I should also mention, I am using 3.x build from the openSUSE build
service on Ubuntu.
On Thu, Aug 19, 2010 at 11:02 AM, Brandon Perry
bperry.volat...@gmail.com wrote:
Hmm, do you have any resources I could look at for the Manager
component? I found http://www.openvas.org/openvas-cr-28.html
Hi, running openvas on ubuntu installed from the opensuse build service.
Anytime I scan a host with 100% low info, the graph is fudged up a
bit. It might happen for 100% any level, but I have no way of knowing.
Is this a known bug? Can I fix it somehow?
Attached is an example of the fudged
Looks like an SSL issue, are your certificates correct?
On Mon, Sep 13, 2010 at 11:10 AM, Kaushal Shriyan
kaushalshri...@gmail.com wrote:
Hi,
I get the below error in /var/log/openvas/openvassd.dump, I am on
debian 5.0.6 OS. Please suggest
the headers should be in a -dev package of qt. (libqt4-dev iirc)
On Mon, Oct 4, 2010 at 4:42 PM, Brian Adams badams_i...@yahoo.com wrote:
I'm attempting to install the GSA Desktop, and I'm getting an error telling
me cmake . cannot find the Qt Global headers.
I've installed the entire QT SDK
-- Forwarded message --
From: Brandon Perry bperry.volat...@gmail.com
Date: Fri, Oct 15, 2010 at 5:26 PM
Subject: Re: [Openvas-discuss] Manager can't update/rebuild DB:
database table is locked
To: sva...@sonic.net
Maybe I am misunderstanding what the intended outcome
How did you start the server?
What happens if you use `openvassd -a 127.0.0.1` and using 127.0.0.1
as the IP to connect to?
On Fri, Nov 12, 2010 at 11:10 AM, Brian Clark bcl...@omeda.com wrote:
Hello,
I am new to OpenVAS and am trying to get my first installation up and
running. I have
-discuss-boun...@wald.intevation.org
[mailto:openvas-discuss-boun...@wald.intevation.org] On Behalf Of
Copenhaver, Walter A
Sent: Friday, November 12, 2010 12:22 PM
To: Brian Clark; Brandon Perry; openvas-discuss@wald.intevation.org
Subject: Re: [Openvas-discuss] OpenVAS Client - Cannot connect
You might check out the openvas opensuse build repository. It has a few
package options and is kept up to date.
On Nov 24, 2010 11:49 AM, lance raymond lance.raym...@gmail.com wrote:
Hey all, was looking for a nessus type open source and man did I find it. I
am running a macbook pro and
The openvas compendium (which is freely available as a download) will
probably be of higher quality than randomly strung together wikipedia
articles.
On Nov 24, 2010 1:41 PM, Matthew Mundell matthew.mund...@greenbone.net
wrote:
Sounds fishy so I was hoping someone could attest to the validity
Which repository did you use (the full URL)?
On Wed, May 18, 2011 at 11:39 AM, Matthew Coene mco...@bacardi.com wrote:
Hmm...
Odd... I used the Ubuntu OBS to install and for whatever reason the db file
in /var/lib/openvas/mgr didn't get created... Just had to..
touch tasks.db
to create
Hi, could someone explain to me, or point me to the code, the
handshake that the omp client and openvasmd server go through before
sending commands?
What is happening during this/where can I find it's implementation?
(omp:4304): lib serv-DEBUG:Shook hands with server.
--
Thank you. :)
On Fri, Sep 16, 2011 at 2:49 AM, Matthew Mundell
matthew.mund...@greenbone.net wrote:
Hi, could someone explain to me, or point me to the code, the
handshake that the omp client and openvasmd server go through before
sending commands?
What is happening during this/where can I
response.
El 8 de noviembre de 2011 22:27, Brandon Perry bperry.volat...@gmail.com
escribió:
Are you authenticating properly with openvassmd?
2011/11/8 Juan José Pavlik Salles jjpav...@gmail.com:
Hi! it's me again. I tried creating targets with
omp -X 'create_targetnamexxx/namehostspaste hosts
Also, omp -X $cadena
2011/11/8 Brandon Perry bperry.volat...@gmail.com:
cadena='create_targetnameWebserver
$counter/namehosts$i/hosts/create_target'
should be (I think)
cadena=create_targetnameWebserver
$counter/namehosts$i/hosts/create_target
Here is some (albeit C#) code
listing of
nvts back for this family. If I set details=0 rather than details=1, I
get better responses, however even with omp setting these values
results in failed response.
On Wed, Dec 7, 2011 at 7:13 PM, Brandon Perry bperry.volat...@gmail.com wrote:
Hi, I am running into an issue with openvasmd
Very interesting. I am not running trunk, running via OBS on ubuntu,
though I have been thinking about running from trunk the past few for
other reasons. RUnning with -v results in this:
bperry@bperry-laptop:~/Downloads$ omp -v -h 192.168.1.155 -u openvas
-w openvas -X get_nvts details=\1\
The following is the log:
md main:WARNING:2011-12-08 14h32.28 utc:2455: read_from_server:
failed to read from server: A TLS packet with unexpected length was
received.
lib auth:WARNING:2011-12-08 14h34.25 utc:2465: Authentication
configuration could not be loaded.
event
Giving trunk a try shouldn't be an issue fwiw.
On Thu, Dec 8, 2011 at 9:05 AM, Brandon Perry bperry.volat...@gmail.com wrote:
The following is the log:
md main:WARNING:2011-12-08 14h32.28 utc:2455: read_from_server:
failed to read from server: A TLS packet with unexpected length
It seems this TLS packet length is the issue, no idea what could be
causing it though...
lib serv: DEBUG:2011-12-08 15h21.47 utc:2842:Shook hands with peer.
event auth:MESSAGE:2011-12-08 15h21.47 utc:2842: Authentication
success for user openvas (c5b23d4c-16a3-4632-86ac-cb47954e54dd)
lib
The error says it could not execute it, which doesn't always mean it
couldn't find it. Perhaps chmod +x your nikto.pl
2011/12/8 Juan José Pavlik Salles jjpav...@gmail.com:
Hi! i'm trying to use nikto nasl in openvas 4. The first problem was that
the nikto version in the ubuntu 10.04.3 LTS repos
Also, can *you* run nikto without specifying its full path in bash?
2011/12/8 Brandon Perry bperry.volat...@gmail.com:
What happens if you edit the NASL to hardcode the direct path to your
nikto.pl?
2011/12/8 Juan José Pavlik Salles jjpav...@gmail.com:
I just tried that but didn't work
2011 23:32, Brandon Perry bperry.volat...@gmail.com
escribió:
Perhaps being in /root openvas cannot see it. Try moving it to /opt or
similar.
2011/12/8 Juan José Pavlik Salles jjpav...@gmail.com:
I tried that one too, but doesn't work either.
El 8 de diciembre de 2011 23:23, Brandon Perry
binaries patches to compile
them.
On Fri, Dec 9, 2011 at 5:47 PM, Brandon Perry bperry.volat...@gmail.com
wrote:
I cannot compile openvas-libraries. Fails with the following:
[ 68%] Building C object nasl/CMakeFiles/openvas_nasl_static.dir/regex.c.o
/root/src/openvas/openvas-libraries-5.0
What does 'which nikto' return
2011/12/9 Juan José Pavlik Salles jjpav...@gmail.com:
Here i come again, still can't make nikto work on my reports. Now i tried
using nikto.nasl with openvas-nasl command, like this:
root@openvas:/var/lib/openvas/plugins# openvas-nasl -t my_host nikto -X
nikto:
Also, 'which nikto.pl'
2011/12/9 Brandon Perry bperry.volat...@gmail.com:
What does 'which nikto' return
2011/12/9 Juan José Pavlik Salles jjpav...@gmail.com:
Here i come again, still can't make nikto work on my reports. Now i tried
using nikto.nasl with openvas-nasl command, like
/nikto/nikto.conf /opt/nikto/nikto.pl
nikto is a copy of nikto.pl.
El 9 de diciembre de 2011 19:05, Brandon Perry bperry.volat...@gmail.com
escribió:
Also, 'which nikto.pl'
2011/12/9 Brandon Perry bperry.volat...@gmail.com:
What does 'which nikto' return
2011/12/9 Juan José Pavlik
anymore.
El 10 de diciembre de 2011 14:02, Brandon Perry bperry.volat...@gmail.com
escribió:
Ah, ha. Try this then. CD out of the plugins dir, to say, ~. Then run
the nikto nasl absolutely, rather than relatively.
If this works, then there are some oddities in the environment of openvas
: /etc/openvas/openvassd.conf, but there's
no such file in my file system. There are others nasl plugins that works
great... really dont get it.
El 10 de diciembre de 2011 14:13, Brandon Perry bperry.volat...@gmail.com
escribió:
This mean that openvas is fudging up some env variables. I've
2011 14:22, Brandon Perry bperry.volat...@gmail.com
escribió:
Could you echo your $PATH again? you can remove any personal info from
it...
2011/12/10 Juan José Pavlik Salles jjpav...@gmail.com:
The only strange thing i can see, is that i don't have
/etc/openvas/openvassd.conf file
I Get the same results with my own custom client. I am running this
server in a virtual machine in virtualbox (ubuntu 11.10 host, 11.10
guest). I would like to mention: I did a fresh install on the VM of
11.10, and went to OBS 5.0 for 11.04 as that is the latest release of
ubuntu they have builds
It starts breaking XML after I create a second client certificate for
my user (the first being created for the om user, the second for
admin)
On Sun, Dec 11, 2011 at 1:48 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
I Get the same results with my own custom client. I am running
-h 192.168.1.155 -u openvas -w
openvas -X get_nvts details=\1\ preferences=\0\
preference_count=\0\ timeout=\0\ family=\Buffer overflow\ /
#this will return broken xml
On Sun, Dec 11, 2011 at 2:32 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
It starts breaking XML after I create a second
I should also mention commands that do not return a lot of data work
just fine. Authentication, getting just families, getting configs,
etc...
On Sun, Dec 11, 2011 at 2:50 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
To expand,
On a fresh OS/OpenVAS install (following instructions
Run the nasl with openvas-nasl now from your home dir, relatively. See
what it spits out. Possibly making it more verbose if need be.
2011/12/11 Juan José Pavlik Salles jjpav...@gmail.com:
Hi Christian! This is my .bashrc right now:
root@openvas:~# head .bashrc
# ~/.bashrc: executed by
Anyone have any thoughts on how I could remediate this?
On Sun, Dec 11, 2011 at 3:03 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
I should also mention commands that do not return a lot of data work
just fine. Authentication, getting just families, getting configs,
etc...
On Sun, Dec
reproduced this 3 times now with these exact steps. Any more
information I can give? Should I open a bug ticket?
On Tue, Dec 13, 2011 at 12:29 PM, Stephan Kleine bitdea...@gmail.com wrote:
On Sun, Dec 11, 2011 at 8:48 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
guest). I would like to mention: I
I completely missed mathews email, very sorry. I will try this.
On Tue, Dec 13, 2011 at 7:15 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
5.00**
On Tue, Dec 13, 2011 at 7:15 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
Using the 11.10 builds for OpenVAS 5.09 results in the same
Do you have your certs generated?
Do servercert.pem and serverkey.pem exist?
On Sun, Dec 18, 2011 at 12:27 PM, Reindl Harald h.rei...@thelounge.net wrote:
is this because openvasmd --rebuild +++ killed by SIGABRT +++ or why
does openvasad refuse to start? i had to build the rpm by myself
--ssl-certificate=/etc/openvas/openvas.thelounge.net.pem --alisten=127.0.0.1
--aport=9393 --mlisten=127.0.0.1
--mport=9390
Restart=always
RestartSec=1
[Install]
WantedBy=multi-user.target
Am 18.12.2011 19:30, schrieb Brandon Perry:
Do you have your certs generated?
Do servercert.pem
--mlisten=127.0.0.1 --mport=9390
root 16595 0.0 0.1 60 892 pts/0 S+ 20:16 0:00 grep --color
vas
Am 18.12.2011 20:09, schrieb Brandon Perry:
Everything your error messages are saying leads to not being fully
configured. Make sure you have created the necessary users and certs
You could always roll your own report diffing mechanism. Have your base
report be diffed with the new report (you can automate omp easily), then
use sendmail or something to email the diff to whomever is responsible.
On May 12, 2012 9:10 AM, Russell Jones rjo...@eggycrew.com wrote:
Thanks for
Very weird issue, it seems get_reports isn't returning all the data?
Thoughts? 192.168.1.5 is running 11.10 Ubuntu using the OBS repos.
bperry@w00den-pickle:~$ omp -h 192.168.1.5 --verbose --username admin
--password password --xml get_reports
report_id=\2ab6c9e7-449c-4893-ab86-ca34250b1c95\ /
The exact same thing happens with a custom client written in C#, so it
has to be happening server side.
On Fri, Aug 3, 2012 at 11:53 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
Very weird issue, it seems get_reports isn't returning all the data?
Thoughts? 192.168.1.5 is running 11.10
I had done an openvas-nvt-sync right before the reports started breaking.
On Sat, Aug 4, 2012 at 11:55 AM, Brandon Perry
bperry.volat...@gmail.com wrote:
I figured it out right when you replied heh :)
On Sat, Aug 4, 2012 at 11:54 AM, Brandon Perry
bperry.volat...@gmail.com wrote:
I figured
I have installed OpenVAS on Ubuntu 10.04-12.04 at least a hundred
times, most probably more. I have had it set up in distributed
environments, with custom API client for both OpenVAS Administrator
and OpenVAS Manager. I haven't had any issues over the past year and a
half of managing this
FWIW, I have written some C# bindings for OMP that work on both linux
and Windows (and mac I assume). They are very easy to use and would make
rewriting some ancient applications quite easy.
https://github.com/brandonprry/openvas-sharp
On Tue, 2012-10-30 at 16:29 +0100, Jan-Oliver Wagner wrote:
Not broken for me either. In fact, I have been using openvas for years
now and it has been absolutely great (although I admit I use it
conjunction with other tools). I think openvas is a shining example of
how well an open source tool can be maintained. Kudos to the developers.
On Wed, 2012-10-31
31, 2012 at 3:54 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
Not broken for me either. In fact, I have been using openvas for years
now and it has been absolutely great (although I admit I use it
conjunction with other tools). I think openvas is a shining example of
how well
wasted a complete week
to build my own vmware-appliance which is broken
since months
Am 31.10.2012 22:13, schrieb Brandon Perry:
Wrong, I run it on fedora 17 exclusively atm. The installation guide on
the openvas website is great. All you need is one command after yum.
On Wed, 2012-10-31
Hi, trying to get the Sourcefire Connector escalator to work, but
having difficulties.
If I create a new escalator from omp, say:
escalator id=e3ce3160-a621-4fc4-a967-2ff706fde46e
nameDaily/name
comment/comment
in_use0/in_use
conditionAlways
datachanged
I should also mention I am running on ubuntu 12.04, compiled from
source.
On Sat, 2012-11-17 at 09:15 -0600, Brandon Perry wrote:
Hi, trying to get the Sourcefire Connector escalator to work, but
having difficulties.
If I create a new escalator from omp, say:
escalator id=e3ce3160-a621
Try it and find out. :)
On Sat, 2012-11-17 at 17:05 +0300, Ali Khalfan wrote:
Can someone please point me to the right direction about openvas and
ovaldi ?
The integrated tools site http://www.openvas.org/integrated-tools.html
refers to ovaldi 5.5.4, while the latest version is 5.10. So,
(Event: Task status changed to 'Done',
Condition: Always)
On Sat, 2012-11-17 at 09:20 -0600, Brandon Perry wrote:
I should also mention I am running on ubuntu 12.04, compiled from
source.
On Sat, 2012-11-17 at 09:15 -0600, Brandon Perry wrote:
Hi, trying to get the Sourcefire Connector
Certificate !
You need to install the connection to be able to run it, have you tried
the report format plugin first ?
I can´t see the DefenceCenter Certificate in your request, so you can´t
use it without one ;-)
On 11/17/2012 4:20 PM, Brandon Perry wrote:
I should also mention I am running
In my attempts to get the sourcefire connector working, I have found
this in the log after increasing the log level...
event escalator:MESSAGE:2012-12-01 01h05.26 UTC:2755: The escalator
for task Example task was triggered (Event: Task status changed to
'Done', Condition: Always)
md
' /
test_escalator_response status_text=Internal error
status=500/test_escalator_response
Any thoughts?
On Fri, Nov 30, 2012 at 7:12 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
In my attempts to get the sourcefire connector working, I have found
this in the log after increasing the log level...
event
FWIW, centos 6.3 running from atomic repos.
On Fri, Nov 30, 2012 at 7:17 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
Ah, these are the wrong log message corresponding to the escalator
test. There is actually nothing in the logs regarding an internal
error
However, if I test with omp
namenotice_report_format/name/data/method
/escalator
/get_escalators_response
On Fri, Nov 30, 2012 at 7:20 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
FWIW, centos 6.3 running from atomic repos.
On Fri, Nov 30, 2012 at 7:17 PM, Brandon Perry
bperry.volat...@gmail.com wrote:
Ah
You set the size of the disk when you create the VM.
On Thu, Jan 17, 2013 at 6:44 PM, Rob Wilcox robwilcox...@yahoo.com wrote:
Please post the following message:
I am having lots of trouble installing openvas Debian OBS
in Oracle virtual machine, Ubuntu 12.04 lts(installed inside Windows 8
You installed the old openvas in the ubuntu repos, not the new one in
the OBS. You should either install from OBS or build from source.
I recommend using fedora and the atomic repos TBH.
On Fri, Jan 18, 2013 at 6:54 PM, Rob Wilcox robwilcox...@yahoo.com wrote:
please post the following message:
It definitely works. I would almost say it just works. You should install
from the atomic repo and just run openvas-setup.
On Feb 27, 2013 1:12 PM, Eero Volotinen eero.voloti...@iki.fi wrote:
CentOS6 works for sure and does NOT end with a nonworking
setup if you are able to follow simple
I accidentally replied just to Jan, so re-replying to all
Personally, the feature is useful, but I agree with the above poster
that there really is no good default password policy. As long as the
feature is well documented, that is all I would ask for. Unless of
course the default password
Unless you install from the atomic repos on centos/rhel.
On Mar 7, 2013 11:51 AM, Reindl Harald h.rei...@thelounge.net wrote:
Am 07.03.2013 18:04, schrieb Michael Meyer:
*** Weir, Jason wrote:
Thanks Geoff - looks like I have libmicrohttpd10 v0.9.19-1 installed,
any idea what version
The developers of OpenVAS do a great job and I wanted to extend my
thanks to them. I have been using OpenVAS since 3 and have been very
happy with the product and the community.
Keep on rocking a great open source product. Working on open source
projects can be tough since you generally only hear
You must use create_target to create a target. You may then use get_configs
to find the uuid of the config you want to use. You will use the uuid to
use create_task using the uuid of the target and the scan config you want
to perform the scan with. Will probably be two or three commands.
On Mar
Try building the xml by hand and using --xml.
On Mar 12, 2013 2:49 PM, Alexander Rau alexan...@rau.ca wrote:
Hi all and thanks for your responses
So I am reading the docs as man pages and I am able to pull the configs:
#omp -h 10.0.0.119 -p 9390 --username root -w *** --get-configs
Are you sure this is what you want? That would take *forever* and really
doesn't make a lot of sense. What is your end goal?
On Mar 17, 2013 12:41 PM, Oliver Marshall oliver.marsh...@g2support.com
wrote:
What's the best way to go about running a scan for all vulnerabilities in
the OpenVAS feed
Thanks for the great work!
On Tue, Mar 19, 2013 at 3:39 PM, Jan-Oliver Wagner
jan-oliver.wag...@greenbone.net wrote:
Hello OpenVAS Users,
with about 50+ backport patches applied since the last beta release we
now have the first release candidate packages for OpenVAS-6!
Whoever is used to it
Hi, I have discovered that, using mono at least, I am not able to parse the
get_nvt api call properly due to ampersands in the XML returned that are
not XML entities.
Two examples are the following URL's:
URL:http://svn.apache.org/viewvc?view=revisionrevision=1476592
Hmm, I may have been adding the details flag and not realising it. Have
been doing this programmatically. I will narrow it down to a specific (or
the specific) nvts tonight and get back with you.
On Fri, Jun 21, 2013 at 8:46 AM, Matthew Mundell
matthew.mund...@greenbone.net wrote:
The command I am using is: get_nvts details=1 preferences=0
preference_count=0 timeout=0 /
An NVT that causes the error is: 1.3.6.1.4.1.25623.1.0.803637
You can add the NVT OID to the get_nvts api call with the nvt_oid attribute.
On Fri, Jun 21, 2013 at 9:33 AM, Brandon Perry bperry.volat
) $|creation_date=2013-06-06
13:10:27 +0530 (Thu, 06 Jun
2013)/tagspreference_count-1/preference_counttimeout/timeoutchecksumalgorithmmd5/algorithm2397586ea5cd3a69f953836f7be9ef7b/checksum/nvt/get_nvts_response
On Fri, Jun 21, 2013 at 4:35 PM, Brandon Perry bperry.volat...@gmail.comwrote:
The command
Excellent, thanks!
On Fri, Jun 21, 2013 at 5:58 PM, Matthew Mundell
matthew.mund...@greenbone.net wrote:
OK so those URLs are in the XREFS element. OpenVAS-6 will have the same
problem. The backport I mentioned before will be in the next Manager 4
release which should sort it out.
--
You should create a target with create_target and set the port_range on the
target to your desired port range.
Sent from a computer
On Oct 22, 2013, at 14:23, Shang Wang sw...@nopsec.com wrote:
Dear all:
I don't see there's an option that we can modify port list using OMP command,
but
I am trying to associate a set of SSH credentials to a task and don't
see a way to do this in the documentation. I see how to associate it to
a target, but no task is done authenticated when the ssh creds are
associated with the target. If I go to GSA and look at the tasks, I have
the ability to
Actually, I may have bugged the list too soon.
On 11/02/2013 04:48 PM, Brandon Perry wrote:
I am trying to associate a set of SSH credentials to a task and don't
see a way to do this in the documentation. I see how to associate it to
a target, but no task is done authenticated when the ssh
Yes, I was passing openvasmd
ssh_lsc_credentialuuid/ssh_lsc_credential instead of
ssh_lsc_credential id=uuid /.
Whoops.
On 11/02/2013 04:48 PM, Brandon Perry wrote:
I am trying to associate a set of SSH credentials to a task and don't
see a way to do this in the documentation. I see how
I hAve resolved a similar issue by running openvasmd --update and restart
(computer or openvasmd) iirc. If you run omp with full verbosity, you will see
the xml gets cut off, so it is no longer well formed.
Sent from a computer
On Nov 19, 2013, at 13:10, Shang Wang sw...@nopsec.com wrote:
The config id is a uuid that you can get by making a get_configs / call to
OMP.
Sent from a computer
On Jan 10, 2014, at 8:37, Ulrich Guimbi ulrich.gui...@opentrust.com wrote:
Hello Everybody,
So first, happy new year.
I’m a new user of OpenVas, I’m a French IT Administrator (If they are
Meant to send this to list...
Sent from a computer
On Feb 17, 2014, at 12:06 PM, Brandon Perry bperry.volat...@gmail.com wrote:
1. Openvas scans just like nexpose or nessus. You can scan a machine
externally or provide creds to scan internally
2. Expect to need a box with 8gb ram
Is the clock on the machine skewed?
Sent from a computer
On Feb 19, 2014, at 4:34 PM, Greg Etling getl...@stern.nyu.edu wrote:
No change...
#cp 039b4fe2-99ab-11e3-a53b-005056b800a5.asc
/var/lib/openvas/plugins/report_formats/
#omp -X 'modify_report_format
Try running --migrate again before running -- rebuild
On Sat, Mar 8, 2014 at 1:15 PM, Peter Collins p...@coolwarm.com wrote:
I reformatted the computer and tried again with Centos-Atomic.
After following instructions, the check setup halts on step 2, see
attached.
It tells me to rebuild
to the CentOS package instructions?
Thanks very much Brandon and Ryan, and of course Jan-Oliver.
Peter
On Sat, Mar 8, 2014 at 11:25 AM, Brandon Perry
bperry.volat...@gmail.comwrote:
Try running --migrate again before running -- rebuild
On Sat, Mar 8, 2014 at 1:15 PM, Peter Collins p
Do not take the number of vulns reported as a true number. I won't name
names, but some scanners will report each vuln fixed by a KB, as opposed to
saying you are missing the patch KB-whatever.
What is more important is if the information given to you is accurate. If
scanner X says that you are
of your network for a
couple grand a year. Do not expect to magically switch over to a new
scanner and still have the same coverage you had before.
I love OpenVAS, but there is a reason Nexpose and QualysGuard cost what
they do.
On Fri, Mar 21, 2014 at 2:27 PM, Brandon Perry bperry.volat
Did you --update/--rebuild openvasmd?
On Wed, Apr 9, 2014 at 8:42 AM, clems clems.e...@gmail.com wrote:
Hello,
I update the feed and there is on now
gb_openssl_heartbeat_66690.nasl
http://lists.wald.intevation.org/pipermail/openvas-nvts-commits/2014-April/000355.html
But in the gsa
That forum convo says the Nessus one has reported considerable false
positives.
If you are testing with 4 different scripts (openvas, nessus, metasploit,
and ssltest.py) and only nessus is saying it is vulnerable, isn't that a
75% chance it is false positive?
Do you believe it is vulnerable?
There are multiple parts to updating the NVT's.
Running openvas-[nvt|scap]-sync does update the NVTs. However, you also
need to make openvas aware of the new NVTs, so you must run openvasmd
--update.
--rebuild will rebuild the entire sqlite database. --update simply updates
the database to
Did you restart everything after rebuilding?
And I don't think this will be any different, but if you use raw OMP and
ask for them, does that show the same behaviour?
On 04/28/2014 03:24 PM, G Galitz wrote:
Hi.
To make a long story short, recently I had to restore my tasks.db on
an existing
Implement omp protocol.
Sent from a computer
On May 15, 2014, at 10:14 AM, Vijay Anand S P
s.p.vijayanand+off...@agriya.in wrote:
Dear All,
How to integrate openvas in PHP?
Thanks,
___
Openvas-discuss mailing list
I can test a couple of these this weekend and report back. Probably CentOS
and ubuntu/debian.
On Thu, May 29, 2014 at 12:19 PM, Jan-Oliver Wagner
jan-oliver.wag...@greenbone.net wrote:
Hello OpenVAS users!
I'd be interested in confirmed package-based installation of OpenVAS-7
to fill page
This has to do with the microhttpd that is used on Debian. IMO the best fix
is to use CentOS.
Think you need to recompile an older version of microhttpd in order for
https to work. Willing to eat crow though.
On Tue, Jun 3, 2014 at 4:53 PM, Alexander Rau alexan...@rau.ca wrote:
Hi folks:
I
is, OpenVAS works best on CentOS.
If it is, good to hear, as I've been banging my head against a brick wall
trying to get it to run on Fedora and Ubuntu/Debian.
Steve
-- Original Message --
From: Brandon Perry bperry.volat...@gmail.com
To: Alexander Rau alexan...@rau.ca
Cc: openvas
The finds are used to discover binaries on the file system to perform
version checks.
On Thu, Jun 5, 2014 at 6:56 PM, Arya Goudarzi gouda...@gmail.com wrote:
Hi,
I have been using OpenVAS for 3 years now. However, I'd never used the
authenticated test feature of it till today. For some
/thoughts-on-vulnerability-scans-with.html
On Thu, Jun 5, 2014 at 7:03 PM, Brandon Perry bperry.volat...@gmail.com
wrote:
The finds are used to discover binaries on the file system to perform
version checks.
On Thu, Jun 5, 2014 at 6:56 PM, Arya Goudarzi gouda...@gmail.com wrote:
Hi,
I
Ensure you set your credentials up properly.
On Tue, Jun 10, 2014 at 7:07 PM, Fatima Zahra EL BOUZRAZI
fz.elbouzr...@gmail.com wrote:
Hi;
I have installed OpenVAS 6 on my Centos and its installation is OK.
but whenever i launch a scan by openvas I get threat 'None' and it doesn't
show me
I am not 100% sure what you mean by this, but you could automate report
generation with some quick code and the OMP protocol.
On Thu, Jun 19, 2014 at 8:19 AM, Jack Harvey ja...@synnex.com wrote:
I’m new to Openvas. Using on Greenbone appliance. Was wondering if I
can automate the
Do you believe you are entitled to any of that? The guys heading the atomic
repo are awesome.
This is an open source project, you are entitled to nothing. The fact that
atomic corp maintains packages for such an excellent open source project
just shows how nice the guys at atomicorp are. It is up
There is an openvas plugin.
In msfconsole, type 'load openvas' and it will enable the openvas specific
commands.
https://github.com/rapid7/metasploit-framework/blob/master/plugins/openvas.rb
On Fri, Jun 20, 2014 at 1:26 PM, W Scott Lockwood III sc...@guppylog.com
wrote:
Aaaah, thanks.
On
Absolutely, but it is not exposed in the fancy web UI. You must use the
console.
On Fri, Jun 20, 2014 at 2:29 PM, W Scott Lockwood III sc...@guppylog.com
wrote:
Awesome! Is that included in the commercial version as well?
On Fri, 2014-06-20 at 14:25 -0500, Brandon Perry wrote
1 - 100 of 188 matches
Mail list logo