[Openvas-discuss] gvm_pyshell connection woes

[Chris Morse]

Good afternoon,

I am experiencing authentication issues using either ssh or tls when trying
to authenticate.

Fresh install of openvas9 using the mrazavi/openvas repo.

I am able to issue the following and connect and execute scripts without
issue

openvasmd -c ovsock
gvm_pyshell socket --sockpath ovsock --gmp_username admin --gmp_password
admin ./myscript.gmp

This, however, is leaving multiple openvasmd instances running.

I've run netstat -tulep and see that it is listening on port 6379 and
changed the port values when connecting using TLS. I get a handshake
timeout.

Using ssh i simply get an authentication failed message.

If there's a configuration item or something else I've missed, I've scoured
the ultraweb in search of it.

Any pointers would be much appreciated.

Chris Morse, CISA, CISM
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Windows SBS2011 and CVE-2014-1812

[Chris Bridges]

Hi.

Running OV8 on Ubuntu from M.Ravazi PPA, and everything seems to work well, but 
there are definitely some CVE’s that are definitely a problem on the Windows 
SBS2011 server, but are not being picked up on Openvas.

The Specifics are that CVE-2014-1812 requires the gppref.dll to be between 
6.1.7601.22000 -> 22604 ( for server 2008 R2) which is what SBS2011 is built on.
The Actual file version or gppref.dll on the machine is 6.1.7601.17514 ( ie 
should be reporting this as a problem)

My Scan config is
Network Vulnerability Test Families :
Windows : all selected
Windows : Microsoft Bulletins : all selected, and 'Microsoft Group Policy 
Preferences Privilege Elevation Vulnerability (2962486)' is located in this 
list.

This is an authenticated scan with a valid domain account, and the 'Login 
configurations' - NTLMSSP - yes

The Actual reported operating system version is
OS Name:   Microsoft Windows® Small Business Server 2011 
Standard
OS Version:6.1.7601 Service Pack 1 Build 7601

Does anyone have any thoughts as to why this is not being picked up, or is 
there something I have not selected ?

Many Thanks
Chris


-
RFEL : SIGNAL PROCESSING IQ : FPGA EXPERTISE
Chris Bridges  , Head of IT & Engineering Support , DDI +44 (0)1983 216631  M 
+44 (0)7776 234533
RFEL Ltd, Unit B, The Apex, St Cross Business Park, Newport, Isle of Wight, 
PO30 5XW,UK
T +44 1983 216600  F +44 1983 216611  E chris.brid...@rfel.com  W www.rfel.com
-
Company No : 2389307 : This e-mail is for the intended addressee only. If you 
have received it in error then you must not use, retain, disseminate or 
otherwise deal with it. Please notify the sender by return email and then 
delete the e-mail. The views of the author may not necessarily constitute the 
views of RFEL Ltd.


_
This email has been scanned by the MessageLabs
_
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvas manager not listening and scan results are blank

[Chris]

Hi,

> 1. I can't get the manager to work on all interfaces, I have changed
the config setting in the  /etc/default folder for the services and no
luck I have restarted the services and the VM.

have a look at the notice of the attached config settings:

> # NOTE: This file is not used if you are using systemd.

Kali Linux is probably already on systemd. If you need further
configuration help its probably also recommended to ask at the Kali
forums for help as they know their system a little bit better then most
of the users at this list.

> 2.  I am not able to scan.  when I setup a scan on the local console
for an out side machine or the local hst i get no results.

Unfurtunately this contains too few info to be able to help here. A
starting point would be info like:

- Which scan config have you used?
- Are yo getting absolutely no results or only a few log lines?
- Are the systems you're trying to scan reachable via an ICMP Ping?
(Note the "Alive Test" config when creating a new target:
http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#creating-a-target)
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Scanning assistance

[Chris]

Hi,
On 08/04/2016 04:10
> What am I missing?

have a look at the "Alive test" options when configuring a target:

http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#creating-a-target

Might be possible that the system is not pingable. Furthermore use the
pre-defined "Full'n'Fast" scan Config for now (if you use a custom one).
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] using ssh on port xxxx for Local Security Check ?

[Chris]

Hi,
 
> is it possible to set openvas to use another port than the typical TCP:22 to 
> make the  Local Security Check ?
 
when creating a new target as seen here:

http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#creating-a-target

you can specify the SSH credentials and the port which should be used.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Running periodic tasks manually?

[Chris]

Hi,

> Currently, I need to change the task, remove the schedule, run it by
> clicking on the "play" button.

it seems this is not possible within the overview but if you change into the 
Task itself you will find the "Start" button at the top (at least in the 
current OpenVAS 8).
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] 1. openvassd scanner failing while loading NVTs. SEGV signal.

[Chris]

Hi,

> I am running scanner version 4.0.2. Manager version 5.0.3. Ubuntu 14.04.4 LTS

also be aware that those are quite outdated components. They are from OpenVAS 7 
which is unsupported since May this year:

https://lists.wald.intevation.org/pipermail/openvas-announce/2016-May/000194.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] User Impersonation Feature

[Chris]

Hi,

> If you're logged in as admin and want to see another users tasks, schedule or 
> simply impersonate him.

impersonating itself is not possible but you can use the super-permissions to 
get access to other users tasks, reports, schedules and so on:

http://docs.greenbone.net/GSM-Manual/gos-3.1/en/user_permissions.html#super-permissions

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Updating NVT Feed in OpenVAS

[Chris]

Hi,
 
> Do we need to run openvasmd --rebuild every time when the new NVT feeds 
> synced ?

either a --rebuild is needed or you can do the following:

> A rebuild within a running Manager can also be invoked by sending the main 
> Manager process the SIGHUP signal (signal number 1).
(from the README of openvasmd)
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvasmd broken after package upgrade: undefined symbol

[Chris]

Hi,

> Nevermind, I found the issue. For some reason the new package improperly
> check the dependencies.

probably still something you should report to the kali guys so they can
fix it.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvasmd broken after package upgrade: undefined symbol

[Chris]

Hi,

> Just upgraded to the latest stable release of kali rolling
> openvas-manager package (6.0.8-0kali1)

those packages are provided by the Kali Guys so its probably the best to
report this to them.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Which ports

[Chris]

Hi,

On 06/24/2016 01:16 PM, Corti Matteo (ID BD) wrote:
> I would like to scan for default Tomcat users and passwords on machines
> running Tomcat on non-standard ports.
> 
> When I look at the plugin "Apache Tomcat Default Accounts”
>  (http://plugins.openvas.org/nasl.php?oid=11204) I see
> 
> port = get_http_port(default:8080);
> 
> if ( ! port ) exit(0);
> 
> it seems that if not port is supplied then 8080 will be used. What I do
> not know is how OpenVAS will call the plugin.

get_http_port behaves different. If you're scanning a portrange like:

80-9000

and four webserver on the ports 80, 443, 8080, 9000 are reported as open
from nmap to OpenVAS the get_http_port function (or better the
get_kb_item within it) will fork and return all four ports to the plugin.

Another example is the scan of a portrange like 20-25 where no
webservers were found. Then the function behaves:

- If unscanned_closed is set to "yes" in your scanconfig then
get_http_port(default:8080); will exit as 8080 wasn't scanned.

- If unscanned_closed is set to "no" in your scanconfig then
get_http_port(default:8080); will return port 8080 to the plugin.

So in your case you just need to make sure that the non-standard ports
are included in the nmap/portscan portrange.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] login problems

[Chris]

Hi,
 
> Also, how do I get openvasmd to listen on the actual ethernet port? 
> openvas-check-setup reports everything is fine but listening only on 
> 127.0.0.1.

have a look at:

openvasmd --help

which shows:

-a, --listen=   Listen on .
--listen2=  Listen also on .

> Is Kali Linux a good choice, anyway? I haven't had good luck with getting the 
> installation to work properly.

There where a few user reporting issues with the Kali Linux packages here at 
the mailinglist in the past.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] SSH Authorization Check fails on OpenSSH 7.x

[Chris]

>Should I rebuild libssh only or OpenVAS too? Any suggestions about
>libssh
>version? Last one?

As i don't have any other applications depending on libssh i have installed 
0.7.3 to /usr/local and build OpenVAS against it.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] SSH Authorization Check fails on OpenSSH 7.x

[Chris]

Hi,

> # yum list installed | grep libssh
> libssh.x86_64

depending on the used key algorithms you might need to use / rebuild against a 
newer libssh:

https://lists.wald.intevation.org/pipermail/openvas-discuss/2016-May/009582.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Upgrading to OpenVAS 8

[Chris]

Hi

> 1.   The new scan, which is testing Centos/RHEL servers is running
>s slowly in comparison with openvas7 running on Centos 6

OpenVAS 8 is running all NVTs (even those prone to false positives) due to the 
introduction of the QoD concept. So there is probably very little what you can 
do here.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvas-check-setup says Manager not running

[Chris]

Hi,

> openvas-check-setup 2.3.0

please always use the recent version of openvas-check-setup which is
currently 2.3.3 and available here:

https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvassd hanging

[Chris]

Hi,

> Seems related to redis but it seems OK:

that could be indeed an issue. Have a look at the pointers given here:

https://lists.wald.intevation.org/pipermail/openvas-discuss/2016-April/009497.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Rebuild NVT cache...failed (Openvas 8)

[Chris]

Hi,

> any solution regarding this issue?

after creating new certs with openvas-mkcert you might need to also
update the scanner with something like this:

openvasmd --modify-scanner 08b69003-5fc2-4037-a479-93b440211c73
--scanner-port 9391 --scanner-ca-pub
/usr/local/var/lib/openvas/CA/cacert.pem --scanner-key-pub
/usr/local/var/lib/openvas/CA/servercert.pem --scanner-key-priv
/usr/local/var/lib/openvas/private/CA/serverkey.pem
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Hmm issue with ssh authentication /

[Chris]

> hmm and now that I'm thinking this can't be the case because it works for me 
> when I ssh manually using the same private+public keys. 

SSH into the machine from command line is completely different in comparsion to 
the login from OpenVAS as different libraries are in use.

In trusty (14.04) the libssh 0.6.1 is used which is quite outdated:

http://packages.ubuntu.com/trusty/libssh-4

Few days ago i had the same issue while logging in and manually updating to 
libssh 0.7.3 did the trick. So try that first before looking for other issues.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Hmm issue with ssh authentication /

[Chris]

Hi,

> any help so we can check?

when using ed25519 keys you might need to manually update your libssh to a more 
recent version (0.7.0+) which brings support for those keys.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] bug on openvas-check-setup when install openvas 8

[Chris]

Hi,
 
> i find openvas-check-setup script has a bug ,because gcad open 80 and 9392 
> port when it start,but in   openvas-check-setup it's only handle one port!!!
 
use the latest available openvas-check-setup 2.3.3 from SVN:

https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup

which already contains a fix for this.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS 8 - Wapiti and Arachni

[Chris]

Hi,

> Can someone tell me where to look to find what the plugins are trying to run 
> for a command line so I can debug what is failing?

you could have a look at the NASL Plugins for both scanners:

http://plugins.openvas.org/nasl.php?oid=80110
http://plugins.openvas.org/nasl.php?oid=110001

Adding a:

log_message(data:argv);

before the:

r = pread(cmd: arachni, argv: argv, cd: 1);

and

r = pread(cmd: cmdext, argv: argv, cd: 1);

in both NVTs could give you some debugging output about the used command
line in your GSA.

> Corresponding question  - is Arachni really supported?

Have a look at this mailinglist post:

https://lists.wald.intevation.org/pipermail/openvas-discuss/2014-December/007180.html

> If not - how to remove the attempt to use it?

You can disable the NVTs in your scan config within the "Web application
abuses" family.

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Server IP Address Change

[Chris]

> Can you provide me a link to configure the ip for the demo? I am not able to 
> locate the instruction to configure ip address on OpenVAS web site. 
> Thank you for the help, 

10 Seconds google search:

https://wiki.debian.org/NetworkConfiguration
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] number of NVTs in the OpenVAS Manager database is too low

[Chris]

> Installation is failing when issuing "openvasmd --rebuild --progress"
 
Whats the actual issue you're seeing when running this command? Thats currently 
missing in your post.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Getting 503 while running tasks in GSA

[Chris]

> Any help will be highly appreciated!

Have a look at the "Certificate Generation" part of the linked docs.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Are the Greenbone reports supported in OpenVAS?

[Chris]

Hi,

> Are the following Greenbone reports supported in OpenVAS?
> 
> - Greebone Executive Report
> - http://www.greenbone.net/download/docs/GXR-1.0.2-Sample-Report.pdf
> - Greenbone Security Report
> - http://www.greenbone.net/download/docs/GSR-1.0.8-Sample-Report.pdf

see this recent questions at the openvas-devel mailinglist:

https://lists.wald.intevation.org/pipermail/openvas-devel/2016-February/003665.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Can't get OpenVAS server to listen on a specific IP Address

[Chris]

Hi,
 
> i have attached the openvas-check-setup.log file, as well as the 
> configuration files from /etc/default and /etc/init.d.
> I have added the directory name where the file is located to the front of the 
> file name – they are not really named this in the directory.

have you noted the "# NOTE: This file is not used if you are using systemd." at 
the attached defaults files?
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS v8 on ubuntu 14.04.03 LTS

[Chris]

Hi,

> Opensvas doesn’t mark the system as dead, but I only have the following logs :
> 
> - OS fingerprinting
> - ICMP Timestamp Detection
> - Traceroute
> - CPE Inventory

that are too few log entries. You should have at least:

> - Checks for open tcp ports

containing the detected open ports and stuff like:

> - SSH Server type and version

if there is an SSH server running there.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS v8 on ubuntu 14.04.03 LTS

[Chris]

Hi,

> The patch is the attachment.bin file ?
> If I understand, I have to uninstall openvas9 and download the official 
> source of openvas9,
> Sorry for my stupid question but what I have to do with the patch file ? 
> place it somewhere in the source before compiling (after compiling)?
 
based on this question i think its better if you completely uninstall/purge the 
OpenVAS9 installation and stay with the pre-compiled/packages OpenVAS8 
installation from that ppa. This already includes the fix.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Autogenerate credential - SOLVED

[Chris]

> > I wasn't aware that you need rpm and alien for windows stuff. The posted
> > documentation by Michael also says that you just need nsis?
> 
> Yes, you need nsis. Without nsis all downloaded exe have 0 Byte.

Mhhh, i thought you have solved that by installing alien/rpm as previously 
posted?
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Autogenerate credential - SOLVED

[Chris]

Hi,

>Maybe an alien check shout integrated in the  openvas-check-setup
>script.

as far as i can see there is already an check for that in the current 
openvas-check-setup.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Autogenerate credential - SOLVED

[Chris]

>>> Maybe an alien check shout integrated in the  openvas-check-setup
>>> script.
>>
>> as far as i can see there is already an check for that in the current
>> openvas-check-setup.
> The check has an dependence from rpm. I don't use Ret Hat, and so I haven't
> install rpm. As a result, alien wasn't check for me.
> 
> At the installation of alien, I got rpm as dependence. Now the check-script
> check for alien. 

Ahhh, yes. The openvas-check-setup has to steps:

1. Check for rpm
2. If rpm is installed check for alien

Probably the packages are created with rpm and then converted to .deb by
alien?

> I didn't know the rpm was necessary to get an 
> windows-autogenerate-credential-exe.
> If I would know, I had installed rpm, and then I had realist, that alien was 
> missing.

I wasn't aware that you need rpm and alien for windows stuff. The posted
documentation by Michael also says that you just need nsis?
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Can not start scanning in openvas on kali 2.0

[Chris]

Hi,

>It seems like that openvas has remembered the
>first certs I generated after a clean install and rejected newer ones.
>What
>is the correct way to replace these certs?

have a look at this mailinglist post for some pointers:

http://lists.wald.intevation.org/pipermail/openvas-discuss/2015-November/008929.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] ERROR: redis-server is not running or not listening...

[Chris]

Hi,

have you checked what the message is suggesting:

>> ERROR: redis-server is not running or not listening on
>socket:
>> /var/run/redis/redis.sock
>> FIX: You should start the redis-server or configure it to
>listen
>> on socket: /var/run/redis/redis.sock
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvas-nvt-feed

[Chris]

>From my knowledge the nvt-feed gets updated daily.

Which is only true for the greenbone feed but not for the openvas as already 
pointed out by jan.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvas-nvt-feed

[Chris]

I'm suggesting to have a look at:

http://plugins.openvas.org/

where you can see the current status of the OpenVAS feed.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Service temporarily down

[Chris]

> Usually problem might be related to some incorrect library versions.
 
Might be related to one of those reports:

https://wald.intevation.org/tracker/index.php?func=detail=6572_id=29=220
http://comments.gmane.org/gmane.comp.security.openvas.users/6208
https://bugs.gentoo.org/show_bug.cgi?id=525640
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] SMB Login Problems

[Chris]

Hi,

>Is there a way to look in the knowledge base? Formerly the knowledge
>base was just a file, but now i can’t find it anymore! I took a quick
>look in the tasks.db but haven’t found it there.

you need to use

redis-cli monitor
http://redis.io/commands/MONITOR

for that as the KB is now stored in the redis DB.


___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Not all vulnarabitities used

[Chris]

Hi,
 
> There are many of “mandatory key is missing” lines. But why?
What is the meaning of this?

have a look at the "gb_adobe_acrobat_mult_vuln01_oct15_win.nasl" NVT for 
example:

http://plugins.openvas.org/nasl.php?oid=806505

This has the mandatory key:

script_mandatory_keys("Adobe/Acrobat/Win/Ver");

which is set by the detection NVT "secpod_adobe_prdts_detect_win.nasl":

http://plugins.openvas.org/nasl.php?oid=900319

If that NVT wasn't able to detect the installed Adobe the vulnerability check 
will fail.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Not all vulnarabitities used

[Chris]

Hi,

>Is it possible to increase the log level, to see which nvt where used?
>Something like what you can see, if you use "ps afx" if a task run.

there is the scan config option "log_whole_attack" which logs all NVTs and the 
reasons why those where not executed.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Cron Jobs

[Chris]

Hi,

see:

> no openvassd in (/usr/bin:/bin)

vs:

> /usr/sbin/openvas-certdata-sync

Am 22. Oktober 2015 18:06:49 MESZ, schrieb Diego Gomes :
>Hello guys
>
>Did you already see anything like this?
>
>Cron Job:
>/usr/sbin/openvas-certdata-sync
>
>
>
>which: no openvassd in (/usr/bin:/bin)
>
>[e] Error: openvassd is not in the path, could not determine
>SCAP directory.
>
>
>Any idea about it?
>
>Thanks,
>
>Diego
> 
>
>
>
>___
>Openvas-discuss mailing list
>Openvas-discuss@wald.intevation.org
>https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvas scan windows xp

[Chris]

Not quite sure if enabling OS identification within the nmap (nasl wrapper) NVT 
will also help but worth a try.

Am 22. Oktober 2015 04:52:32 MESZ, schrieb Eero Volotinen 
:
>You need to enable credentialed scan do detect os.
>
>--
>Eero
>
>2015-10-21 23:37 GMT+03:00 ismael flavio silva
>:
>
>>
>> hello
>>
>> the openvas not detect that windows xp is not supported by microsoft.
>>
>> Someone can help me.
>>
>> Thanks
>>
>> ___
>> Openvas-discuss mailing list
>> Openvas-discuss@wald.intevation.org
>>
>https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>>
>
>
>
>
>___
>Openvas-discuss mailing list
>Openvas-discuss@wald.intevation.org
>https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVas problem

[Chris]

Hi,

as you're on OpenVAS 7 just read the header of openvas-check-setup:

> Test completeness and readiness of OpenVAS-8 (add '--v6' or '--v7' or '--v9' 
> if you want to check for another OpenVAS version)
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Vulnerabilities OpenVAS

[Chris]

Hi,

> gsad 
> --gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0"
> 
> restarted openvas-manager, openvas-scanner, gsad
> 
> Started scan against localhost and the same results:

you also need to add this gnutls-priorities to the openvas-manager (openvasmd) 
and openvas-scanner (openvassd) startup.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] timezone

[Chris]

Those two docs could contain some additional info:

http://docs.greenbone.net/GSM-Manual/gos-3.1/en/mysettings.html

http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#scheduled-scan

Am 17. Oktober 2015 23:09:51 MESZ, schrieb Diego Gomes :
>Hello guys!
>Please, I need help to configure my timezone for my web interface and
>for schedules, to make sure that the scanning is really running exactly
>in the time I need.
>So, I am GMT -3 (Brazil). It is 06:04 PM right now. When I access my
>GUI, it shows 09:04 PM.
>My Linux server is GMT-3, so the server is correct.
>I need to configure everything to be in GMT-3.
>I have no idea about config file, etc.. So, please, if I need to change
>something by CLI, I appreciate to have the absolute path.
>I am running OpenVAS in Red Hat 6. I used atomic repository to install
>OpenVAS!
># rpm -qa |grep -i
>openvasopenvas-manager-5.0.9-28.el6.art.x86_64openvas-scanner-4.0.6-19.el6.art.x86_64openvas-libraries-7.0.9-18.el6.art.x86_64openvas-1.0-17.el6.art.noarchopenvas-cli-1.3.1-6.el6.art.x86_64
>Thanks a lot for your help!
>Diego
>
>
>
>___
>Openvas-discuss mailing list
>Openvas-discuss@wald.intevation.org
>https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Reverse DNS lookups in OpenVAS

[Chris]

Hi,

On 10/14/2015 11:19 AM, COVINI JEROME wrote:
> Im using openvas 8 and trying to get reverse lookup working but to no avail.

which version of openvas-scanner are you using? 5.0.2 containing a fix
for a bug in previous versions where the FQDN was not set for the target:

http://wald.intevation.org/frs/shownotes.php?release_id=795
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] greetings + empty vuln

[Chris]

Hi,

On 10/07/2015 10:27 PM, cory cardio wrote:
>>Which version of OpenVAS?
>
> v4.0.2

i guess this is the version of the openvas-scanner? Seems you're using
fairly old components (4.0.2 was released more than a year ago).

Try to update to the latest versions of the OpenVAS7 components or even
to OpenVAS8 as shown here:

http://openvas.org/install-source.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] greetings + empty vuln

[Chris]

Hi,

when replying to a mailinglist post make sure that you're also including the 
address of the mailinglist (openvas-discuss@wald.intevation.org in this case) 
in the recipient field.

> Thank you for the reply, unfortunately  I failed at what you asked. I've 
> included a screen shot of my "search"
 
Try to put the:

100527

into the "filter" search field.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS supplement?

[Chris]

Hi,
 
> How do you configure it to do both?
 
the Vulnerability-Scan is included in configs like "Full and Fast". More infos 
about it can be found here for example:

http://docs.greenbone.net/

and is catching known vulnerabilities. For the policy task have a look at:

http://greenbone.net/learningcenter/task_it_grundschutz.html

for example.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Openvas Scan failed at 1%

[Chris]

Hi,

>How to update it newer version on Debian Lenny.

before doing any OpenVAS upgrades you probably should first move to a recent 
Linux distribution.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] issue of download report in PDF format

[Chris]

Hi,

> Any idea what went wrong?

try to update your OpenVAS components to the latest available versions.

especially the empty report generation was a bug in one of the previous
versions of i think scanner or manager (just check the changelogs).
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] [Newsletter] Re: issue of download report in PDF format

[Chris]

Hi,

> My scanner and manager versions are 5.0.4 and 6.0.5. Are they not
latest ones?

mhhh, strange. Normally 6.0.5 of the manager should have fixed this:

http://wald.intevation.org/frs/shownotes.php?release_id=826
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS 7 on VM is working on HTTP/HTTPS/Telnet/SSH ports?

[Chris]

Hi,

> By the way, is redis-server required for OV 7 as I read Pual mentioned a 
> related issue?  The output of my “openvas-check-setup –v7” doesn’t show redis 
> checking.

OpenVAS 8 started to require redis-server so thats the reason why 
openvas-check-setup is not showing this test if OpenVAS7 or below was detected.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS without GSA, just CLI

[Chris]

Just try it and skip the gsa build step when building from source. :)

Should still works as GSA is just the WebGUI.

Am 9. September 2015 20:11:55 MESZ, schrieb Diego Jules :
>Thanks, I'd like to minimize the number of dependencies for the
>installation.
>I think if I skip GSA I can make a lighter install.
>
>I have no problem with XML commands via OMP, I wrote a couple of python
>scripts for that.
>
>Anyone else ever tried to install without GSA?
>
>On Tue, Sep 8, 2015 at 11:59 PM, Eero Volotinen 
>wrote:
>
>> How about just installing all components, but not starting gsad
>service?
>>
>> Works fine only using omp, but you might need to implement some
>> functionality with XML commands with omp (cli).
>>
>> --
>> Eero
>>
>> 2015-09-09 2:57 GMT+03:00 Diego Jules :
>>
>>> Hi guys,
>>>
>>> I'd like to install OpenVAS with CLI/omp only, no web GUI.
>>> Has anyone ever tried to install OpenVAS without the
>>> Greenbone-Security-Assistant?
>>>
>>> What are the absolutely essential packages that OpenVAS needs to
>work?
>>> I'm thinking these, am I missing something?
>>> openvas-libraries
>>> openvas-manager
>>> openvas-scanner
>>> openvas-cli
>>> dirb
>>> gnutls
>>> nikto
>>> nmap
>>> gnu
>>>
>>>
>>> Thanks,
>>>
>>> DJ
>>>
>>> ___
>>> Openvas-discuss mailing list
>>> Openvas-discuss@wald.intevation.org
>>>
>https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>>>
>>
>>
>
>
>
>
>___
>Openvas-discuss mailing list
>Openvas-discuss@wald.intevation.org
>https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] inconsistent results when doing an external credentialed scan against Windows

[Chris]

Hi,

it could also make sense to update all OpenVAS components to the latest 
versions.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] inconsistent results when doing an external credentialed scan against Windows

[Chris]

Hi,

see http://www.openvas.org/install-source.html or ask the Kali guys to package 
the newer versions.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Scan over VPN tunnel fail

[Chris]

> How about trying to do something without step-by-step instructions?

So true :)
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] amazon local security checks for openvas8

[Chris]

Hi,

> I have some problems with how-to-use my oid number? Any help?

your OID range is now listened at:

http://www.openvas.org/openvas-oids.html

So the OID for your first NVT would be:

1.3.6.1.4.1.25623.1.0.12

the next NVT:

1.3.6.1.4.1.25623.1.0.120001

and so on.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvasmd rebuild issue

[Chris]

Hi,

no issue here running sqlite3 3.8.7.1 from Debian Jessie.

> I am running recommend openvas version in Centos 5.7.   My sqlite
> version is sqlite-3.7.0.1-1.el5.art

The first thing probably would be to test this with a newer CentOS
release providing an current version of sqlite3.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] help

[Chris]

Hi,

please attach the openvas-check-setup.log instead of executing it.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Missing reports in Greenbone during and after scan

[Chris]

Hi,

Any help is greatly appreciated, thanks,

try to update to the latest available components. I think that was fixed 
recently.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvas-nvt-sync ERROR

[Chris]

Hi,

 tar (child): bzip2: Cannot exec: No such file or directory

seems you need to install bzip2
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] problems with binary packages both on ubuntu 14.04 and centOS 7

[Chris]

Hi,

 but when I click on the report, the list
is
empty, like there is no report at all

there are at least two reports at this mailinglist that downgrading the 
packages to a previous version fixes this.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Openvas 7 - Can't see others tasks

[Chris]

It's not possible to see others tasks

Not in a default setup. This needs to be configured with permissions like 
described here:

http://docs.greenbone.net/GSM-Manual/gos-3.1/en/user_permissions.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS 8 openvas-check-setup

[Chris]

Hi Ian,

  ./openvas-check-setup: line 789: [: too many arguments
 
 seems there is still a minor issue in the openvas-check-setup script.

could you run the latest version 2.3.1 again to see if and at what line you're 
getting this message?
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS 8 openvas-check-setup

[Chris]

Hi,

 ./openvas-check-setup: line 789: [: too many arguments

seems there is still a minor issue in the openvas-check-setup script.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Regarding to OpenVAS Web App Scanning.

[Chris]

Hi,

see the documentation available here:

 I am new to OpenVAS and after installation got first problem and
 didn't get solution to scan web application. How is that possible?

http://greenbone.net/learningcenter/task_webappscan.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Missing CVEs

[Chris]

Hi,

 Examples:
 CVE-2015-0051
 CVE-2015-0069
 CVE-2015-0316

all three CVEs are already in the feed as you can see here:

CVE-2015-0051  CVE-2015-0069
http://plugins.openvas.org/index.php?oid=805136

CVE-2015-0316
http://plugins.openvas.org/index.php?oid=805443
http://plugins.openvas.org/index.php?oid=805270
http://plugins.openvas.org/index.php?oid=805442

The search of http://plugins.openvas.org is a nice way of searching for
existing NVTs for specific CVEs.

 Anybody knows why some CVEs like those are not in the feed?

If a CVE is missing it mostly has an simple answer:

No one had the time yet to implement it :-)


 Is there anyway of adding (contribute) the lost CVEs to the feeds?
 Is there anyway of adding manually the lost CVEs to an implementation?

Most infos how to write NVTs are collected here:

http://openvas.org/nvt-dev.html

--
Chris
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] How to Check if OpenVAS used a credential successfully or not?

[Chris]

Hi,
 
 I would like to know how to check if the OpenVAS was successful in using the 
 configured credentials.
 
you're probably using a SMB login configured like described here: 
http://greenbone.net/learningcenter/auth_scans.html ?

If yes then i think you should get a Log entry in the scan result of this NVT:

http://plugins.openvas.org/index.php?oid=10394

if the login via SMB was successful or not.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] What are the updates needed.

[Chris]

Hi,

 Now before scanning what are the necessary updates needed to be done on my 
 OpenVas server.

see here for example: http://www.openvas.org/openvas-nvt-feed.html

Upgrading your OpenVAS to the latest maintenance release available here:

http://openvas.org/install-source.html

could be also a good idea.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Unable to install OpenVAS 8

[Chris]

Hi,

i think that output should tell you what to do?

 ERROR: No OpenVAS CLI (omp) found.
 FIX: Please install OpenVAS CLI.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Install from Binary Packages on CentOS

[Chris]

Hi,

 Am I looking in the wrong place?  I see no reference to redis NOR any
 reference to SELinux in:

try to use the latest version of the openvas-check-setup like suggested.
This is suggesting that you should disable SELinux and is also checking if your 
redis-setup is correctly configured.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] HTTP.sys CVE-2015-1635 : Setting up a single scan

[Chris]

Hi,

 If I do a Full and Fast scan against a single target that I know is
 vulnerable I get a hit for CVE-2015-1635.  I want to set up a scan for
 just CVE-2015-1635.  I've done that but when I run it against the same
 host I get 0 results in the report.  I've told OpenVAS to assume the
 target is alive.

you need at least an additional portscanner like nmap (NASL wrapper) from the 
Port scanners familiy enabled to get the vulnerability detected.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Regarding login to openvas port

[Chris]

Hi,

What to do further please let me know.

the logfiles /var/log/openvas/* could be a starting point.

Again, if you can probably tell me how to install openvas on ubuntu
14.04  version

Have a look at your favorite search engine to find tutorials like:

https://hackertarget.com/install-openvas-7-ubuntu/
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Empty vulnerability titles in report

[Chris]

Hi,

 OpenVAS scans produce reports displaying multiple vulnerabilities with CVSS 
 values and associated risk levels, but no vulnerability title.

not quite sure if this is related but something similar was reported
some days ago at:

http://lists.wald.intevation.org/pipermail/openvas-discuss/2015-March/007548.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS DevCon #5 (June 24-26 2015): Registration open

[Chris]

Hi,

 I've created now a web page for DevCon #5:
 
   http://www.openvas.org/openvas-devcon5.html

just noticed that the DevCon #5 is currently listened/linked on:

http://openvas.org/devcons.html

but not on the event page itself:

http://openvas.org/events.html

--
Chris
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Allow multiple login on same user?

[Chris]

Hi,

Is it possible to allow multiple logins on same user on gsa web
interface?

this should be possible with an upcoming version of OpenVAS. At least the 
current GOS 3.1 (based on OpenVAS) is providing this feature when using two 
different browsers:

http://greenbone.net/technology/gos_release_history.html#3_1
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] multi-tiered environment

[Chris]

Hi,

 Unfortunately, that's not really a solution to the problem.

mhhh not sure but then you probably have to some work on your own and
develop a main application on Server C which is calling / requesting the
needed informations from the Scanners A and B via OMP:

http://www.openvas.org/omp-5-0.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] list: laughable message-size limits

[Chris]

On 02/13/2015 07:27 PM, Michael Meyer wrote:
 *** Reindl Harald wrote:

 but the threshold is a bad joke because you can't post *any* image
 
 https://www.google.de/?gws_rd=ssl#q=image+upload

which is in my opinion also the best practice when sending stuff like
screenshots to a mailinglist.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] feeds updates

[Chris]

Hi,

 question: CVE-2014-2653 was filed almost a year ago. was there any
 particular reason why openvas didn't raise any flags on it?

because this check for the CVE is banner based as you can see in the
existing NVT:

http://komma-nix.de/nasl.php?oid=105004

You need to set report_paranoia to Paranoid (more false alarms) (2) in
your scan config to get a finding for this.

Be aware that you will get false positives as Debian for example has
backported this security fix to older versions:

https://security-tracker.debian.org/tracker/CVE-2014-2653
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] feeds updates

[Chris]

Btw., from what i have read the upcoming OpenVAS8 will bring some
changes / improvements for banner based vulnerability checks.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] how to create overrides for certain tests e.g. PHP via Overrides-menu-item

[Chris]

Hi,

 just wondering how to use the Overrides menu to create/configure 
 overrides for certain tests.

i think that is straight forward and self-explanatory.

Do you have any specific questions/problems while creating an override?
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] I can't Login to OpenVAS via Web. How can I modify users?

[Chris]

Hi,

 But, I can't login to OpenVAS via web and it show me the username or password 
 incorrect. How can I add or remove users?

the page here:

http://openvas.org/install-packages-v6.html

contains some infos how to create/add a new user.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Weak ciphers in the OpenVas deamon...

[Chris]

Hi,

 Q: How do I disable these?

see:
http://lists.wald.intevation.org/pipermail/openvas-discuss/2014-November/007077.html
and some other similar mailinglist postings here.

--gnutls-priorities won't work in OpenVAS 6 and older, you need OpenVAS
7 for this.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] debugging an nasl plugin ?

[Chris]

Hi,

first are you running the last rev. 809 of the NVT as there was a small
bug in the regex one month ago:

http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/2014-November/000797.html

 The script still gives no output, and nothing is written to the OpenVAS
 log. The NASL language seems to lack any instruction to generate output,
 so I don't know how to troubleshoot this further ?

Using the openvas-nasl it won't give you an output but you could add
something like:

display(port);

to get an output of the current variables.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Hostname Plugin

[Chris]

Hi,

 Just figured it out. :)

it could be useful for further readers to post how you have figured this
out. :-)
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] debugging an nasl plugin ?

[Chris]

Hi,

 Using these instructions, I can now confirm that the current plugin
 version works as expected, i.e.  :

thanks for the feedback!!!
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Scan results empty OpenVAS on CentOS release 6.6

[Chris]

Hi,

 Any scan I perform does not show any results. this is a new install of
 OpenVas.

some infos about:

- your setup
- used scan config
- used Alive-Test

could be really helpful. Don't think that anyone just can guess where
the problem is with that few infos you have provided.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Modifying the OpenVAS SSL config

[Chris]

Hi,

 Yes, there is hardcoded cipherlist on older version of OpenVAS.
 
does this matter in this case? OpenVAS 5 has reached end-of-life some month ago:

http://lists.wald.intevation.org/pipermail/openvas-announce/2014-August/000166.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Modifying the OpenVAS SSL config

[Chris]

 Well, there is also hardcoded cipherlist on openvas 6?
 
Ah, i see. The --gnutls-priorities is not available in OpenVAS6,
wasn't aware of this.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Modifying the OpenVAS SSL config

[Chris]

Am 08.12.2014 um 19:05 schrieb Reindl Harald:
 hardcoded - a design flaw

not really:

http://lists.wald.intevation.org/pipermail/openvas-discuss/2014-November/007077.html
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Modifying the OpenVAS SSL config

[Chris]

Hi,

 For example, the article shows: gsad
 --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0
 However, in my limited understanding of POODLE, SSLv3 using CBC ciphers
 are vulnerable to that MITM attack.

SSLv3 is disabled via the:

-VERS-SSL3.0

string.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] problem installing openvas in centos7

[Chris]

Hi,

 rsync: failed to connect to feed.openvas.org[http://feed.openvas.org] 
 (78.47.251.61): Connection refused (111)
 rsync error: error in socket IO (code 10) at clientserver.c(122) 
 [Receiver=3.0.9]
 [e] Error: rsync failed.

just tested this and works as expected. Are you able to ping this system?

 [root@localhost /]# openvas-check-setup
 openvas-check-setup 2.2.1
  Test completeness and readiness of OpenVAS-6
  (add '--v4', '--v5' or '--v7'
   if you want to check for another OpenVAS version)

Please update to the latest openvas-check-setup 2.2.6:

https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup

wich now defaults to OpenVAS-7 (which you're probably using).
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Modifying the OpenVAS SSL config

[Chris]

Hi,

 such settings belong in a config file, otherwise if you install from 
 packages the modified sysvinit script get overwritten until you are on 
 systemd based distributions where you can place your units in 
 /etc/systemd/system

sure it could be useful to have such a setting in a config file.

But as far as i can see there is still no hardcoded cipher list as you
have written in your initial post.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Status of current ike-scan (NASL wrapper)?

[Chris]

Hi,

anyone has any experiences with the current version of the ike-scan
(NASL wrapper) and ike-scan 1.9?

Some days ago i have done some test-scans on systems where Nessus shows
that those systems have an enabled aggressive mode with a PSK.

When using OpenVAS6 and the following options of the ike-scan nasl wrapper:

Enable Aggressive Mode - Yes
Enable fingerprint using Aggressive Mode - Yes

only log messages (about 10-15) of the NVT about open ports are shown.

Is this wrapper working at all with recent versions of ike-scan or
should i just skip using it? Any other ways of scanning IPSec systems
for an enabled Aggressive Mode with OpenVAS?

Thanks in advance for a reply.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] MSSQL Server version detection without SMB Login

[Chris]

Hi,

Id like to know when the plugin is ok. So can I know where to check? svn, or use openvas-nvt-sync, or ...?



you can subscribe to the openvas-nvts-commits mailinglist:



http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-nvts-commits



or watch the mailinglist archive:



http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/



to see changes to plugins.

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] False Positives: GNU Bash Environment Variable Handling Shell RCE Vulnerability (CVE-2014-6277)

[Chris]

Hi,
 
  Any ideas on this at all ?

maybe this:

http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/2014-October/000748.html

AFAIK problems with NVTs or false positives are also better placed at the 
plugins ML:

http://lists.wald.intevation.org/pipermail/openvas-plugins
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Poodle - SSL version check

[Chris]

Hi,

another follow-up. There is already a POODLE NVT available since last week:

http://komma-nix.de/nasl.php?oid=802087
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] OpenVAS 7 installation

[Chris]

 You may need to play around with the Alive Test, which by default is an 
 icmp ping AFAIK.

Yes, thats correct since OpenVAS7

http://lists.wald.intevation.org/pipermail/openvas-discuss/2014-October/007022.html
http://lists.wald.intevation.org/pipermail/openvas-discuss/2014-October/006953.html
http://openvas.org/news_archive.html#openvas7
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss