[Openvas-discuss] gvm_pyshell connection woes
Good afternoon, I am experiencing authentication issues using either ssh or tls when trying to authenticate. Fresh install of openvas9 using the mrazavi/openvas repo. I am able to issue the following and connect and execute scripts without issue openvasmd -c ovsock gvm_pyshell socket --sockpath ovsock --gmp_username admin --gmp_password admin ./myscript.gmp This, however, is leaving multiple openvasmd instances running. I've run netstat -tulep and see that it is listening on port 6379 and changed the port values when connecting using TLS. I get a handshake timeout. Using ssh i simply get an authentication failed message. If there's a configuration item or something else I've missed, I've scoured the ultraweb in search of it. Any pointers would be much appreciated. Chris Morse, CISA, CISM ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Windows SBS2011 and CVE-2014-1812
Hi. Running OV8 on Ubuntu from M.Ravazi PPA, and everything seems to work well, but there are definitely some CVE’s that are definitely a problem on the Windows SBS2011 server, but are not being picked up on Openvas. The Specifics are that CVE-2014-1812 requires the gppref.dll to be between 6.1.7601.22000 -> 22604 ( for server 2008 R2) which is what SBS2011 is built on. The Actual file version or gppref.dll on the machine is 6.1.7601.17514 ( ie should be reporting this as a problem) My Scan config is Network Vulnerability Test Families : Windows : all selected Windows : Microsoft Bulletins : all selected, and 'Microsoft Group Policy Preferences Privilege Elevation Vulnerability (2962486)' is located in this list. This is an authenticated scan with a valid domain account, and the 'Login configurations' - NTLMSSP - yes The Actual reported operating system version is OS Name: Microsoft Windows® Small Business Server 2011 Standard OS Version:6.1.7601 Service Pack 1 Build 7601 Does anyone have any thoughts as to why this is not being picked up, or is there something I have not selected ? Many Thanks Chris - RFEL : SIGNAL PROCESSING IQ : FPGA EXPERTISE Chris Bridges , Head of IT & Engineering Support , DDI +44 (0)1983 216631 M +44 (0)7776 234533 RFEL Ltd, Unit B, The Apex, St Cross Business Park, Newport, Isle of Wight, PO30 5XW,UK T +44 1983 216600 F +44 1983 216611 E chris.brid...@rfel.com W www.rfel.com - Company No : 2389307 : This e-mail is for the intended addressee only. If you have received it in error then you must not use, retain, disseminate or otherwise deal with it. Please notify the sender by return email and then delete the e-mail. The views of the author may not necessarily constitute the views of RFEL Ltd. _ This email has been scanned by the MessageLabs _ ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas manager not listening and scan results are blank
Hi, > 1. I can't get the manager to work on all interfaces, I have changed the config setting in the /etc/default folder for the services and no luck I have restarted the services and the VM. have a look at the notice of the attached config settings: > # NOTE: This file is not used if you are using systemd. Kali Linux is probably already on systemd. If you need further configuration help its probably also recommended to ask at the Kali forums for help as they know their system a little bit better then most of the users at this list. > 2. I am not able to scan. when I setup a scan on the local console for an out side machine or the local hst i get no results. Unfurtunately this contains too few info to be able to help here. A starting point would be info like: - Which scan config have you used? - Are yo getting absolutely no results or only a few log lines? - Are the systems you're trying to scan reachable via an ICMP Ping? (Note the "Alive Test" config when creating a new target: http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#creating-a-target) ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Scanning assistance
Hi, On 08/04/2016 04:10 > What am I missing? have a look at the "Alive test" options when configuring a target: http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#creating-a-target Might be possible that the system is not pingable. Furthermore use the pre-defined "Full'n'Fast" scan Config for now (if you use a custom one). ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] using ssh on port xxxx for Local Security Check ?
Hi, > is it possible to set openvas to use another port than the typical TCP:22 to > make the Local Security Check ? when creating a new target as seen here: http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#creating-a-target you can specify the SSH credentials and the port which should be used. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Running periodic tasks manually?
Hi, > Currently, I need to change the task, remove the schedule, run it by > clicking on the "play" button. it seems this is not possible within the overview but if you change into the Task itself you will find the "Start" button at the top (at least in the current OpenVAS 8). ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] 1. openvassd scanner failing while loading NVTs. SEGV signal.
Hi, > I am running scanner version 4.0.2. Manager version 5.0.3. Ubuntu 14.04.4 LTS also be aware that those are quite outdated components. They are from OpenVAS 7 which is unsupported since May this year: https://lists.wald.intevation.org/pipermail/openvas-announce/2016-May/000194.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] User Impersonation Feature
Hi, > If you're logged in as admin and want to see another users tasks, schedule or > simply impersonate him. impersonating itself is not possible but you can use the super-permissions to get access to other users tasks, reports, schedules and so on: http://docs.greenbone.net/GSM-Manual/gos-3.1/en/user_permissions.html#super-permissions ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Updating NVT Feed in OpenVAS
Hi, > Do we need to run openvasmd --rebuild every time when the new NVT feeds > synced ? either a --rebuild is needed or you can do the following: > A rebuild within a running Manager can also be invoked by sending the main > Manager process the SIGHUP signal (signal number 1). (from the README of openvasmd) ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvasmd broken after package upgrade: undefined symbol
Hi, > Nevermind, I found the issue. For some reason the new package improperly > check the dependencies. probably still something you should report to the kali guys so they can fix it. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvasmd broken after package upgrade: undefined symbol
Hi, > Just upgraded to the latest stable release of kali rolling > openvas-manager package (6.0.8-0kali1) those packages are provided by the Kali Guys so its probably the best to report this to them. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Which ports
Hi, On 06/24/2016 01:16 PM, Corti Matteo (ID BD) wrote: > I would like to scan for default Tomcat users and passwords on machines > running Tomcat on non-standard ports. > > When I look at the plugin "Apache Tomcat Default Accounts” > (http://plugins.openvas.org/nasl.php?oid=11204) I see > > port = get_http_port(default:8080); > > if ( ! port ) exit(0); > > it seems that if not port is supplied then 8080 will be used. What I do > not know is how OpenVAS will call the plugin. get_http_port behaves different. If you're scanning a portrange like: 80-9000 and four webserver on the ports 80, 443, 8080, 9000 are reported as open from nmap to OpenVAS the get_http_port function (or better the get_kb_item within it) will fork and return all four ports to the plugin. Another example is the scan of a portrange like 20-25 where no webservers were found. Then the function behaves: - If unscanned_closed is set to "yes" in your scanconfig then get_http_port(default:8080); will exit as 8080 wasn't scanned. - If unscanned_closed is set to "no" in your scanconfig then get_http_port(default:8080); will return port 8080 to the plugin. So in your case you just need to make sure that the non-standard ports are included in the nmap/portscan portrange. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] login problems
Hi, > Also, how do I get openvasmd to listen on the actual ethernet port? > openvas-check-setup reports everything is fine but listening only on > 127.0.0.1. have a look at: openvasmd --help which shows: -a, --listen= Listen on . --listen2= Listen also on . > Is Kali Linux a good choice, anyway? I haven't had good luck with getting the > installation to work properly. There where a few user reporting issues with the Kali Linux packages here at the mailinglist in the past. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] SSH Authorization Check fails on OpenSSH 7.x
>Should I rebuild libssh only or OpenVAS too? Any suggestions about >libssh >version? Last one? As i don't have any other applications depending on libssh i have installed 0.7.3 to /usr/local and build OpenVAS against it. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] SSH Authorization Check fails on OpenSSH 7.x
Hi, > # yum list installed | grep libssh > libssh.x86_64 depending on the used key algorithms you might need to use / rebuild against a newer libssh: https://lists.wald.intevation.org/pipermail/openvas-discuss/2016-May/009582.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Upgrading to OpenVAS 8
Hi > 1. The new scan, which is testing Centos/RHEL servers is running >s slowly in comparison with openvas7 running on Centos 6 OpenVAS 8 is running all NVTs (even those prone to false positives) due to the introduction of the QoD concept. So there is probably very little what you can do here. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas-check-setup says Manager not running
Hi, > openvas-check-setup 2.3.0 please always use the recent version of openvas-check-setup which is currently 2.3.3 and available here: https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvassd hanging
Hi, > Seems related to redis but it seems OK: that could be indeed an issue. Have a look at the pointers given here: https://lists.wald.intevation.org/pipermail/openvas-discuss/2016-April/009497.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Rebuild NVT cache...failed (Openvas 8)
Hi, > any solution regarding this issue? after creating new certs with openvas-mkcert you might need to also update the scanner with something like this: openvasmd --modify-scanner 08b69003-5fc2-4037-a479-93b440211c73 --scanner-port 9391 --scanner-ca-pub /usr/local/var/lib/openvas/CA/cacert.pem --scanner-key-pub /usr/local/var/lib/openvas/CA/servercert.pem --scanner-key-priv /usr/local/var/lib/openvas/private/CA/serverkey.pem ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Hmm issue with ssh authentication /
> hmm and now that I'm thinking this can't be the case because it works for me > when I ssh manually using the same private+public keys. SSH into the machine from command line is completely different in comparsion to the login from OpenVAS as different libraries are in use. In trusty (14.04) the libssh 0.6.1 is used which is quite outdated: http://packages.ubuntu.com/trusty/libssh-4 Few days ago i had the same issue while logging in and manually updating to libssh 0.7.3 did the trick. So try that first before looking for other issues. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Hmm issue with ssh authentication /
