.log is:
gsad main:WARNING:2016-02-11 18h39.58 UTC:6175: MHD: Error: received handshake
message out of context
> Le 11 févr. 2016 à 14:24, Rene Behring
> Your post made me doubt. I thought I had use the same settings but it seems
> that not.
> I made a new test and results are the same.
>
> I still have to solve the gsa crashes
So you use OpenVAS 8 on Ubuntu oder Kali? Is there any kind of Firewall/Package
Filter?
And what does the gsad log
>
> Mhhh, i thought you have solved that by installing alien/rpm as
> previously posted?
Before the initial post I had already nsis. Because of your question I removed
nsis,
checked Win download and then reinstalled nsis.
Indeed I solved the problem by installing alien (that brings rpm with
>>> As i remember correctly, we started 3 tasks with 1 target each. After every
>>> task was DONE (so we had no trouble) all the data remains on the slave. So
>>> not only the Portlists, the task, the scanconfig and the target (i think
>>> even the credentials).
>>
>> Can you douoble-check that
Hi,
> Opensvas doesn’t mark the system as dead, but I only have the following logs :
>
> - OS fingerprinting
> - ICMP Timestamp Detection
> - Traceroute
> - CPE Inventory
that are too few log entries. You should have at least:
> - Checks for open tcp ports
containing the detected open ports
Thank you Chris.
I used the port list 'All tcp' + full’n’fast scan.
The system is alive as I’m able to ping it or to scan it with nmap.
Opensvas doesn’t mark the system as dead, but I only have the following logs :
- OS fingerprinting
- ICMP Timestamp Detection
- Traceroute
- CPE Inventory
I
Sounds all good to me. Have you scanned an other host? (maybe localhost)
You could also try the openvas 9 beta from the ppa...
> Am 11.02.2016 um 12:18 schrieb blackndoor :
>
> Thank you Chris.
>
> I used the port list 'All tcp' + full’n’fast scan.
> The system is alive
Yes, I tried other scans before with no success.
Here is the content of openvasmd.log :
md main:MESSAGE:2016-02-11 12h46.03 utc:19584: OpenVAS Manager version
6.1+beta2 (DB revision 155)
lib serv:WARNING:2016-02-11 12h46.03 utc:19585: Failed to shake hands with
peer: The signature algorithm is
Well i thought, that the ppa has it already fixed, maybe not for version 9. You
can fix it yourself but then you have to compile it.
Heres something about that problem:
https://lists.wald.intevation.org/pipermail/openvas-discuss/2016-January/009171.html
The patch is the attachment.bin file ?
If I understand, I have to uninstall openvas9 and download the official source
of openvas9,
Sorry for my stupid question but what I have to do with the patch file ? place
it somewhere in the source before compiling (after compiling)?
Thanks
> Le 11 févr.
Hi,
> The patch is the attachment.bin file ?
> If I understand, I have to uninstall openvas9 and download the official
> source of openvas9,
> Sorry for my stupid question but what I have to do with the patch file ?
> place it somewhere in the source before compiling (after compiling)?
based
Alright… It seems to work now but not completely…
In fact, I scan the same metasploitable with my ubuntu and with Kali linux 2.
The version of openvas is not the same on both but the feed version of NVT,
SCAP and CERT are the same.
the result is different..
On Ubuntu :
- 1 hight
- 7 medium
- 1
Hi,
> On Ubuntu :
> - 1 hight
> - 7 medium
> - 1 low
> - 55 logs
>
> On kali the scan takes longer than on ubuntu. I stopped it at 96%:
> - 15 hight
> - 35 medium
> - 7 low
> - 88 logs
>
You might want to compare the port scan settings, enabled NVTs and
scan options on for each task on each
> > I wasn't aware that you need rpm and alien for windows stuff. The posted
> > documentation by Michael also says that you just need nsis?
>
> Yes, you need nsis. Without nsis all downloaded exe have 0 Byte.
Mhhh, i thought you have solved that by installing alien/rpm as previously
posted?
Well that sucks, sorry for that! Have you tried other scans before?
What is the openvasmd.log saying? (I had the Same issues because of the
certificates...)
Am 11.02.2016 13:37 schrieb "blackndoor" :
> Thank you Rene Behring.
>
> I followed your advise to upgrade to version
26 matches
Mail list logo