I've had absolutely no problems with OpenVAS, certainly the setup presented some challenges but once I got everything working it has been great.
I scan 100 servers on a bi-weekly basis using OpenVAS, works wonderfully. I've even taken the time to put together a CentOS 5.8 virtual machine that you're more than welcome to download from my site (vigeek.net). You HAVE to expect false positives, it's just the nature of scanning, you need to have enough technical chops to understand what you're looking at. - Russ On Wed, Oct 31, 2012 at 4:42 PM, Reindl Harald <[email protected]>wrote: > this crap does not work since 8 months > it was intented to do one scan per month > > well, it did exactly 3 scans with a HUGE false-positive > 2 of the 3 - i can not imagine less help at all > > and yes i tried the appliance which was a stripped down > SuSE wiithout zypper and did not work at all becuse it > scanned exactly 3 seconds per host, it did not remeber > password changes - it was unusable and needed a week > to get it run the first time > > sorry - but quality does not look like that > > Am 31.10.2012 21:34, schrieb Scott Damron: > > Wow! That was pretty venomous. I bet you get lots of help now. > > > > On Wed, Oct 31, 2012 at 3:30 PM, Reindl Harald <[email protected]> > wrote: > >> nice - but the base of CentOS is stoneold > >> it is based on Fedora12/13 > >> until Fedora 15 openvas worked > >> now we have fedora 17 and soon F18 > >> > >> since HUNDRETS of packages are working well with > >> the gnutls of recent distributions and only openVAS > >> does onot run since nearly a year it is pretty clear > >> that openVAS is HORRIBLE broken > >> > >> WHY in the world was the switch to gnutls done instead > >> use openssl which works since decades relieable? > >> > >> yes it is open source > >> but my whole environment is based on opensource and > >> only openVAS is simply not useable and for sure not > >> a valid reason to make the rest of the infrastructure > >> quetsionsable which works since Fedora 9, was upgraded > >> ONLINE to F17 with YUM (which means online) > >> > >> well, i speak here about some hundret of domains > >> and a hughe count of different services which works > >> 100% perfect over years and the WebUI of a security > >> scanner is fucking too stupid to connect with it's > >> backends which does not require ot be foolishly encrypted > >> on lcoal host at all > >> > >> finally only a lot of wasted hours to get this crap running > >> in 2011-12 too see it dying after THREE secscans - a joke > >> > >> Am 31.10.2012 21:21, schrieb Schulte: > >>> with CentOS 6.3 it works. > >>> > >>> -----Original Message----- > >>> From: Openvas-discuss > >>> [mailto:[email protected]] On Behalf Of ext > >>> Eero Volotinen > >>> Sent: Wednesday, October 31, 2012 19:33 > >>> To: Reindl Harald > >>> Cc: [email protected] > >>> Subject: Re: [Openvas-discuss] openvas gnutls bug again? > >>> > >>> 2012/10/31 Reindl Harald <[email protected]>: > >>>> > >>>> > >>>> Am 31.10.2012 17:02, schrieb Eero Volotinen: > >>>>> Hi, > >>>>> > >>>>> Tried to install openvas on latest debian and still seeing this > >>> gnutls > >>>>> bug: > >>> > http://lists.wald.intevation.org/pipermail/openvas-devel/2012-July/00295 > >>> 1.html > >>>>> > >>>>> how to fix this issue? (without compling openvas from sources?) > >>>> > >>>> i was NEVER able to get GSA working past Fedora 15 > >>>> gnutls-2.12.17-1.fc17.x86_64 > >>> > >>> sad :( so fix for openvas 5 is only in svn trunk? is there any distro > >>> that works out of box with openvas 5? > > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
