Hi,
sorry for the delayed answer.
On Dienstag, 19. Juni 2012, Songhan Yu wrote:
> We have modified our plugins submitted yesterday based on the advice
> from Jan, and added three new plugins.
in the first phase of your contributions I think it would be nice to
handle the NVTs one by one.
So, perhaps just start with asterisk NVTs and here with
nopsec_asterisk_ast_2012_006.nasl.
(note, however, that I am not a NVT developer myself, so other expert comments
are welcome).
I think you can soon commit this script. Have you already requested to join
OpenVAS on
Wald development platform? This way you can be provided with SVN write access,
provided you
upload your sshv2 public key in your Wald profile.
Are you experienced in using SVN?
Are you familiar with our SVN commit rules like that we add always a detailed
ChangeLog
entry manually for with each commit?
As for this NVT:
* You don't need the "Description:" text inside the description attribute.
* You don't need the "This script is " in the copyright attribute.
* This sline looks a bit strange:
port = get_kb_item("Services/udp/sip");port = 4569;
Maybe a copy & paste error?
* You should use the product detecion in a better way.
This wasn't documented until a few minutes ago, but I took this
occasion to write down a quick howto:
http://www.openvas.org/nvt-dev.html
* One of the exit(0) seems unnecessary to me.
* script_category: is ACT_GATHER_INFO suitable?
About testing:
I know it is not too easy currently to test the NVTs. In fact
you need to place them into a OpenVAS-5 installation, restart
scanner, rebuild openvasmd database and then run a task to see whether
it works for the non-vul case and then again run the task for the vul-case.
(or have dual scenarios to do that in one go).
Do you have such a test/stage ennvironment in place?
All the best
Jan
--
Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B
202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-plugins mailing list
[email protected]
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
