Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-22 Thread Jan-Oliver Wagner
On Dienstag, 20. Oktober 2015, Reindl Harald wrote: > Am 20.10.2015 um 14:15 schrieb Eero Volotinen: > > You need to configure gnutls-priority string for each daemon, now you > > just configured it for gsad (greenbone security assistant) > > the main question remains why a vulnerability scanner

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-22 Thread Reindl Harald
Am 22.10.2015 um 09:58 schrieb Jan-Oliver Wagner: On Dienstag, 20. Oktober 2015, Reindl Harald wrote: Am 20.10.2015 um 14:15 schrieb Eero Volotinen: You need to configure gnutls-priority string for each daemon, now you just configured it for gsad (greenbone security assistant) the main

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Diego Gomes
ice ? Diego > From: fisch@gmx.de > To: openvas-discuss@wald.intevation.org > Date: Tue, 20 Oct 2015 14:13:38 +0200 > Subject: Re: [Openvas-discuss] Vulnerabilities OpenVAS > > Hi, > > > gsad > > --gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Eero Volotinen
com>: > > Thanks Eero, > > So, Can I understand that I am running openvas 7? > > And I understand that atomic team did not release openvas 8, because I did > not find any update yet. > > So, I need to wait for version 8 from atomic corp and use gnutls? I will > need to st

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Diego Gomes
TLS1.0" Thanks, Diego Date: Tue, 20 Oct 2015 15:15:14 +0300 Subject: Re: [Openvas-discuss] Vulnerabilities OpenVAS From: eero.voloti...@iki.fi To: diego_...@hotmail.com CC: openvas-discuss@wald.intevation.org You need to configure gnutls-priority string for each daemon, now you just configured it

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Reindl Harald
Am 20.10.2015 um 14:15 schrieb Eero Volotinen: You need to configure gnutls-priority string for each daemon, now you just configured it for gsad (greenbone security assistant) the main question remains why a vulnerability scanner complaining about other services not at least starts with

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Diego Gomes
-VERS-TLS1.0" is enought for gsad. Should I insert it in the systemd as well? Diego Date: Tue, 20 Oct 2015 15:31:38 +0300 From: eero.voloti...@iki.fi To: h.rei...@thelounge.net CC: openvas-discuss@wald.intevation.org Subject: Re: [Openvas-discuss] Vulnerabilities OpenVAS Yes, It should enable on

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Chris
Hi, > gsad > --gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0" > > restarted openvas-manager, openvas-scanner, gsad > > Started scan against localhost and the same results: you also need to add this gnutls-priorities to the openvas-manager (openvasmd)

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Eero Volotinen
and also remember to issue daemon reload to systemd to get modified startup-script changes to effective. -- Eero 2015-10-20 15:13 GMT+03:00 Chris : > Hi, > > > gsad > --gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0" > > > > restarted

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Eero Volotinen
Yes, It should enable only tlsv1.2 on default settings, if possible :) -- Eero 2015-10-20 15:29 GMT+03:00 Reindl Harald : > > Am 20.10.2015 um 14:15 schrieb Eero Volotinen: > >> You need to configure gnutls-priority string for each daemon, now you >> just configured it

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Eero Volotinen
.intevation.org > > Date: Tue, 20 Oct 2015 14:13:38 +0200 > > Subject: Re: [Openvas-discuss] Vulnerabilities OpenVAS > > > > Hi, > > > > > gsad > --gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0" > > &g

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Reindl Harald
ngs in any other software - i would call that situation pervert but that don't change the fact override a systemd-unit is as easy as something can be To: openvas-discuss@wald.intevation.org From: h.rei...@thelounge.net Date: Tue, 20 Oct 2015 18:51:19 +0200 Subject: Re: [Openvas-discuss] Vulnerabi

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-20 Thread Diego Gomes
Thanks Reindl, It seems a little complicated, right? Does anyone applying it to secure the own OpenVAS? Diego To: openvas-discuss@wald.intevation.org From: h.rei...@thelounge.net Date: Tue, 20 Oct 2015 14:35:23 +0200 Subject: Re: [Openvas-discuss] Vulnerabilities OpenVAS Am 20.10.2015 um 14

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-18 Thread Eero Volotinen
well. update to openvas 8 and then use gnutls priority strings to change ssl cipher settings.. Eero 2015-10-19 1:28 GMT+03:00 Diego Gomes : > Hello, > > I ran against localhost and I found those Vulnerabilities for tcp/9390 > (openvasmd) > > - POODLE SSLv3 Protocol CBC

Re: [Openvas-discuss] Vulnerabilities OpenVAS

2015-10-18 Thread Eero Volotinen
w to do it. > > Thanks, > > Diego > > -- > Date: Mon, 19 Oct 2015 01:32:48 +0300 > Subject: Re: [Openvas-discuss] Vulnerabilities OpenVAS > From: eero.voloti...@iki.fi > To: diego_...@hotmail.com > CC: openvas-discuss@wald.intevation.org &g