Hi, > any help so we can check? when using ed25519 keys you might need to manually update your libssh to a more recent version (0.7.0+) which brings support for those keys. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] bug on openvas-check-setup when install openvas 8
Hi, > i find openvas-check-setup script has a bug ,because gcad open 80 and 9392 > port when it start,but in openvas-check-setup it's only handle one port!!! use the latest available openvas-check-setup 2.3.3 from SVN: https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup which already contains a fix for this. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS 8 - Wapiti and Arachni
Hi, > Can someone tell me where to look to find what the plugins are trying to run > for a command line so I can debug what is failing? you could have a look at the NASL Plugins for both scanners: http://plugins.openvas.org/nasl.php?oid=80110 http://plugins.openvas.org/nasl.php?oid=110001 Adding a: log_message(data:argv); before the: r = pread(cmd: arachni, argv: argv, cd: 1); and r = pread(cmd: cmdext, argv: argv, cd: 1); in both NVTs could give you some debugging output about the used command line in your GSA. > Corresponding question - is Arachni really supported? Have a look at this mailinglist post: https://lists.wald.intevation.org/pipermail/openvas-discuss/2014-December/007180.html > If not - how to remove the attempt to use it? You can disable the NVTs in your scan config within the "Web application abuses" family. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Server IP Address Change
> Can you provide me a link to configure the ip for the demo? I am not able to > locate the instruction to configure ip address on OpenVAS web site. > Thank you for the help, 10 Seconds google search: https://wiki.debian.org/NetworkConfiguration ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] number of NVTs in the OpenVAS Manager database is too low
> Installation is failing when issuing "openvasmd --rebuild --progress" Whats the actual issue you're seeing when running this command? Thats currently missing in your post. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Getting 503 while running tasks in GSA
> Any help will be highly appreciated! Have a look at the "Certificate Generation" part of the linked docs. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Are the Greenbone reports supported in OpenVAS?
Hi, > Are the following Greenbone reports supported in OpenVAS? > > - Greebone Executive Report > - http://www.greenbone.net/download/docs/GXR-1.0.2-Sample-Report.pdf > - Greenbone Security Report > - http://www.greenbone.net/download/docs/GSR-1.0.8-Sample-Report.pdf see this recent questions at the openvas-devel mailinglist: https://lists.wald.intevation.org/pipermail/openvas-devel/2016-February/003665.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Can't get OpenVAS server to listen on a specific IP Address
Hi, > i have attached the openvas-check-setup.log file, as well as the > configuration files from /etc/default and /etc/init.d. > I have added the directory name where the file is located to the front of the > file name – they are not really named this in the directory. have you noted the "# NOTE: This file is not used if you are using systemd." at the attached defaults files? ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS v8 on ubuntu 14.04.03 LTS
Hi, > Opensvas doesn’t mark the system as dead, but I only have the following logs : > > - OS fingerprinting > - ICMP Timestamp Detection > - Traceroute > - CPE Inventory that are too few log entries. You should have at least: > - Checks for open tcp ports containing the detected open ports and stuff like: > - SSH Server type and version if there is an SSH server running there. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS v8 on ubuntu 14.04.03 LTS
Hi, > The patch is the attachment.bin file ? > If I understand, I have to uninstall openvas9 and download the official > source of openvas9, > Sorry for my stupid question but what I have to do with the patch file ? > place it somewhere in the source before compiling (after compiling)? based on this question i think its better if you completely uninstall/purge the OpenVAS9 installation and stay with the pre-compiled/packages OpenVAS8 installation from that ppa. This already includes the fix. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Autogenerate credential - SOLVED
> > I wasn't aware that you need rpm and alien for windows stuff. The posted > > documentation by Michael also says that you just need nsis? > > Yes, you need nsis. Without nsis all downloaded exe have 0 Byte. Mhhh, i thought you have solved that by installing alien/rpm as previously posted? ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Autogenerate credential - SOLVED
Hi, >Maybe an alien check shout integrated in the openvas-check-setup >script. as far as i can see there is already an check for that in the current openvas-check-setup. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Autogenerate credential - SOLVED
>>> Maybe an alien check shout integrated in the openvas-check-setup >>> script. >> >> as far as i can see there is already an check for that in the current >> openvas-check-setup. > The check has an dependence from rpm. I don't use Ret Hat, and so I haven't > install rpm. As a result, alien wasn't check for me. > > At the installation of alien, I got rpm as dependence. Now the check-script > check for alien. Ahhh, yes. The openvas-check-setup has to steps: 1. Check for rpm 2. If rpm is installed check for alien Probably the packages are created with rpm and then converted to .deb by alien? > I didn't know the rpm was necessary to get an > windows-autogenerate-credential-exe. > If I would know, I had installed rpm, and then I had realist, that alien was > missing. I wasn't aware that you need rpm and alien for windows stuff. The posted documentation by Michael also says that you just need nsis? ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Can not start scanning in openvas on kali 2.0
Hi, >It seems like that openvas has remembered the >first certs I generated after a clean install and rejected newer ones. >What >is the correct way to replace these certs? have a look at this mailinglist post for some pointers: http://lists.wald.intevation.org/pipermail/openvas-discuss/2015-November/008929.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] ERROR: redis-server is not running or not listening...
Hi, have you checked what the message is suggesting: >> ERROR: redis-server is not running or not listening on >socket: >> /var/run/redis/redis.sock >> FIX: You should start the redis-server or configure it to >listen >> on socket: /var/run/redis/redis.sock ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas-nvt-feed
>From my knowledge the nvt-feed gets updated daily. Which is only true for the greenbone feed but not for the openvas as already pointed out by jan. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas-nvt-feed
I'm suggesting to have a look at: http://plugins.openvas.org/ where you can see the current status of the OpenVAS feed. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Service temporarily down
> Usually problem might be related to some incorrect library versions. Might be related to one of those reports: https://wald.intevation.org/tracker/index.php?func=detail=6572_id=29=220 http://comments.gmane.org/gmane.comp.security.openvas.users/6208 https://bugs.gentoo.org/show_bug.cgi?id=525640 ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] SMB Login Problems
Hi, >Is there a way to look in the knowledge base? Formerly the knowledge >base was just a file, but now i can’t find it anymore! I took a quick >look in the tasks.db but haven’t found it there. you need to use redis-cli monitor http://redis.io/commands/MONITOR for that as the KB is now stored in the redis DB. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Not all vulnarabitities used
Hi, > There are many of “mandatory key is missing” lines. But why? What is the meaning of this? have a look at the "gb_adobe_acrobat_mult_vuln01_oct15_win.nasl" NVT for example: http://plugins.openvas.org/nasl.php?oid=806505 This has the mandatory key: script_mandatory_keys("Adobe/Acrobat/Win/Ver"); which is set by the detection NVT "secpod_adobe_prdts_detect_win.nasl": http://plugins.openvas.org/nasl.php?oid=900319 If that NVT wasn't able to detect the installed Adobe the vulnerability check will fail. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Not all vulnarabitities used
Hi, >Is it possible to increase the log level, to see which nvt where used? >Something like what you can see, if you use "ps afx" if a task run. there is the scan config option "log_whole_attack" which logs all NVTs and the reasons why those where not executed. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Cron Jobs
Hi, see: > no openvassd in (/usr/bin:/bin) vs: > /usr/sbin/openvas-certdata-sync Am 22. Oktober 2015 18:06:49 MESZ, schrieb Diego Gomes: >Hello guys > >Did you already see anything like this? > >Cron Job: >/usr/sbin/openvas-certdata-sync > > > >which: no openvassd in (/usr/bin:/bin) > >[e] Error: openvassd is not in the path, could not determine >SCAP directory. > > >Any idea about it? > >Thanks, > >Diego > > > > >___ >Openvas-discuss mailing list >Openvas-discuss@wald.intevation.org >https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas scan windows xp
Not quite sure if enabling OS identification within the nmap (nasl wrapper) NVT will also help but worth a try. Am 22. Oktober 2015 04:52:32 MESZ, schrieb Eero Volotinen: >You need to enable credentialed scan do detect os. > >-- >Eero > >2015-10-21 23:37 GMT+03:00 ismael flavio silva > : > >> >> hello >> >> the openvas not detect that windows xp is not supported by microsoft. >> >> Someone can help me. >> >> Thanks >> >> ___ >> Openvas-discuss mailing list >> Openvas-discuss@wald.intevation.org >> >https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >> > > > > >___ >Openvas-discuss mailing list >Openvas-discuss@wald.intevation.org >https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVas problem
Hi, as you're on OpenVAS 7 just read the header of openvas-check-setup: > Test completeness and readiness of OpenVAS-8 (add '--v6' or '--v7' or '--v9' > if you want to check for another OpenVAS version) ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Vulnerabilities OpenVAS
Hi, > gsad > --gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0" > > restarted openvas-manager, openvas-scanner, gsad > > Started scan against localhost and the same results: you also need to add this gnutls-priorities to the openvas-manager (openvasmd) and openvas-scanner (openvassd) startup. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] timezone
Those two docs could contain some additional info: http://docs.greenbone.net/GSM-Manual/gos-3.1/en/mysettings.html http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#scheduled-scan Am 17. Oktober 2015 23:09:51 MESZ, schrieb Diego Gomes: >Hello guys! >Please, I need help to configure my timezone for my web interface and >for schedules, to make sure that the scanning is really running exactly >in the time I need. >So, I am GMT -3 (Brazil). It is 06:04 PM right now. When I access my >GUI, it shows 09:04 PM. >My Linux server is GMT-3, so the server is correct. >I need to configure everything to be in GMT-3. >I have no idea about config file, etc.. So, please, if I need to change >something by CLI, I appreciate to have the absolute path. >I am running OpenVAS in Red Hat 6. I used atomic repository to install >OpenVAS! ># rpm -qa |grep -i >openvasopenvas-manager-5.0.9-28.el6.art.x86_64openvas-scanner-4.0.6-19.el6.art.x86_64openvas-libraries-7.0.9-18.el6.art.x86_64openvas-1.0-17.el6.art.noarchopenvas-cli-1.3.1-6.el6.art.x86_64 >Thanks a lot for your help! >Diego > > > >___ >Openvas-discuss mailing list >Openvas-discuss@wald.intevation.org >https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Reverse DNS lookups in OpenVAS
Hi, On 10/14/2015 11:19 AM, COVINI JEROME wrote: > Im using openvas 8 and trying to get reverse lookup working but to no avail. which version of openvas-scanner are you using? 5.0.2 containing a fix for a bug in previous versions where the FQDN was not set for the target: http://wald.intevation.org/frs/shownotes.php?release_id=795 ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] greetings + empty vuln
Hi, On 10/07/2015 10:27 PM, cory cardio wrote: >>Which version of OpenVAS? > > v4.0.2 i guess this is the version of the openvas-scanner? Seems you're using fairly old components (4.0.2 was released more than a year ago). Try to update to the latest versions of the OpenVAS7 components or even to OpenVAS8 as shown here: http://openvas.org/install-source.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] greetings + empty vuln
Hi, when replying to a mailinglist post make sure that you're also including the address of the mailinglist (openvas-discuss@wald.intevation.org in this case) in the recipient field. > Thank you for the reply, unfortunately I failed at what you asked. I've > included a screen shot of my "search" Try to put the: 100527 into the "filter" search field. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS supplement?
Hi, > How do you configure it to do both? the Vulnerability-Scan is included in configs like "Full and Fast". More infos about it can be found here for example: http://docs.greenbone.net/ and is catching known vulnerabilities. For the policy task have a look at: http://greenbone.net/learningcenter/task_it_grundschutz.html for example. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Openvas Scan failed at 1%
Hi, >How to update it newer version on Debian Lenny. before doing any OpenVAS upgrades you probably should first move to a recent Linux distribution. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] issue of download report in PDF format
Hi, > Any idea what went wrong? try to update your OpenVAS components to the latest available versions. especially the empty report generation was a bug in one of the previous versions of i think scanner or manager (just check the changelogs). ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] [Newsletter] Re: issue of download report in PDF format
Hi, > My scanner and manager versions are 5.0.4 and 6.0.5. Are they not latest ones? mhhh, strange. Normally 6.0.5 of the manager should have fixed this: http://wald.intevation.org/frs/shownotes.php?release_id=826 ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS 7 on VM is working on HTTP/HTTPS/Telnet/SSH ports?
Hi, > By the way, is redis-server required for OV 7 as I read Pual mentioned a > related issue? The output of my “openvas-check-setup –v7” doesn’t show redis > checking. OpenVAS 8 started to require redis-server so thats the reason why openvas-check-setup is not showing this test if OpenVAS7 or below was detected. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS without GSA, just CLI
Just try it and skip the gsa build step when building from source. :) Should still works as GSA is just the WebGUI. Am 9. September 2015 20:11:55 MESZ, schrieb Diego Jules: >Thanks, I'd like to minimize the number of dependencies for the >installation. >I think if I skip GSA I can make a lighter install. > >I have no problem with XML commands via OMP, I wrote a couple of python >scripts for that. > >Anyone else ever tried to install without GSA? > >On Tue, Sep 8, 2015 at 11:59 PM, Eero Volotinen >wrote: > >> How about just installing all components, but not starting gsad >service? >> >> Works fine only using omp, but you might need to implement some >> functionality with XML commands with omp (cli). >> >> -- >> Eero >> >> 2015-09-09 2:57 GMT+03:00 Diego Jules : >> >>> Hi guys, >>> >>> I'd like to install OpenVAS with CLI/omp only, no web GUI. >>> Has anyone ever tried to install OpenVAS without the >>> Greenbone-Security-Assistant? >>> >>> What are the absolutely essential packages that OpenVAS needs to >work? >>> I'm thinking these, am I missing something? >>> openvas-libraries >>> openvas-manager >>> openvas-scanner >>> openvas-cli >>> dirb >>> gnutls >>> nikto >>> nmap >>> gnu >>> >>> >>> Thanks, >>> >>> DJ >>> >>> ___ >>> Openvas-discuss mailing list >>> Openvas-discuss@wald.intevation.org >>> >https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >>> >> >> > > > > >___ >Openvas-discuss mailing list >Openvas-discuss@wald.intevation.org >https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] inconsistent results when doing an external credentialed scan against Windows
Hi, it could also make sense to update all OpenVAS components to the latest versions. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] inconsistent results when doing an external credentialed scan against Windows
Hi, see http://www.openvas.org/install-source.html or ask the Kali guys to package the newer versions. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Scan over VPN tunnel fail
> How about trying to do something without step-by-step instructions? So true :) ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] amazon local security checks for openvas8
Hi, > I have some problems with how-to-use my oid number? Any help? your OID range is now listened at: http://www.openvas.org/openvas-oids.html So the OID for your first NVT would be: 1.3.6.1.4.1.25623.1.0.12 the next NVT: 1.3.6.1.4.1.25623.1.0.120001 and so on. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvasmd rebuild issue
Hi, no issue here running sqlite3 3.8.7.1 from Debian Jessie. > I am running recommend openvas version in Centos 5.7. My sqlite > version is sqlite-3.7.0.1-1.el5.art The first thing probably would be to test this with a newer CentOS release providing an current version of sqlite3. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] help
Hi, please attach the openvas-check-setup.log instead of executing it. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Missing reports in Greenbone during and after scan
Hi, Any help is greatly appreciated, thanks, try to update to the latest available components. I think that was fixed recently. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas-nvt-sync ERROR
Hi, tar (child): bzip2: Cannot exec: No such file or directory seems you need to install bzip2 ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] problems with binary packages both on ubuntu 14.04 and centOS 7
Hi, but when I click on the report, the list is empty, like there is no report at all there are at least two reports at this mailinglist that downgrading the packages to a previous version fixes this. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Openvas 7 - Can't see others tasks
It's not possible to see others tasks Not in a default setup. This needs to be configured with permissions like described here: http://docs.greenbone.net/GSM-Manual/gos-3.1/en/user_permissions.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS 8 openvas-check-setup
Hi Ian, ./openvas-check-setup: line 789: [: too many arguments seems there is still a minor issue in the openvas-check-setup script. could you run the latest version 2.3.1 again to see if and at what line you're getting this message? ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS 8 openvas-check-setup
Hi, ./openvas-check-setup: line 789: [: too many arguments seems there is still a minor issue in the openvas-check-setup script. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Regarding to OpenVAS Web App Scanning.
Hi, see the documentation available here: I am new to OpenVAS and after installation got first problem and didn't get solution to scan web application. How is that possible? http://greenbone.net/learningcenter/task_webappscan.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Missing CVEs
Hi, Examples: CVE-2015-0051 CVE-2015-0069 CVE-2015-0316 all three CVEs are already in the feed as you can see here: CVE-2015-0051 CVE-2015-0069 http://plugins.openvas.org/index.php?oid=805136 CVE-2015-0316 http://plugins.openvas.org/index.php?oid=805443 http://plugins.openvas.org/index.php?oid=805270 http://plugins.openvas.org/index.php?oid=805442 The search of http://plugins.openvas.org is a nice way of searching for existing NVTs for specific CVEs. Anybody knows why some CVEs like those are not in the feed? If a CVE is missing it mostly has an simple answer: No one had the time yet to implement it :-) Is there anyway of adding (contribute) the lost CVEs to the feeds? Is there anyway of adding manually the lost CVEs to an implementation? Most infos how to write NVTs are collected here: http://openvas.org/nvt-dev.html -- Chris ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] How to Check if OpenVAS used a credential successfully or not?
Hi, I would like to know how to check if the OpenVAS was successful in using the configured credentials. you're probably using a SMB login configured like described here: http://greenbone.net/learningcenter/auth_scans.html ? If yes then i think you should get a Log entry in the scan result of this NVT: http://plugins.openvas.org/index.php?oid=10394 if the login via SMB was successful or not. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] What are the updates needed.
Hi, Now before scanning what are the necessary updates needed to be done on my OpenVas server. see here for example: http://www.openvas.org/openvas-nvt-feed.html Upgrading your OpenVAS to the latest maintenance release available here: http://openvas.org/install-source.html could be also a good idea. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Unable to install OpenVAS 8
Hi, i think that output should tell you what to do? ERROR: No OpenVAS CLI (omp) found. FIX: Please install OpenVAS CLI. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Install from Binary Packages on CentOS
Hi, Am I looking in the wrong place? I see no reference to redis NOR any reference to SELinux in: try to use the latest version of the openvas-check-setup like suggested. This is suggesting that you should disable SELinux and is also checking if your redis-setup is correctly configured. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] HTTP.sys CVE-2015-1635 : Setting up a single scan
Hi, If I do a Full and Fast scan against a single target that I know is vulnerable I get a hit for CVE-2015-1635. I want to set up a scan for just CVE-2015-1635. I've done that but when I run it against the same host I get 0 results in the report. I've told OpenVAS to assume the target is alive. you need at least an additional portscanner like nmap (NASL wrapper) from the Port scanners familiy enabled to get the vulnerability detected. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Regarding login to openvas port
Hi, What to do further please let me know. the logfiles /var/log/openvas/* could be a starting point. Again, if you can probably tell me how to install openvas on ubuntu 14.04 version Have a look at your favorite search engine to find tutorials like: https://hackertarget.com/install-openvas-7-ubuntu/ ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Empty vulnerability titles in report
Hi, OpenVAS scans produce reports displaying multiple vulnerabilities with CVSS values and associated risk levels, but no vulnerability title. not quite sure if this is related but something similar was reported some days ago at: http://lists.wald.intevation.org/pipermail/openvas-discuss/2015-March/007548.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS DevCon #5 (June 24-26 2015): Registration open
Hi, I've created now a web page for DevCon #5: http://www.openvas.org/openvas-devcon5.html just noticed that the DevCon #5 is currently listened/linked on: http://openvas.org/devcons.html but not on the event page itself: http://openvas.org/events.html -- Chris ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Allow multiple login on same user?
Hi, Is it possible to allow multiple logins on same user on gsa web interface? this should be possible with an upcoming version of OpenVAS. At least the current GOS 3.1 (based on OpenVAS) is providing this feature when using two different browsers: http://greenbone.net/technology/gos_release_history.html#3_1 ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] multi-tiered environment
Hi, Unfortunately, that's not really a solution to the problem. mhhh not sure but then you probably have to some work on your own and develop a main application on Server C which is calling / requesting the needed informations from the Scanners A and B via OMP: http://www.openvas.org/omp-5-0.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] list: laughable message-size limits
On 02/13/2015 07:27 PM, Michael Meyer wrote: *** Reindl Harald wrote: but the threshold is a bad joke because you can't post *any* image https://www.google.de/?gws_rd=ssl#q=image+upload which is in my opinion also the best practice when sending stuff like screenshots to a mailinglist. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] feeds updates
Hi, question: CVE-2014-2653 was filed almost a year ago. was there any particular reason why openvas didn't raise any flags on it? because this check for the CVE is banner based as you can see in the existing NVT: http://komma-nix.de/nasl.php?oid=105004 You need to set report_paranoia to Paranoid (more false alarms) (2) in your scan config to get a finding for this. Be aware that you will get false positives as Debian for example has backported this security fix to older versions: https://security-tracker.debian.org/tracker/CVE-2014-2653 ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] feeds updates
Btw., from what i have read the upcoming OpenVAS8 will bring some changes / improvements for banner based vulnerability checks. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] how to create overrides for certain tests e.g. PHP via Overrides-menu-item
Hi, just wondering how to use the Overrides menu to create/configure overrides for certain tests. i think that is straight forward and self-explanatory. Do you have any specific questions/problems while creating an override? ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] I can't Login to OpenVAS via Web. How can I modify users?
Hi, But, I can't login to OpenVAS via web and it show me the username or password incorrect. How can I add or remove users? the page here: http://openvas.org/install-packages-v6.html contains some infos how to create/add a new user. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Weak ciphers in the OpenVas deamon...
Hi, Q: How do I disable these? see: http://lists.wald.intevation.org/pipermail/openvas-discuss/2014-November/007077.html and some other similar mailinglist postings here. --gnutls-priorities won't work in OpenVAS 6 and older, you need OpenVAS 7 for this. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] debugging an nasl plugin ?
Hi, first are you running the last rev. 809 of the NVT as there was a small bug in the regex one month ago: http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/2014-November/000797.html The script still gives no output, and nothing is written to the OpenVAS log. The NASL language seems to lack any instruction to generate output, so I don't know how to troubleshoot this further ? Using the openvas-nasl it won't give you an output but you could add something like: display(port); to get an output of the current variables. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Hostname Plugin
Hi, Just figured it out. :) it could be useful for further readers to post how you have figured this out. :-) ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] debugging an nasl plugin ?
Hi, Using these instructions, I can now confirm that the current plugin version works as expected, i.e. : thanks for the feedback!!! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Scan results empty OpenVAS on CentOS release 6.6
Hi, Any scan I perform does not show any results. this is a new install of OpenVas. some infos about: - your setup - used scan config - used Alive-Test could be really helpful. Don't think that anyone just can guess where the problem is with that few infos you have provided. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Modifying the OpenVAS SSL config
Hi, Yes, there is hardcoded cipherlist on older version of OpenVAS. does this matter in this case? OpenVAS 5 has reached end-of-life some month ago: http://lists.wald.intevation.org/pipermail/openvas-announce/2014-August/000166.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Modifying the OpenVAS SSL config
Well, there is also hardcoded cipherlist on openvas 6? Ah, i see. The --gnutls-priorities is not available in OpenVAS6, wasn't aware of this. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Modifying the OpenVAS SSL config
Am 08.12.2014 um 19:05 schrieb Reindl Harald: hardcoded - a design flaw not really: http://lists.wald.intevation.org/pipermail/openvas-discuss/2014-November/007077.html ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Modifying the OpenVAS SSL config
Hi, For example, the article shows: gsad --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0 However, in my limited understanding of POODLE, SSLv3 using CBC ciphers are vulnerable to that MITM attack. SSLv3 is disabled via the: -VERS-SSL3.0 string. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] problem installing openvas in centos7
Hi, rsync: failed to connect to feed.openvas.org[http://feed.openvas.org] (78.47.251.61): Connection refused (111) rsync error: error in socket IO (code 10) at clientserver.c(122) [Receiver=3.0.9] [e] Error: rsync failed. just tested this and works as expected. Are you able to ping this system? [root@localhost /]# openvas-check-setup openvas-check-setup 2.2.1 Test completeness and readiness of OpenVAS-6 (add '--v4', '--v5' or '--v7' if you want to check for another OpenVAS version) Please update to the latest openvas-check-setup 2.2.6: https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup wich now defaults to OpenVAS-7 (which you're probably using). ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Modifying the OpenVAS SSL config
Hi, such settings belong in a config file, otherwise if you install from packages the modified sysvinit script get overwritten until you are on systemd based distributions where you can place your units in /etc/systemd/system sure it could be useful to have such a setting in a config file. But as far as i can see there is still no hardcoded cipher list as you have written in your initial post. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Status of current ike-scan (NASL wrapper)?
Hi, anyone has any experiences with the current version of the ike-scan (NASL wrapper) and ike-scan 1.9? Some days ago i have done some test-scans on systems where Nessus shows that those systems have an enabled aggressive mode with a PSK. When using OpenVAS6 and the following options of the ike-scan nasl wrapper: Enable Aggressive Mode - Yes Enable fingerprint using Aggressive Mode - Yes only log messages (about 10-15) of the NVT about open ports are shown. Is this wrapper working at all with recent versions of ike-scan or should i just skip using it? Any other ways of scanning IPSec systems for an enabled Aggressive Mode with OpenVAS? Thanks in advance for a reply. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] MSSQL Server version detection without SMB Login
Hi, Id like to know when the plugin is ok. So can I know where to check? svn, or use openvas-nvt-sync, or ...? you can subscribe to the openvas-nvts-commits mailinglist: http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-nvts-commits or watch the mailinglist archive: http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/ to see changes to plugins. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] False Positives: GNU Bash Environment Variable Handling Shell RCE Vulnerability (CVE-2014-6277)
Hi, Any ideas on this at all ? maybe this: http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/2014-October/000748.html AFAIK problems with NVTs or false positives are also better placed at the plugins ML: http://lists.wald.intevation.org/pipermail/openvas-plugins ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Poodle - SSL version check
Hi, another follow-up. There is already a POODLE NVT available since last week: http://komma-nix.de/nasl.php?oid=802087 ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS 7 installation
You may need to play around with the Alive Test, which by default is an icmp ping AFAIK. Yes, thats correct since OpenVAS7 http://lists.wald.intevation.org/pipermail/openvas-discuss/2014-October/007022.html http://lists.wald.intevation.org/pipermail/openvas-discuss/2014-October/006953.html http://openvas.org/news_archive.html#openvas7 ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss