Re: [Openvas-discuss] Trying to decide the right install

2018-04-09 Thread Stewart Joseph 
I believe, with the help of CFI in #openvas, that the issue is because of the 
QoD.  The hits found in the GCE are showing a QoD of 75% but if we look it up 
on secinfo.greenbone.net, it shows a QoD of 30%.  Is there a reason that the 
GCE would have a different QoD than OpenVAS or what the website would show?  
Here are some links that may help:

https://ibb.co/e4bEex shows the difference between my scans with OpenVAS on the 
left and the GCE on the right.  
Notice how the "OpenSSH Multiple Vulnerabilities has a QoD of 75%?  
https://secinfo.greenbone.net/omp?token=guest&cmd=get_info&info_type=nvt&filter=1.3.6.1.4.1.25623.1.0.806052
 shows it to only be 30%.  
Same thing with "OpenSSH Denial of Service and User Enumeration Vulnerabilities 
(Linux)".  75% in the scan and only 30% at the web site:  
https://secinfo.greenbone.net/omp?token=63c528c2-3c1b-11e8-9dba-0050568d6d9a&cmd=get_info&info_type=nvt&filter=1.3.6.1.4.1.25623.1.0.809154
 

Why would my GCE have a difference QoD for some of these results than what 
shows on the website?

Stewart Joseph
LEK Technology Consultants
407-877-6505 x1103
www.lekcomp.com

-Original Message-
From: Openvas-discuss  On Behalf 
Of Stewart Joseph
Sent: Tuesday, March 20, 2018 11:30 AM
To: Jan-Oliver Wagner ; 
openvas-discuss@wald.intevation.org
Subject: Re: [Openvas-discuss] Trying to decide the right install

Thank you.  When doing the install, the first time I run 
greenbone-scapdata-sync I get many
"Error: near line x: database is locked" and "Error: near line x: NOT 
NULL constraint failed: affected_products.cve"
errors that show.  

The scripts greenbone-nvt-sync and greenbone-certdata-sync both work fine.

If I run any of those 3 again they grab the incremental file list and stops.  I 
assume that is normal?  SecInfo Dashboard shows NVTs at 53792, CVEs at 103690, 
and CERT-Bund at 8739.  

Could this be why I get so few results?  How can I tell if there is a problem 
with my downloaded feeds?

Stewart Joseph, CTO
LEK Technology Consultants
407-877-6505 x1103
www.lekcomp.com

-Original Message-
From: Openvas-discuss  On Behalf 
Of Jan-Oliver Wagner
Sent: Tuesday, March 20, 2018 10:09 AM
To: openvas-discuss@wald.intevation.org
Subject: Re: [Openvas-discuss] Trying to decide the right install

Am Montag, 19. März 2018, 16:31:45 schrieb Stewart Joseph:
> Thanks.  At least I’m making progress.  Then what is the difference in 
> the feeds for the GSMCE and the GCE?  http://www.openvas.org/vm.html 
> indicates that the GSMCE would use the community feeds just like the 
> GCE.  https://www.greenbone.net/en/community-edition/ implies that the 
> GSMCE has the same as the GSM.  Maybe I’m misreading it but they seem 
> at odds.  Which would it have?

The GCE default and the Open Source stand-alone modules both use the GCF. The 
feed content is identical for both setups, but a setup from source code might 
be missing some build configs, tools or maybe you have older system crypto 
libraries or alike.

--
Dr. Jan-Oliver Wagner |  +49-541-760278-0  |  http://www.greenbone.net/ 
Greenbone Networks GmbH, Neumarkt 12, 49074 Osnabrück | AG Osnabrück, HR B
202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner 
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Trying to decide the right install

2018-03-20 Thread Stewart Joseph 
Thank you.  When doing the install, the first time I run 
greenbone-scapdata-sync I get many
"Error: near line x: database is locked" and "Error: near line x: NOT 
NULL constraint failed: affected_products.cve"
errors that show.  

The scripts greenbone-nvt-sync and greenbone-certdata-sync both work fine.

If I run any of those 3 again they grab the incremental file list and stops.  I 
assume that is normal?  SecInfo Dashboard shows NVTs at 53792, CVEs at 103690, 
and CERT-Bund at 8739.  

Could this be why I get so few results?  How can I tell if there is a problem 
with my downloaded feeds?

Stewart Joseph, CTO
LEK Technology Consultants
407-877-6505 x1103
www.lekcomp.com

-Original Message-
From: Openvas-discuss  On Behalf 
Of Jan-Oliver Wagner
Sent: Tuesday, March 20, 2018 10:09 AM
To: openvas-discuss@wald.intevation.org
Subject: Re: [Openvas-discuss] Trying to decide the right install

Am Montag, 19. März 2018, 16:31:45 schrieb Stewart Joseph:
> Thanks.  At least I’m making progress.  Then what is the difference in 
> the feeds for the GSMCE and the GCE?  http://www.openvas.org/vm.html 
> indicates that the GSMCE would use the community feeds just like the 
> GCE.  https://www.greenbone.net/en/community-edition/ implies that the 
> GSMCE has the same as the GSM.  Maybe I’m misreading it but they seem 
> at odds.  Which would it have?

The GCE default and the Open Source stand-alone modules both use the GCF. The 
feed content is identical for both setups, but a setup from source code might 
be missing some build configs, tools or maybe you have older system crypto 
libraries or alike.

--
Dr. Jan-Oliver Wagner |  +49-541-760278-0  |  http://www.greenbone.net/ 
Greenbone Networks GmbH, Neumarkt 12, 49074 Osnabrück | AG Osnabrück, HR B
202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner 
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Trying to decide the right install

2018-03-20 Thread Jan-Oliver Wagner 
Am Montag, 19. März 2018, 16:31:45 schrieb Stewart Joseph:
> Thanks.  At least I’m making progress.  Then what is the difference in the
> feeds for the GSMCE and the GCE?  http://www.openvas.org/vm.html indicates
> that the GSMCE would use the community feeds just like the
> GCE.  https://www.greenbone.net/en/community-edition/ implies that the
> GSMCE has the same as the GSM.  Maybe I’m misreading it but they seem at
> odds.  Which would it have?

The GCE default and the Open Source stand-alone modules both
use the GCF. The feed content is identical for both setups, but
a setup from source code might be missing some build configs, tools
or maybe you have older system crypto libraries or alike.

-- 
Dr. Jan-Oliver Wagner |  +49-541-760278-0  |  http://www.greenbone.net/
Greenbone Networks GmbH, Neumarkt 12, 49074 Osnabrück | AG Osnabrück, HR B 
202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Trying to decide the right install

2018-03-19 Thread Stewart Joseph 
Thanks.  At least I’m making progress.  Then what is the difference in the 
feeds for the GSMCE and the GCE?  http://www.openvas.org/vm.html indicates that 
the GSMCE would use the community feeds just like the GCE.  
https://www.greenbone.net/en/community-edition/ implies that the GSMCE has the 
same as the GSM.  Maybe I’m misreading it but they seem at odds.  Which would 
it have?


From: Shreyas M R 
Sent: Monday, March 19, 2018 12:05 PM
To: Stewart Joseph 
Cc: openvas-discuss@wald.intevation.org
Subject: Re: [Openvas-discuss] Trying to decide the right install

Yes that sums it up.

[https://thumbs.about.me/thumbnail/users/s/h/r/shreyasmrs_emailsig.jpg?_1421254819584781]<https://about.me/shreyasmrs?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api>


Shreyas M R
about.me/shreyasmrs 
<https://about.me/shreyasmrs?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api>


On Mon, Mar 19, 2018 at 9:29 PM, Stewart Joseph 
mailto:stew...@lekcomp.com>> wrote:
Thank you for the reply.  I understand the difference between the purchased 
appliances and the community edition.  Maybe I’m viewing the different 
distributions wrong.  Is it:
GSM- Paid Appliance product
GSMCE- The community edition provided on the website.
GCE- Manual install of OpenVAS on an OS.

If so, that explains a bit.

From: Shreyas M R mailto:shreyas7...@gmail.com>>
Sent: Monday, March 19, 2018 11:28 AM
To: Stewart Joseph mailto:stew...@lekcomp.com>>
Cc: 
openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org>
Subject: Re: [Openvas-discuss] Trying to decide the right install

Hi,

Answer to point 3 can be this: https://www.greenbone.net/en/community-edition/

Point2: Since the feed to GSM is consistent and it is well suited corporate 
environment provides with more vulns than community edition GSA

Thanks
Shreyas

[https://thumbs.about.me/thumbnail/users/s/h/r/shreyasmrs_emailsig.jpg?_1421254819584781]<https://about.me/shreyasmrs?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api>


Shreyas M R
about.me/shreyasmrs 
<https://about.me/shreyasmrs?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api>


On Mon, Mar 19, 2018 at 8:21 PM, Stewart Joseph 
mailto:stew...@lekcomp.com>> wrote:
Hello.  I am trying to figure out OpenVAS and am sorting through differences in 
installs.  Some companies we deal with are too small and can’t afford managed 
services.  Ideally I’d want the install to update automatically, scan the 
subnet, and email a report to us on a schedule.  That way we can see if they 
need us to come out and do anything and we won’t need to bill them monthly, 
just when they need us.  I installed the GCM but it didn’t have the alerts page 
so I installed the OpenVAS9 package on Ubuntu.  I come across a few general 
questions I’m hoping someone can explain.


  1.  Feeds:  The feeds doesn’t appear to be updating automatically.  Is there 
a way to schedule updates in the web interface or do I need to manually do it 
from the console?  I could probably write a script for it but it would be nice 
if it was all done from a single interface.
  2.  Results:  In scanning my router, the Ubuntu install shows  only 4 issues. 
 2 medium and 2 low.  The GCE install shows 24 issues.  7 high, 12 medium, and 
5 low.  Why such a huge disparity?  I’m just telling it to scan the target IP.  
Is there other configuring I should be doing?
  3.  Versions:  GSA vs GSM.  The Ubuntu install is GSA and has some extra 
menus.  The GCE has GSM.  What is the difference in GSA and GSM?  The page at 
http://www.openvas.org/about-software.html makes it seem like GSA is the 
interface and GSM is the backend but the web interface on the two boxes don’t 
appear to show that.  They look like 2 separate but very similar products.
  4.  Performance page:  The Ubuntu install just shows a “Fallback Report”.  
The GCM has lots of graphs and such.  Is there a component or dependency I’m 
missing?

I’m still working through the manual to learn everything and I’ve been on the 
IRC for a bit.  I appreciate any additional assistance!



___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org<mailto:Openvas-discuss@wald.intevation.org>
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Trying to decide the right install

2018-03-19 Thread Shreyas M R 
Yes that sums it up.

<https://about.me/shreyasmrs?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api>
Shreyas M R
about.me/shreyasmrs
<https://about.me/shreyasmrs?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api>

On Mon, Mar 19, 2018 at 9:29 PM, Stewart Joseph  wrote:

> Thank you for the reply.  I understand the difference between the
> purchased appliances and the community edition.  Maybe I’m viewing the
> different distributions wrong.  Is it:
>
> GSM- Paid Appliance product
>
> GSMCE- The community edition provided on the website.
>
> GCE- Manual install of OpenVAS on an OS.
>
>
>
> If so, that explains a bit.
>
>
>
> *From:* Shreyas M R 
> *Sent:* Monday, March 19, 2018 11:28 AM
> *To:* Stewart Joseph 
> *Cc:* openvas-discuss@wald.intevation.org
> *Subject:* Re: [Openvas-discuss] Trying to decide the right install
>
>
>
> Hi,
>
>
>
> Answer to point 3 can be this: https://www.greenbone.
> net/en/community-edition/
>
>
>
> Point2: Since the feed to GSM is consistent and it is well suited
> corporate environment provides with more vulns than community edition GSA
>
>
>
> Thanks
>
> Shreyas
>
>
>
> <https://about.me/shreyasmrs?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api>
>
> *Shreyas M R*
>
> about.me/shreyasmrs
> <https://about.me/shreyasmrs?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api>
>
>
>
> On Mon, Mar 19, 2018 at 8:21 PM, Stewart Joseph 
> wrote:
>
> Hello.  I am trying to figure out OpenVAS and am sorting through
> differences in installs.  Some companies we deal with are too small and
> can’t afford managed services.  Ideally I’d want the install to update
> automatically, scan the subnet, and email a report to us on a schedule.
> That way we can see if they need us to come out and do anything and we
> won’t need to bill them monthly, just when they need us.  I installed the
> GCM but it didn’t have the alerts page so I installed the OpenVAS9 package
> on Ubuntu.  I come across a few general questions I’m hoping someone can
> explain.
>
>
>
>1. Feeds:  The feeds doesn’t appear to be updating automatically.  Is
>there a way to schedule updates in the web interface or do I need to
>manually do it from the console?  I could probably write a script for it
>but it would be nice if it was all done from a single interface.
>2. Results:  In scanning my router, the Ubuntu install shows  only 4
>issues.  2 medium and 2 low.  The GCE install shows 24 issues.  7 high, 12
>medium, and 5 low.  Why such a huge disparity?  I’m just telling it to scan
>the target IP.  Is there other configuring I should be doing?
>3. Versions:  GSA vs GSM.  The Ubuntu install is GSA and has some
>extra menus.  The GCE has GSM.  What is the difference in GSA and GSM?  The
>page at http://www.openvas.org/about-software.html makes it seem like
>GSA is the interface and GSM is the backend but the web interface on the
>two boxes don’t appear to show that.  They look like 2 separate but very
>similar products.
>4. Performance page:  The Ubuntu install just shows a “Fallback
>Report”.  The GCM has lots of graphs and such.  Is there a component or
>dependency I’m missing?
>
>
>
> I’m still working through the manual to learn everything and I’ve been on
> the IRC for a bit.  I appreciate any additional assistance!
>
>
>
>
>
>
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
>
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Trying to decide the right install

2018-03-19 Thread Stewart Joseph 
Thank you for the reply.  I understand the difference between the purchased 
appliances and the community edition.  Maybe I’m viewing the different 
distributions wrong.  Is it:
GSM- Paid Appliance product
GSMCE- The community edition provided on the website.
GCE- Manual install of OpenVAS on an OS.

If so, that explains a bit.

From: Shreyas M R 
Sent: Monday, March 19, 2018 11:28 AM
To: Stewart Joseph 
Cc: openvas-discuss@wald.intevation.org
Subject: Re: [Openvas-discuss] Trying to decide the right install

Hi,

Answer to point 3 can be this: https://www.greenbone.net/en/community-edition/

Point2: Since the feed to GSM is consistent and it is well suited corporate 
environment provides with more vulns than community edition GSA

Thanks
Shreyas

[https://thumbs.about.me/thumbnail/users/s/h/r/shreyasmrs_emailsig.jpg?_1421254819584781]<https://about.me/shreyasmrs?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api>


Shreyas M R
about.me/shreyasmrs 
<https://about.me/shreyasmrs?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api>


On Mon, Mar 19, 2018 at 8:21 PM, Stewart Joseph 
mailto:stew...@lekcomp.com>> wrote:
Hello.  I am trying to figure out OpenVAS and am sorting through differences in 
installs.  Some companies we deal with are too small and can’t afford managed 
services.  Ideally I’d want the install to update automatically, scan the 
subnet, and email a report to us on a schedule.  That way we can see if they 
need us to come out and do anything and we won’t need to bill them monthly, 
just when they need us.  I installed the GCM but it didn’t have the alerts page 
so I installed the OpenVAS9 package on Ubuntu.  I come across a few general 
questions I’m hoping someone can explain.


  1.  Feeds:  The feeds doesn’t appear to be updating automatically.  Is there 
a way to schedule updates in the web interface or do I need to manually do it 
from the console?  I could probably write a script for it but it would be nice 
if it was all done from a single interface.
  2.  Results:  In scanning my router, the Ubuntu install shows  only 4 issues. 
 2 medium and 2 low.  The GCE install shows 24 issues.  7 high, 12 medium, and 
5 low.  Why such a huge disparity?  I’m just telling it to scan the target IP.  
Is there other configuring I should be doing?
  3.  Versions:  GSA vs GSM.  The Ubuntu install is GSA and has some extra 
menus.  The GCE has GSM.  What is the difference in GSA and GSM?  The page at 
http://www.openvas.org/about-software.html makes it seem like GSA is the 
interface and GSM is the backend but the web interface on the two boxes don’t 
appear to show that.  They look like 2 separate but very similar products.
  4.  Performance page:  The Ubuntu install just shows a “Fallback Report”.  
The GCM has lots of graphs and such.  Is there a component or dependency I’m 
missing?

I’m still working through the manual to learn everything and I’ve been on the 
IRC for a bit.  I appreciate any additional assistance!



___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org<mailto:Openvas-discuss@wald.intevation.org>
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Trying to decide the right install

2018-03-19 Thread Shreyas M R 
Hi,

Answer to point 3 can be this:
https://www.greenbone.net/en/community-edition/

Point2: Since the feed to GSM is consistent and it is well suited corporate
environment provides with more vulns than community edition GSA

Thanks
Shreyas


Shreyas M R
about.me/shreyasmrs


On Mon, Mar 19, 2018 at 8:21 PM, Stewart Joseph  wrote:

> Hello.  I am trying to figure out OpenVAS and am sorting through
> differences in installs.  Some companies we deal with are too small and
> can’t afford managed services.  Ideally I’d want the install to update
> automatically, scan the subnet, and email a report to us on a schedule.
> That way we can see if they need us to come out and do anything and we
> won’t need to bill them monthly, just when they need us.  I installed the
> GCM but it didn’t have the alerts page so I installed the OpenVAS9 package
> on Ubuntu.  I come across a few general questions I’m hoping someone can
> explain.
>
>
>
>1. Feeds:  The feeds doesn’t appear to be updating automatically.  Is
>there a way to schedule updates in the web interface or do I need to
>manually do it from the console?  I could probably write a script for it
>but it would be nice if it was all done from a single interface.
>2. Results:  In scanning my router, the Ubuntu install shows  only 4
>issues.  2 medium and 2 low.  The GCE install shows 24 issues.  7 high, 12
>medium, and 5 low.  Why such a huge disparity?  I’m just telling it to scan
>the target IP.  Is there other configuring I should be doing?
>3. Versions:  GSA vs GSM.  The Ubuntu install is GSA and has some
>extra menus.  The GCE has GSM.  What is the difference in GSA and GSM?  The
>page at http://www.openvas.org/about-software.html makes it seem like
>GSA is the interface and GSM is the backend but the web interface on the
>two boxes don’t appear to show that.  They look like 2 separate but very
>similar products.
>4. Performance page:  The Ubuntu install just shows a “Fallback
>Report”.  The GCM has lots of graphs and such.  Is there a component or
>dependency I’m missing?
>
>
>
> I’m still working through the manual to learn everything and I’ve been on
> the IRC for a bit.  I appreciate any additional assistance!
>
>
>
>
>
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss