Re: [Openvas-discuss] Communicating directly with the OpenVAS scanner

[Benoît Allard]

On Wed, 21 Jun 2017 11:50:18 +0100
Dario Teixeira  wrote:

> Hi,
> 
> > You're trying to use the manager protocol, which is used by the
> > openvasmd not openvassd. Communicating with openvassd directly (over
> > OTP) is for internal usage and is not recommended for external
> > clients as it may change at any time.
> 
> Thanks for the reply.  I'm trying to communicate directly with
> Openvassd using the OSP protocol (formerly known as OTP, if I
> understand correctly).
> According to the docs [1], "" is part of the OSP API, 
> which
> is why I'm puzzled it doesn't work.

OSP is not the same as OTP. OSP is meant to replace OTP in some kind of
future, but the current openvassd does only talk OTP as Hani said.

If you're looking for scanners that can talk the 'OSP' protocol, you
can find various example under the trunk/osp-servers directory in svn:

https://wald.intevation.org/scm/viewvc.php/trunk/osp-servers/?root=openvas

At the moment, none of them is able to process nasl code.

Regards,
Ben.

>  Note that I'm writing a daemon
> that replaces Openvasmd, which is why using OMP or relying on
> Openvasmd is not
> an option.
> 
> Best regards,
> Dario Teixeira
> 
> [1] http://docs.greenbone.net/API/OSP/osp-1.0.html
> 
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



pgpVttCA5rmlK.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] nic definition blanked for all tasks if undefined in Web UI dialog for a single NEW task during creation

[Benoît Allard]

On Mon, 19 Jun 2017 14:28:11 +0200
Benoît Allard <benoit.all...@greenbone.net> wrote:

> On Mon, 19 Jun 2017 09:22:11 +0200
> "r.m6" <r...@univie.ac.at> wrote:
> 
> > Hi Christian,
> > 
> > did you get any feedback in the meanwhile - or did you find a
> > solution? Is there any official instance to report bugs to? I am
> > wondering why this problem is not more visible in the community. It
> > is extremely distracting if you try to use openVAS in daily
> > business.
> > 
> > Is there anybody in the community who does NOT see the described
> > problem? This information would be very valuable too because it
> > could give some hints if it is a general bug or if it only happens
> > in some configuration.
> > 
> > Many thanks in advance!
> 
> I was able to reproduce it on a greenbone appliance as well. We are
> working on a fix. Thank you very much for reporting. I'm sorry we
> previously missed it.
> 
> For issues with a security relevance, you can send a mail to
> <secur...@greenbone.net>. I believe that is your best option. For
> issues with a smaller impact, reporting here, or on -devel is a good
> start. Pinging us on irc might work as well, sometimes.
> 
> There is a bug-tracker on wald. Unfortunately it's not widely used,
> neither by the developers, nor by the community. Buying an appliance,
> though would give you access to the customer portal. Maybe you can
> arrange an access to it by contacting sales <sa...@greenbone.net>. I
> cannot speak on their behalf.
> 
> I'll let you know when the fix lands in the repository.
> 

If you have the possibility to build from source, the following
revision (one per openvas release) should fix that issue:

- OpenVAS-8:  28715
- OpenVAS-9:  28714
- Trunk:  28713

The next tarball release will include the fixes. They will be
released promptly.

Thanks again for reporting the issue (again).

Best Regards,
Ben.


pgpAr2q_uAJSx.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] nic definition blanked for all tasks if undefined in Web UI dialog for a single NEW task during creation

[Benoît Allard]

On Mon, 19 Jun 2017 09:22:11 +0200
"r.m6"  wrote:

> Hi Christian,
> 
> did you get any feedback in the meanwhile - or did you find a
> solution? Is there any official instance to report bugs to? I am
> wondering why this problem is not more visible in the community. It
> is extremely distracting if you try to use openVAS in daily business.
> 
> Is there anybody in the community who does NOT see the described
> problem? This information would be very valuable too because it could
> give some hints if it is a general bug or if it only happens in some
> configuration.
> 
> Many thanks in advance!

I was able to reproduce it on a greenbone appliance as well. We are
working on a fix. Thank you very much for reporting. I'm sorry we
previously missed it.

For issues with a security relevance, you can send a mail to
. I believe that is your best option. For
issues with a smaller impact, reporting here, or on -devel is a good
start. Pinging us on irc might work as well, sometimes.

There is a bug-tracker on wald. Unfortunately it's not widely used,
neither by the developers, nor by the community. Buying an appliance,
though would give you access to the customer portal. Maybe you can
arrange an access to it by contacting sales . I
cannot speak on their behalf.

I'll let you know when the fix lands in the repository.

Regards,
Ben

> 
> 
> On 09.06.2017 10:33, Ebert, Christian wrote:
> > Hi everyone,
> >
> > we experienced exactly the same problem here. It happens in OpenVAS
> > 8 (Debian8, Debian 9) as well as in OpenVAS 9 (Kali rolling
> > release).
> >
> > I did report that to this mailing list, but didn't get any response.
> >
> > Best regards
> >
> > Christian Ebert
> >
> > Chief Security Analyst, CISM, T.I.S.P.
> >
> > Head of Penetration Testing
> >
> >  
> >
> > QSC AG
> >
> > Mathias-Brüggen-Straße 55 
> >
> > 50829 Köln 
> >
> >  
> >
> > T  +49 221 669-8950 
> >
> > F  +49 221 669-85950 
> >
> > M  +49 163 6698950 
> >
> > christian.eb...@qsc.de 
> >
> > http://www.qsc.de  
> >
> >  
> >
> > Besuchen Sie unsere Blogs:
> > Corporate Blog unter _http://blog.qsc.de _ 
> > Themen-Blog zur Digitalisierung
> > unter _http://digitales-wirtschaftswunder.de
> > _
> >
> >  
> >
> > Bitte finden Sie hier die handelsrechtlichen Pflichtangaben:
> >
> > http://www.qsc.de/pflichtangaben
> >
> >  
> >
> >
> > Am 09.06.2017 um 08:46 schrieb r.m6  > >:
> >
> > Dear openVAS Community,
> >
> > we are using an openVAS 8 installation (ubuntu 16.04 server) with
> > multiple scan interfaces (eth0, gre1, gre2) for vulnerability
> > scanning.
> >
> > Some tasks are configured for "Network Source Interface" (in the
> > Web UI "Edit Task" dialog) eth0, some others for gre
> >
> > We have observed that if the field "Network Source Interface" is (by
> > accident) left blank when creating a new or editing an existing
> > task, openVAS resets ALL other existing tasks for all OTHER openVAS
> > user accounts on this openVAS instance to blank. This results in
> > scanning from eth0 (the default) for ALL existing tasks - which is
> > extremely annoying for scheduled tasks because the results are
> > messed up, alerts are sent (because of the changed scan score) and
> > each user has to repair each single task.
> >
> > Did anyone else observe this behavior or - preferred :) - has a
> > solution for this problem?
> >
> > Many thanks in advance!
> >
> > ___
> > Openvas-discuss mailing list
> > Openvas-discuss@wald.intevation.org
> > 
> > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
> 



pgpc4OR_3BVXq.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] SSH with key

[Benoît Allard]

First, I hope you generated a new keypair after posting it to this list.

On Thu, 15 Jun 2017 15:32:56 +0500
Umar Draz <unix...@gmail.com> wrote:

> Ok Here what I did
> 
> -BEGIN RSA PRIVATE KEY-\n
> MIIEowIBAAKCAQEAlyAvAVqVt7JA6iUdTe3QUkeLe5Djb6xLWKDqC+LWuGjy/4LrHqS3gIXqV/wd\n
> sOn/wZ8BXdgY5g4u7T2vH/Gt+VUGfgjsDOYNsYKvIlTyqiar+wZplvWjw14jSV4nIr4CgqoYqi+D\n
> 5UN+6fJrhEauWDEvwfv0pa0i9xbWKHmPK1X2e/Ue6M66RlYZvOihcTPJhSd2kUH9Mzi1x1gXXHaQ\n
> yZ2k3HYFI/rYDOknboncyldj4alCbf61GFi48/Xz9yWVDD1JSiJs0nNLQiNxAW15TGNV0iSFCCYA\n
> OMIAWF9siRobIZxU5l1TQehv6DGIChyla/IPdlTZYrqqqs/GfzFr9QIDAQABAoIBABkHZYGN5Rnl\n
> VcbxmqbbahMWck1ms6Q9HsVw8RJC4VjtWMFkh1gt445Pn34u7SPtvUPt96X5MjZ3xuHXw3dA6ZVP\n
> taGODLoeJ8psYGEJPJ9dhEIwz7AGwraKksGF7Glemr/VN/yHngqMYSqR0ai4pAtLKiOwfNYrlIzj\n
> pVhSuZltg0fr6IGiT5VpcNj/3T89syBqMBGSZVxETSDaYox1Y6tXhogHnq7YeT44q8Oz17GOYrRv\n
> gfEHuHsaV51EtZudRtHZJh2xSjd25y0iOWn8ZiyfWCBIBDUTKeOkAGSCGiHjEBcCeg44qyKS2jXm\n
> av5IRwL1JdTmj7xYaM6BOOwUeEECgYEA5qqa83UhqNTLeoFReBSXO+XObvUWZcJFHCj3KKkfRP+u\n
> fJi6v/HISnf9YLTaffJkURj8XJkyQjaTNstLDTQN1O09jbntFnuMCqUgG7pNav7Bv8uDimUqNBED\n
> -END RSA PRIVATE KEY-
> 
> But it was failed with this error
> 
> Erroneous private key or associated passphrase

Then, we misunderstood each other. I meant to open the .pem file with a
text editor, move the cusror to the end of the file (After the very last
"-"), then press , and save the modifed file.

You should then be able to import that new modified file into gsa
without generating an error.

If you still struggle to have that working, best is to join us via irc
on #openvas in OFTC. It will be easier to help you that way than with
interposed mails.

Best Regards,
Ben.

> 
> On Thu, Jun 15, 2017 at 3:28 PM, Benoît Allard
> <benoit.all...@greenbone.net> wrote:
> 
> > On Thu, 15 Jun 2017 15:23:23 +0500
> > Umar Draz <unix...@gmail.com> wrote:
> >
> > > Hi Benoit
> > >
> > > You meant I need to modify my .pem file and add this \n ?
> > >
> >
> > That is correct.
> >
> > > Regards
> > >
> > > On Thu, Jun 15, 2017 at 3:15 PM, Benoît Allard
> > > <benoit.all...@greenbone.net> wrote:
> > >
> > > > On Thu, 15 Jun 2017 14:46:42 +0500
> > > > Umar Draz <unix...@gmail.com> wrote:
> > > >
> > > > > Hello,
> > > > >
> > > > > Thanks for your response, first of all the link you sent me
> > > > > for authenticated user quite different then I have installed
> > > > > version of Openvas. My Linux boxes are running on AWS where I
> > > > > have my .pem key
> > > > >
> > > > > Please find attached image. I tried to add my key but it was
> > > > > failed
> > > > >
> > > > > I also had check the logs from /var/log/openvas/openvasmd.log
> > > > > and there I saw the following as well while creating my
> > > > > credentials
> > > > >
> > > > > GLib:UNKNOWN:2017-06-15 09h40.42 UTC:28145: gmem.c:100:
> > > > > failed to allocate 18446744073623177295 bytes
> > > >
> > > > That is a known bug that has only been fixed recently. I
> > > > believe the workaround was simply to add a trailing line to the
> > > > keyfile before uploading it.
> > > >
> > > > Regards,
> > > > Ben.
> > > >
> > > > >
> > > > > Regards,
> > > > >
> > > > >
> > > > > On Thu, Jun 15, 2017 at 2:25 PM, Christian Fischer <
> > > > > christian.fisc...@greenbone.net> wrote:
> > > > >
> > > > > > Hi,
> > > > > >
> > > > > > On 15.06.2017 10:56, Umar Draz wrote:
> > > > > > > I have few centos linux hosts with ssh key only access,
> > > > > > > what is the correct way to add key in openvas so I can
> > > > > > > scan those hosts
> > > > > >
> > > > > > there is a documentation available here which shows the
> > > > > > needed information about such "Authenticated Scans":
> > > > > >
> > > > > > http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.
> > > > > > html#authenticated-scan
> > > > > >
> > > > > > If you're using ed25519 keys also be aware that you need a
> > > > > > recent libssh version 0.7.0 or later on your scanning
> > > > > > machine:
> > > > > >
> > > > > > https://www.libssh.org/2015/05/11/libssh-0-7-0/
> > > > > >
> > > > > > > Regards
> > > > > >
> > > > > > Regards,
> > > > > >
> > > > > > --
> > > > > >
> > > > > > Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
> > > > > > Greenbone Networks GmbH | http://greenbone.net
> > > > > > Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B
> > > > > > 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver
> > > > > > Wagner ___
> > > > > > Openvas-discuss mailing list
> > > > > > Openvas-discuss@wald.intevation.org
> > > > > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/
> > > > openvas-discuss
> > > >
> > > >
> >
> >



pgpYJBlnEWWPU.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] SSH with key

[Benoît Allard]

On Thu, 15 Jun 2017 15:23:23 +0500
Umar Draz <unix...@gmail.com> wrote:

> Hi Benoit
> 
> You meant I need to modify my .pem file and add this \n ?
> 

That is correct.

> Regards
> 
> On Thu, Jun 15, 2017 at 3:15 PM, Benoît Allard
> <benoit.all...@greenbone.net> wrote:
> 
> > On Thu, 15 Jun 2017 14:46:42 +0500
> > Umar Draz <unix...@gmail.com> wrote:
> >
> > > Hello,
> > >
> > > Thanks for your response, first of all the link you sent me for
> > > authenticated user quite different then I have installed version
> > > of Openvas. My Linux boxes are running on AWS where I have
> > > my .pem key
> > >
> > > Please find attached image. I tried to add my key but it was
> > > failed
> > >
> > > I also had check the logs from /var/log/openvas/openvasmd.log and
> > > there I saw the following as well while creating my credentials
> > >
> > > GLib:UNKNOWN:2017-06-15 09h40.42 UTC:28145: gmem.c:100: failed to
> > > allocate 18446744073623177295 bytes
> >
> > That is a known bug that has only been fixed recently. I believe the
> > workaround was simply to add a trailing line to the keyfile before
> > uploading it.
> >
> > Regards,
> > Ben.
> >
> > >
> > > Regards,
> > >
> > >
> > > On Thu, Jun 15, 2017 at 2:25 PM, Christian Fischer <
> > > christian.fisc...@greenbone.net> wrote:
> > >
> > > > Hi,
> > > >
> > > > On 15.06.2017 10:56, Umar Draz wrote:
> > > > > I have few centos linux hosts with ssh key only access, what
> > > > > is the correct way to add key in openvas so I can scan those
> > > > > hosts
> > > >
> > > > there is a documentation available here which shows the needed
> > > > information about such "Authenticated Scans":
> > > >
> > > > http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.
> > > > html#authenticated-scan
> > > >
> > > > If you're using ed25519 keys also be aware that you need a
> > > > recent libssh version 0.7.0 or later on your scanning machine:
> > > >
> > > > https://www.libssh.org/2015/05/11/libssh-0-7-0/
> > > >
> > > > > Regards
> > > >
> > > > Regards,
> > > >
> > > > --
> > > >
> > > > Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
> > > > Greenbone Networks GmbH | http://greenbone.net
> > > > Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B
> > > > 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> > > > ___
> > > > Openvas-discuss mailing list
> > > > Openvas-discuss@wald.intevation.org
> > > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/
> > openvas-discuss
> >
> >



pgpG39Ebajnx1.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] SSH with key

[Benoît Allard]

On Thu, 15 Jun 2017 14:46:42 +0500
Umar Draz  wrote:

> Hello,
> 
> Thanks for your response, first of all the link you sent me for
> authenticated user quite different then I have installed version of
> Openvas. My Linux boxes are running on AWS where I have my .pem key
> 
> Please find attached image. I tried to add my key but it was failed
> 
> I also had check the logs from /var/log/openvas/openvasmd.log and
> there I saw the following as well while creating my credentials
> 
> GLib:UNKNOWN:2017-06-15 09h40.42 UTC:28145: gmem.c:100: failed to
> allocate 18446744073623177295 bytes

That is a known bug that has only been fixed recently. I believe the
workaround was simply to add a trailing line to the keyfile before
uploading it.

Regards,
Ben.

> 
> Regards,
> 
> 
> On Thu, Jun 15, 2017 at 2:25 PM, Christian Fischer <
> christian.fisc...@greenbone.net> wrote:
> 
> > Hi,
> >
> > On 15.06.2017 10:56, Umar Draz wrote:
> > > I have few centos linux hosts with ssh key only access, what is
> > > the correct way to add key in openvas so I can scan those hosts
> >
> > there is a documentation available here which shows the needed
> > information about such "Authenticated Scans":
> >
> > http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.
> > html#authenticated-scan
> >
> > If you're using ed25519 keys also be aware that you need a recent
> > libssh version 0.7.0 or later on your scanning machine:
> >
> > https://www.libssh.org/2015/05/11/libssh-0-7-0/
> >
> > > Regards
> >
> > Regards,
> >
> > --
> >
> > Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
> > Greenbone Networks GmbH | http://greenbone.net
> > Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
> > Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> > ___
> > Openvas-discuss mailing list
> > Openvas-discuss@wald.intevation.org
> > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



pgpJqy9Ir0lZI.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS9 Postgresql on a different server

[Benoît Allard]

On Wed, 8 Feb 2017 07:51:31 -0500
TN TN  wrote:

> Hi all, what config file can i modify to tell the openvas manager
> that the postgresql database server is not on the same server as the
> manager? Thanks T

Just modifying a configuration value will not be enough as openvas is
also relying on server extensions (i.e. custom libraries you will have
to install on your postgresql server to extend its capabilities).

For this reason, the path to the databsse server is not configurable
(yet ?).

Regards,
Ben.


pgpE1EW9spmmv.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OMP on openvas9

[Benoît Allard]

On Mon, 6 Feb 2017 17:25:59 -0800
Dan ½  wrote:

> Hi,
> 
> I'm trying to migrate from openvas8 to openvas9. I've got the system
> in a working state. On openvas8, I performed most of my interactions
> using the omp client. In openvas9, it seems that openvassd/openvasmd
> are now listening on unix sockets.
> 
> I know that I can configure openvasmd to run over TCP with
> "listen=127.0.0.1". However, I cannot figure out how to tell omp how
> to reach openvasmd when running in the default configuration where
> unix sockets are utilized. I'm assuming that I'm missing something
> obvious... Can somebody please educate me?
> 

You can use the socat(1) utility to expose the unix-socket on a local
port.

Look at the TCP-LISTEN and UNIX-CONNECT options.

Regards,
Ben.



pgpDOBQrzTD71.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Distribute Scans among multi scanners

[Benoît Allard]

Hi,

On Sun, 1 May 2016 17:18:34 -0400
TN TN  wrote:

> Hi,
> 
> I accidentally wrote "scammers" in my previous post last month,
> apologies for the mistake.
> 
> If we setup more than one OpenVAS scanner how can we load-balance the
> different scans to use 2 or more scanners? Is it an automatic process
> (when the one scanner fills up with requests, the other will take
> over)? Not sure how to distribute the load between 2+ scanners. Can
> someone please help. Thanks -T

There is no automatic load-balancing in place. The usual way to
distribute load is to distribute your scanners in the different
networks (geographically, if needed to be), and have each one of them
care for the network they are the nearest to.

Due to some issues with the scanner protocol, it is best to distribute
a manager together with each of your scanners, and configure the
managers to talk with each others, and each one of them to talk with
their own scanner (locally).

Hope this helps,

Regards,
Ben.


pgp1YxYG52EUu.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Ramifications of OSVDB closure

[Benoît Allard]

On Wed, 06 Apr 2016 08:15:29 -0600
James Lay  wrote:

> :(
> 
> https://blog.osvdb.org/2016/04/05/osvdb-fin/
> 
> What impact will this have on OpenVAS?
> 

We have dozen of NVTs who refers to their website, those references
will need to be fixed.

Other than that, I'm not sure there will be any implication. Maybe for
the NVT writing process though, we will need to look for other source of
information.

Please correct me if I missed something.

Regards,
Ben.


pgpvpfrUUWMqB.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] NVT modifications

[Benoît Allard]

Dear Korodev,

On Sun, 13 Mar 2016 11:11:46 -0400
Korodev  wrote:

> Is there a proper way to maintain plugin modifications? I realize
> custom plugins can be put in the private directory, but I assume
> changes I make to plugins in the NVT feed will be overwritten on
> update.
> 

You are highly encouraged to contribute your fixes back upstream, so
that they benefit everyone ! Please post your modification either to
this list or to the openvas-plugins@... one.

Feel free to join the IRC channel (#openvas on OFTC) if you have more
questions about the process.

Regards,
Ben.


pgpZXA8NnPX7e.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Compile Error in OpenVAS Manager 6.0.7 with fix

[Benoît Allard]

On Tue, 22 Dec 2015 16:16:21 +
Rene Leipold  wrote:

> Hi Folks,
> 
> While updateing the new Release of OpenVAS 8 I encountered an error
> in the openvas-manager:
> 
> The "make" quit with the following error message. Altough I could
> have changed the warn_unused_result attribute I decided to change the
> src.
> 
> /opt/openvas/openvas-manager-6.0.7/src/manage_sql.c: In function
> 'keyword_type_from_string': 
> /opt/openvas/openvas-manager-6.0.7/src/manage_sql.c:2656:10:
> error: ignoring return value of 'strtol', declared with attribute
> warn_unused_result [-Werror=unused-result]

That was a bug in glibc (#13970) that was fixed in version 2.16. indeed,
wheezy is based on version 2.13, which still has this bug. If you build
with the 'Release' BUILD_TYPE:

cmake -DCMAKE_BUILD_TYPE=Release .

The -Werror will not be there and the error should (magically)
disappear.

Regards,
Ben.


pgpxLkuzgEt_9.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Greenbone assistant scan stalls at 99%

[Benoît Allard]

On Wed, 20 Jan 2016 08:43:33 + (UTC)
Alain du Toit  wrote:

> Hi there, 
> I'm unsure of how to search within this forum to see if others have
> posted questions about the same thing so please excuse me if this is
> a duplicated question. I am doing an Openvas scan using the Greenbone
> Security Assistant running out of my Kali Linux virtual machine.  I
> have setup several scan targets covering external IP's, internal IP's
> for servers and desktops, and some wireless access points.  For the
> most part all of the scans run okay with no hassles, they finish
> properly and provide the complete report.  The only scan that doesn't
> complete is the desktop scan.  For the desktop scan I created a
> target using a text file with all the IP addresses in.  There are 20
> IP addresses in that list.  I am running a full and very deep scan
> and it seems to stall at 99%.  I let it run for over 24 hours and it
> still hadn't finished.  I eventually cancelled it, and restarted the
> scan, it is stuck at 99% again. I have set the maximum concurrently
> executed NVT's per host to 8 and the maximum concurrently scanned
> hosts to 20 (default). Is there any way I can find out why the scan
> is stalling at 99% ? Thank you. 

One way would be to have a look at the list of processes running on
your system when the scan is at 99%. If you still have some openvassd
processes that are executing NVTs (visible in the proctitle - process
name), then your scan is indeed not finished.

If you have no openvassd processes running, then your scan
actually ended, and you are experiencing an issue.

Some vulnerability tests (NVTs) do takes a lot of time, like the
ssh_bruteforce one for instance.

Best Regards,
Ben.


pgpdUrIkss0rZ.pgp
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] MikroTek Dropping Traffic

[Benoît Allard]

On Wed, 16 Sep 2015 23:20:30 -0500
Mike Michalak <m...@trail9.com> wrote:

> Hello,
> 
> I am performing an audit on a network with a MikroTek router.
> 
> Any scan that I perform sits at 1% or 2%, but never advances.
> 
> Any thoughts on this?  Is the router dropping or blocking the traffic?
> 
> Also, is there a way to do a stealth scan?

There is no way to explicitly perform a stealth scan. Best you can do
is I believe limit your scans to one host and one NVT concurrently.

Please keep in mind that OpenVAS is not designed to be a Pen-tester
tool, but rather a monitoring solution, as such the usual answer to
your trouble is to configure your router in such a way that it
explicitly allow all traffic related to your OpenVAS machine(s).

Hope that helps.

Regards,
Ben.

-- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner


signature.asc
Description: PGP signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Problem with Version 8

[Benoît Allard]

On Wed, 20 May 2015 14:06:53 +
Beadle, Bruce bruce.bea...@atcoretec.com wrote:

 Hi,
 
 Thanks for the quick response, I have version 1.4.16-1ubuntu2.3 which
 was installed via the usual apt-get install method. 
 
 Should I upgrade?

I don't think it would help, I was more thinking that if you were using
a newer incompatible version, this could be the trouble, but that's not
the case.

Is the problem happening every time you start a scan ? Is the scan
started in the end ? You could tell your service manager (systemd,
supervisor, init-script, runit, ...) to restart the service everytime it
dies ?

Regards,
Ben.

 
 Thanks,
 Bruce.
 
 -Original Message-
 From: Benoît Allard [mailto:benoit.all...@greenbone.net] 
 Sent: 20 May 2015 14:56
 To: Beadle, Bruce
 Cc: openvas-discuss@wald.intevation.org
 Subject: Re: [Openvas-discuss] Problem with Version 8
 
 On Wed, 20 May 2015 12:46:25 +
 Beadle, Bruce bruce.bea...@atcoretec.com wrote:
 
  Hi,
  
  I've just installed OpenVAS 8 from source on Ubuntu 14.04. I'm
  seeing the following error when running a scan via the Greenbone
  web gui:
  
  O j: ... this is a bug (sexp.c:1340:vsexp_sscan)
  
 
 Looks like this is the way gnupg is dying. What version are you
 using ? Anything special you can tell us about your gnupg
 installation ? I have openvas running fine with the jessie version of
 gnupg (1.4.18). Maybe you are using a more recent version ?
 
 Regards,
 Ben.
 
 --
 Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
 Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
 
 The contents of this e-mail and any attachments are for the intended
 recipient only. If you are not the intended recipient, you are not
 authorised to and must not disclose, copy, distribute, or retain this
 message or any part of it. It may contain information which is
 confidential and/or covered by legal professional or other privilege.
 Contracts cannot be concluded with us nor legal service effected by
 email. ATCORE Technology Ltd Registered in England No. 3698178
 Registered Office: 353 Buckingham Avenue Slough Berks SL1 4PF United
 Kingdom VAT Registration No. GB 787 4249 79



-- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner


signature.asc
Description: PGP signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Problem with Version 8

[Benoît Allard]

On Wed, 20 May 2015 12:46:25 +
Beadle, Bruce bruce.bea...@atcoretec.com wrote:

 Hi,
 
 I've just installed OpenVAS 8 from source on Ubuntu 14.04. I'm seeing
 the following error when running a scan via the Greenbone web gui:
 
 O j: ... this is a bug (sexp.c:1340:vsexp_sscan)
 

Looks like this is the way gnupg is dying. What version are you using ?
Anything special you can tell us about your gnupg installation ? I have
openvas running fine with the jessie version of gnupg (1.4.18). Maybe
you are using a more recent version ?

Regards,
Ben.

-- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner


signature.asc
Description: PGP signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS-8: spread the word

[Benoît Allard]

On 04/02/2015 12:44 PM, Eero Volotinen wrote:
 Hi,
 
 Libraries 8 link is not working on openvas install from source page: Libraries
 8.0.1
 http://wald.intevation.org/frs/download.php/2050/openvas-libraries-8.0.1.tar.gz
  (
 http://wald.intevation.org/frs/download.php/2050/openvas-libraries-8.0.1.tar.gz
 )

Thanks for the heads-up !

The correct link is


https://wald.intevation.org/frs/download.php/2015/openvas-libraries-8.0.1.tar.gz.

I hope it's fixed now.

Ben

-- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner



signature.asc
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] ospd-ssl error and creating a target

[Benoît Allard]

Hi Gerard,

On 02/28/2015 04:35 PM, Gerald Lorenz wrote:
 Hi,
 
 I'm still testing ospd-module. Now I'm getting the following message:
 
 ospd.ospd: INFO: Listening on 127.0.0.1:1234
 ospd.ospd: DEBUG: New connection from 127.0.0.1:44294
 ospd.ospd: DEBUG: SSL error: The read operation timed out
 ospd.ospd: DEBUG: 127.0.0.1:44294: Connection closed
 ospd.ospd: INFO: 1cfbf821-46c0-4eaa-8716-35bb6896af38: Scan started.
 ospd.ospd: INFO: 127.0.0.1: Scan started.
 ospd_w3af.wrapper: INFO: w3af scan using fast_scan profile.
 ospd.ospd: DEBUG: New connection from 127.0.0.1:44296
 ospd.ospd: DEBUG: SSL error: The read operation timed out
 ospd.ospd: DEBUG: 127.0.0.1:44296: Connection closed
 ospd.ospd: DEBUG: New connection from 127.0.0.1:44311
 ospd.ospd: DEBUG: SSL error: The read operation timed out
 ospd.ospd: DEBUG: 127.0.0.1:44311: Connection closed
 ospd.ospd: DEBUG: New connection from 127.0.0.1:44312
 ospd.ospd: DEBUG: SSL error: The read operation timed out
 ospd.ospd: DEBUG: SSL close error: 
 ospd.ospd: DEBUG: New connection from 127.0.0.1:44314
 ospd.ospd: DEBUG: SSL error: The read operation timed out
 ospd.ospd: DEBUG: 127.0.0.1:44314: Connection closed
 ...
 ...and it's going on and on. W3af via console without ospd is working fine. 
 

as you can see, this is only debug information, nothing *wrong* with
this. Indeed, for the moment, we rely on timeout conditions to make sure
that the whole message as been received before processing it.

 
 The second issue is, can I create a target using the slash? For example:
 I wanna scan a website mywebsite/index, but it doesn't work, because the 
 gsa doesn't accept the slash (/).
 In this case, I get the error message Error in host specification.

This indeed looks more like an error. Do you think that you're
proficient enough in python to try to find the root of the issue ? I'll
be glad to integrate a patch from you !

Thank you very much for all the valuable tests !

Regards,
Ben.

-- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner



signature.asc
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] ospd-w3af AttributeError

[Benoît Allard]

On 02/27/2015 01:05 PM, lorenz.ger...@t-online.de wrote:
 Hi,
 
 I'm testing the w3af via ospd. While starting the daemon I'm getting the 
 following Error Message:
 
 Traceback (most recent call last):
   File /usr/local/bin/ospd-w3af, line 9, in module
 load_entry_point('ospd-w3af==1.0b3', 'console_scripts', 'ospd-w3af')()
   File 
 /usr/local/lib/python2.7/dist-packages/ospd_w3af-1.0b3-py2.7.egg/ospd_w3af/wrapper.py,
  line 300, in main
 daemon_main('OSPD - w3af_consle wrapper', OSPDw3af)
   File 
 /usr/local/lib/python2.7/dist-packages/ospd-1.0_beta5-py2.7.egg/ospd/misc.py,
  line 518, in main
 cafile=cargs['cafile'])
   File 
 /usr/local/lib/python2.7/dist-packages/ospd_w3af-1.0b3-py2.7.egg/ospd_w3af/wrapper.py,
  line 135, in __init__
 self.add_scanner_param(name, param)
 AttributeError: 'OSPDw3af' object has no attribute 'add_scanner_param'
 
 Does anybody know what's going wrong?

You're using an older version of the 'ospd' module, We should make sure
that the dependencies are correct, thanks for the heads-up !

Regards,
Ben.

-- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner



signature.asc
Description: OpenPGP digital signature
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Openvas help

[Benoît Allard]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 12/15/2014 07:48 AM, Shashank Dwivedi wrote:
 Hi All,
 
 
 I am looking for a sample vulnerability scan report in xml format
 for a scan done through Openvas and dtd for understanding it. Any
 help is much appreciated.
 

The reports exported from OpenVAS are documented in the OMP
documentation. There is no dtd for it.

See http://www.openvas.org/omp-5-0.html#command_get_reports

Good luck !
Ben.

- -- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJUjrELAAoJEHZCfVOzCgWwm/QIAL9R1g7RC7yMUXe545VG9xli
VgOPaXrEy/fNXgr8yFJtU+62tBTWDtqRl+qtoZNxu9bAfn4JSm+sUoLFUUQA7TQ6
JFErv+siPG5EHgSvXQ+fbKhpcMe2o8XIVds/cRGiHnHyn8ZM5lfikFF0ZJzjhFoH
QaA7MhR3QmhB5wCLRQyXfVNNHrxcA3Wl1z0XSokGwOzGnGbR0nyzv70o5yxxQKh5
ygofPdXxCBvOTyvaS12b5Lyl2UWpBafyCn6nx/W7SeF7hSrXLPgRpjiUAaAu4Exa
8e0dAWEDsOzWhKgalhhQh8Xba+S2MDo47OTNnwM0eEJhJsad77lyw5pu/AM07II=
=FVff
-END PGP SIGNATURE-
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Wapiti

[Benoît Allard]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 12/11/2014 06:34 PM, Joachim Hader [secudor] wrote:
 Hi All, seems to be a everlasting problem to get Wapiti running
 under CentOS Linux release 7.0.1406 (Core).
 
 I installed OpenVAS from the atomic repository. Wapiti and Nikta
 are installed also. Nikta is working well, after installing LW2.pm
 manualy. But Wapiti 2.3.0 will not be working with OpenVAS 7.
 Wapiti works fine on the commandline (wapiti http://url)
 
 How to solve it?

Joachim,

We get this question (How to interpret the results from scanner X in
openVAS) asked a lot lately. With this in mind, we started working on
a new 'scanner-plugin' system. The goal is to configure external
scanners directly in gsa, so that the manager interact with them
directly (instead of embedded in NVTs via the openvas-scanner).

The base concept is ready (and working !), and as a started point, we
already implemented support for w3af, ovaldi and SecPod Ancor. The
code is in SVN and will be included in OpenVAS-8.

There are still improvements to the concept on their way (that whole
stuff is quite new, hence, not mature yet), but implementing new 'OSP
Servers' (as we call them) would greatly help us better identify the
rough edges.

If you, or anyone else reading this message feel like you want to
contribute there, feel free to contact me or anyone from Greenbone
Networks to coordinate tasks, we would even be ready to sponsor some
work there ($$$ !).

In the meantime, I believe your best bet is to start wapiti manually,
parse the logs yourself, and forget that you saw some kind of wapiti
integration in OpenVAS ... (Same apply for Arachni, and Nikta
unfortunately).

Best Regards,
Ben.

- -- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJUiq6ZAAoJEHZCfVOzCgWwTEMH/0/D/KywhepcrxpMECmDPsPN
JD1s8UCE01PQUdGOG7XEET+9xApnmNa4vzIFaO6GP1j51ZmLfDUfvef/WEXML5rd
n43h2QI3Eb5VJF5LpG2q+Cbiv+j/vSP/vcManlB5u2XGQXE6aTzUOSLYI3Xib1bx
wOuvaEl1KMA4HQRPL08B5KR7bGPLpPNYmHlBiioaY/wqGK7Iv8YJnbrJE3YMwj5p
XamYjqXqJrzqmv3EcgOkHeax/VF3HXFbzu+6MyZS+VrQHI0tz3xc2GqyVmGSS9Q3
a2i776LUnSgkGae/y+nKEXV+rn6oJ+s7urifAHfNW3bQxECjZMlH19RSFnRvyEk=
=jo42
-END PGP SIGNATURE-
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Scap and Cert Feeds Broken

[Benoît Allard]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 12/04/2014 09:29 AM, Jean-Pierre Aubin wrote:
 Hi,
 
 I just installed openvas 6 on debian 7.7 and it seems ok but I
 cannot feed SCAP and CERT by the following commands :
 openvas-certdata-sync and openvas-scapdata-sync.
 
 It seems rsync failed (code 20) with SCAP or CERT broken.
 

Sorry to hear that,

It looks like our servers are being overloaded. I think we have a hard
limit on 200 concurrent connections, and that limit is being exercised
most of the time.

 For nvt it's the same but I solved the problem with the option
 --curl but, unfortunately, --curl and --wget are not availables for
 scap and cert.
 
 Have you any idea ?
 

One solution would be to spread some mirrors over the world, maybe
through cloudfare / amazon ? We'd rather not have to change the update
scripts, as it's quite impractical to do so at each installation site,
meaning we have to continue use that hardcoded URL.

Has anyone experience with such setups ? Any better idea ?

Best Regards,
Ben.

- -- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJUgCRsAAoJEHZCfVOzCgWwIPUIAOX7KbBvv7I5KBj4+7Kvtw1K
Zjk6OiT3pbHBJ2UaEHT/OAgnyxxVQPJMIx+CDlGFg9+pr+/aZexZx7OEbmv/afQ/
YbuKrG57KvQjsGdMwDIGZawzXJF1gbEKqdHwZPjGUVBbTlBF/vCeyLQVJ6L4Yk40
YQw0gGq0zD0gJ//8V2fbPMLybNIohtjlnFSU+PTIJaBcg8D2HnsXCUImi2TVIwP2
fKH1Rru75xBsqs9WDZTrns2agDbbT8pwk5ooMwn1OppjT2Uv16iqUyTq000anY+V
JIrMoB1FoTOd+PpH0vHb7mhAdluVkyZqW+PmAr023KbWOkt4ScXcvUGRf5e8zfw=
=RkUl
-END PGP SIGNATURE-
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] (no subject)

[Benoît Allard]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 09/17/2014 05:42 PM, paky...@libero.it wrote:
 i send this mail because i have a problem during the process of
 compilation of openVAS 7.0 manager package on openSuse OS. I have
 installed openVAS libraries and openVAS scanner without problems. 
 But during the installation of openVAS manager i have a problem. I
 have executed the cmake command and its execution is OK. When i try
 to perform the make command it return this error: error: call to
 function ‘process_otp_scanner_input’ without a real prototype
 

Thanks for bringing our attention to this (again). Of course the right
solution was not to silent the warning. but to fix the source. This
has been done in svn and will be included in the next series of tarballs.

Best Regards,
Ben.


- -- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJUGtUJAAoJEHZCfVOzCgWwtUMIAMfA/Kdbn+JM+sHM9rQODQVY
mj9ofVY584IJ4LvZ7ZwdUom+7CVfQ7d8FEvI9yMTGDU4GYUbWHo6xEJfx1HuXLv6
EQ9qXuj86L0KUhl1p0GpSaOh2DCJRQYW66ebTXJDbePuaQ3k8XDEbDvqXOYAphSQ
WO06X78hJiGblD0DG/VOuN/XvquxUowykPUIPuLKoMcmC/w8kD13hTBuU+68TjfG
zKrXlxnouQp+gYLYOsmvIzFYBhldPxNCPBs0FxlyJkULHQp99u2cE1aCct6+ARgH
Z/bUgV1ClCVzmaaBJyeUAqUC8nOlPTE5FeFVFHyO/leyqp4QQJk02B1rJqhdjGU=
=FYfH
-END PGP SIGNATURE-
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] GSAD on Openvas 7 doesn't take credentials, hosts or tasks

[Benoît Allard]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 08/14/2014 08:32 PM, Tom Powers wrote:

 Looks like I can create targets just fine?but Credentials?are a no
 go?.it sits and hangs on the  credentials
 

I had the same problem last week, in my case, the system was lacking
entropy to generate a new PGP key (was easy to see as openvasmd had a
hanging gpg child process).

I installed `haveged`, and the key generation finished within seconds,
unblocking the rest.

Regards,
Ben.

- -- 
Benoît Allard (B30A05B0)|Greenbone Networks GmbH|http://greenbone.net
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJT7bneAAoJEHZCfVOzCgWwR8IH/RvuHJ15/2v28OdlQi1USgDs
Ef/gwoXdy7B2+lj8R59uERfLPGw3AJN39oQi8kwSyzfzXk3pjDUPjnQR+csksmKG
2OcuvSElEHY386gbEzpMDpFeDmyibhm8KaiumWPfISwyOwy9CtWVrP+/7ff2348x
AQat44+CBb6vFZwaKi9Sw1/sKnx1SW2aPL1QrPJA1Mh2XvMpMSt4UV6YiSNMngdb
JiXEAlTANyv0/7m8yEFe7iY1F5ARtAlRbJJiJL0ebfPdN7ZrEs5atNANNeVK3KlB
L5PLsLbJ3/8I4TmU5b6uYY4uUfSXwXSZBURiV60dv18rkPYPamv0rGfgRJDdhoU=
=msNt
-END PGP SIGNATURE-
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss