Re: [Openvas-discuss] Can't get openvasmd to build the database
-Original Message- From: Openvas-discuss [mailto:openvas-discuss- boun...@wald.intevation.org] On Behalf Of Jan-Oliver Wagner Sent: Monday, July 06, 2015 6:12 AM To: openvas-discuss@wald.intevation.org Subject: Re: [Openvas-discuss] Can't get openvasmd to build the database On Freitag, 19. Juni 2015, Wiza, David wrote: A long time ago, I posted about an issue where OpenVAS was not loading custom plugins. I could run them with the openvas-nasl command-line tool, but they would not appear in GSA as a plugin I could add to a scan config. At the time, I was running OpenVAS 5. I recently tried to update to OpenVAS 8 and I seem to have completely broken my install. I downloaded the source for all the OpenVAS 8 components, built, and installed them. I migrated the database with openvasmd --migrate, and all was good, except I was finding that OpenVAS *still* wasn't loading my custom plugins. I looked in the openvassd.messages log, and it said it was loading them, but when I try to make a scan config, they're not in the list of plugins. I decided to try deleting my tasks.db database and starting over, and everything went to hell. if you added your custom NVTs, have you placed them into the subdirectory plugins/private/ ? If not, the get removed with the next sync. Next, the custom NVTs will be ignored if not provided with a valid signature and the signature configured for the scanner. For a trial you could add nasl_no_signature_check=yes to openvasd.conf. Then it will be considered regardless of digital signatures. Check with openvassd -s whether setting are properly done. Please check in the section SecInfo/NVTs whether your custom NVTss are there. If yes, you should find them also in the Scan Config editor under the respective family. -- Dr. Jan-Oliver Wagner | +49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner nasl_no_signature_check=yes was set. I had restarted openvassd numerous times, as well as telling openvasmd to rebuild the database. When I checked the list of NVTs from GSAD, they weren't listed, but the scanner log was showing them as being loaded without errors. In any case, I fixed the problem by completely removing anything to do with OpenVAS from the computer then re-installing OpenVAS from source. It works fine now. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Can't get openvasmd to build the database
A long time ago, I posted about an issue where OpenVAS was not loading custom plugins. I could run them with the openvas-nasl command-line tool, but they would not appear in GSA as a plugin I could add to a scan config. At the time, I was running OpenVAS 5. I recently tried to update to OpenVAS 8 and I seem to have completely broken my install. I downloaded the source for all the OpenVAS 8 components, built, and installed them. I migrated the database with openvasmd --migrate, and all was good, except I was finding that OpenVAS *still* wasn't loading my custom plugins. I looked in the openvassd.messages log, and it said it was loading them, but when I try to make a scan config, they're not in the list of plugins. I decided to try deleting my tasks.db database and starting over, and everything went to hell. I've done so many things in the last couple days to try to fix it that I can't really retrace my steps effectively, but I can tell you what's happening now. Starting with no tasks.db file and no certificates but with the plugins downloaded, I take the following steps: Run openvas-check-setup, it says there's no CA certificate for the scanner and to run openvas-mkcert. I do that and accept all the default options and the certs get built and installed. Next, openvas-check-setup says to make the certs for the manager with openvas-mkcert-client -n -i, I do that, again with default options. Next it says that there's no OpenVAS manager database and to run openvasmd --rebuild while the scanner is running. I run openvassd, then openvasmd --rebuild. It only takes about 6 seconds. Then check setup says to create a user, so I do so. I run openvas-check-setup again, but now there's a problem. It says the number of NVTs in the database is too low and to run openvasmd --rebuild while the scanner is running, but it ALSO says that the scanner isn't running and that I need to start it, but it actually *is* running. If I do `ps aux | grep openvas` then I can see openvassd is running and Waiting for incoming connections. If I try to run openvasmd --rebuild anyways, it immediately returns. I check the openvasmd.log file, and it says the certificate is not trusted and doesn't have a known issuer. Strange...I run openvas-mkcert again and restart openvassd, then try to openvasmd --rebuild again. It returns after a few seconds, and openvas-check-setup still says the scanner isn't running and I need to rebuild the database. I check the openvasmd log again and this time, it says openvas_scanner_read: failed to read from server: A TLS packet with unexpected length was received. I've attached the openvas-check-setup.log file from my last run. openvas-check-setup.log Description: openvas-check-setup.log ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Knowledge base isn't being saved after a scan
Is there an easy way to downgrade the scanner to 3.3 or 3.4? When I did sudo yum downgrade openvas-scanner-3.3.1-4.el6.art, it succeeded, but trying to start the scanner service complains with '/usr/sbin/openvassd: error while loading shared libraries: libopenvas_misc.so.5: cannot open shared object file: No such file or directory.' I'm assuming it wants the 5.x version of the openvas-libraries package, but it looks like only 3.0.3 and 7.0.x are available in my repositories (Including Atomic), and the project files at http://wald.intevation.org/frs/?group_id=29 only go back to 6.0 for the libraries. -Original Message- From: matthew.mund...@greenbone.net [mailto:matthew.mund...@greenbone.net] Sent: Tuesday, December 02, 2014 11:34 PM To: Wiza, David Cc: openvas-discuss@wald.intevation.org Subject: Re: [Openvas-discuss] Knowledge base isn't being saved after a scan Hmm...If that's the case, then that's a pretty significant change that should have been put into the update notes when it was released. Also, if KB saving has been removed, then the save_kb option should be removed too, as setting it to yes won't do anything. From openvas-scanner/CHANGES: openvas-scanner 4.0.0 (2014-04-10) ... * Support for Knowledge Base saving outside of network scans has been removed. ... So you should still have it. The preference is save_knowledge_base, by the way. Maybe try OpenVAS-7 anyway? -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Knowledge base isn't being saved after a scan
I'm scanning a very fragile host, and I need to be able to figure out which plugins out of a couple thousand are causing the host to crash, so I've written a script that creates a config with a single plugin selected, creates the task, and runs the scan, then checks the results and runs a simple test to make sure the host is still alive before continuing with the next plugin. If it detects that the host has died, then my script restarts the host to continue scanning, logging which plugin caused the host to crash. However, for a script like this to work well, I need to be able to have the knowledge base created after each test to be saved and then loaded by the next test, but it isn't working. Despite that the configs are set to save/restore the KB, and the max age is set to 24 hours, the KB simply isn't being saved or loaded. I tested this by creating a plugin that simply dumps the contents of the KB. When I create a config with a port scan and my KB dumping plugin, then I see the port scan results in the KB. If I immediately run another task with just the KB dump, I don't see the port scan results. I would expect that the first task would have saved the port scan results to the KB and the second task would read that saved KB and dump it. I'm running CentOS 6, OpenVas Manager 5.0.5, Scanner 4.0.5, and GSAD 5.0.4. The strange thing is that on another system, I'm running an older version of OpenVAS (Scanner 3.3.1, Manager 3.0.6, Admin 1.2.1, GSAD 3.0.3) and it works fine, but I can't scan my fragile host from that system due to the network setup. On that system, I can see the KBs being saved in /var/lib/openvas/users/om/kbs, but on my system running the newer OpenVas, the files there aren't being created. Is there perhaps something I'm missing? ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Knowledge base isn't being saved after a scan
Hmm...If that's the case, then that's a pretty significant change that should have been put into the update notes when it was released. Also, if KB saving has been removed, then the save_kb option should be removed too, as setting it to yes won't do anything. I don't have a /var/lib/openvas/kbs. In /var/lib/openvas, the only directories I have care CA, cert-data, gnupg, mgr, plugins, private, and scap-data. I tried making a kbs directory and running a scan, but still no saved KB. -Original Message- From: matthew.mund...@greenbone.net [mailto:matthew.mund...@greenbone.net] Sent: Tuesday, December 02, 2014 1:04 PM To: Wiza, David Cc: openvas-discuss@wald.intevation.org Subject: Re: [Openvas-discuss] Knowledge base isn't being saved after a scan The strange thing is that on another system, I'm running an older version of OpenVAS (Scanner 3.3.1, Manager 3.0.6, Admin 1.2.1, GSAD 3.0.3) and it works fine, but I can't scan my fragile host from that system due to the network setup. On that system, I can see the KBs being saved in /var/lib/openvas/users/om/kbs, but on my system running the newer OpenVas, the files there aren't being created. Is there perhaps something I'm missing? I think that KB saving has basically been removed from Scanner. I see some stuff is saved to var/lib/openvas/kbs, but I don't think it's what you're looking for. -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
