Re: [Openvas-discuss] Making Web Credentials available to normal users

2016-04-27 Thread TN TN 
Hi Micha,

Thanks for the prompt response.

The reason I'd like to have this feature is that if a site is password
protected from the homepage, the scanner cannot scan the entire site/pages
beyond the login page if authentication credentials are not provided.
Thanks - T


On 27 April 2016 at 03:09, Michael Meyer 
wrote:

> *** TN TN wrote:
>
> > Is it possible to allow a user to enter website credentials to a password
> > protected site.
>
> Out of curiosity, why exactly will you do that?
>
> > If this doesnt currently exist is it on the roadmap?
>
> Yes, it is.
>
> Micha
>
> --
> Michael Meyer  OpenPGP Key: 0xAF069E9152A6EFA6
> http://www.greenbone.net/
> Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
> Osnabrück, HR B 202460
> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Argh!!!

2016-04-27 Thread Khürt L. Williams 
I am pulling my hair out getting this setup.

Distributor ID: Ubuntu Description: Ubuntu 14.04.4 LTS Release: 14.04 Codename: 
trusty


root@monkeyhill:~# apt-cache search openvas
libopenvas2 - remote network security auditor - shared libraries
libopenvas2-dev - remote network security auditor - static libraries and headers
libopenvasnasl2 - OpenVAS shared libraries
libopenvasnasl2-dev - OpenVAS static libraries and headers
openvas-client - Remote network security auditor, the client
openvas-plugins-base - remote network security auditor - basic plugins
openvas-plugins-dfsg - remote network security auditor - plugins
openvas-server - remote network security auditor - server
openvas-server-dev - remote network security auditor - static libraries and 
headers
openvas-scanner - remote network security auditor - scanner
openvas-cli - remote network security auditor - cli
openvas-manager - remote network security auditor - manager
openvas - remote network security auditor - metapackage
libopenvas8-dev - remote network security auditor - static libraries and headers
libopenvas8 - remote network security auditor - shared libraries
openvas-gsa - remote network security auditor - web interface
libopenvas9-dev - remote network security auditor - static libraries and headers
libopenvas9 - remote network security auditor - shared libraries
openvas9-scanner - remote network security auditor - scanner
openvas9-manager - remote network security auditor - manager
openvas9 - remote network security auditor - metapackage
openvas9-cli - remote network security auditor - cli
openvas9-gsa - remote network security auditor - web interface
root@monkeyhill:~# apt-get install openvas9
Reading package lists... Done
Building dependency tree
Reading state information... Done
openvas9 is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@monkeyhill:~# service openvas-scanner restart
 * Restarting openvas-scanner openvassd 
 [ OK ]  
root@monkeyhill:~# service openvas-manager restart
 * Restarting openvas-manager openvasmd 
 [ OK ]  
root@monkeyhill:~# service openvas-server restart
root@monkeyhill:~# open
open openvas-manage-certs 
openvas-migrate-to-postgres  openvas-scapdata-sync
openssl  openvasmdopenvas-nvt-sync  
   openvassd
openvas-certdata-syncopenvasmd-sqlite 
openvas-portnames-update openvt
root@monkeyhill:~# openvas-nvt-sync  
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 
'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.

Please report synchronization problems to openvas-f...@intevation.de.
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.

[i] Feed is already current, no synchronization necessary.
root@monkeyhill:~# ./openvas-check-setup  
openvas-check-setup 2.3.3
  Test completeness and readiness of OpenVAS-8
  (add '--v6' or '--v7' or '--v9'
   if you want to check for another OpenVAS version)

  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the 
problem.

  Use the parameter --server to skip checks for client tools
  like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ...  
ERROR: OpenVAS Scanner too old or too new: 5.1+beta2
FIX: Please install OpenVAS Scanner 5.0.
HINT: Please see the --v6/7/8/9 command line options to check other 
major versions.

 ERROR: Your OpenVAS-8 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze 
the problem.

root@monkeyhill:~# ./openvas-check-setup --v9
openvas-check-setup 2.3.3
  Test completeness and readiness of OpenVAS-9

  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the 
problem.

  Use the parameter --server to skip checks for client tools
  like GSD and

[Openvas-discuss] ERROR: The number of NVTs in the OpenVAS Manager database is too low.

2016-04-27 Thread Khürt L. Williams 
I am pulling my hair out getting this setup.


root@monkeyhill:~# openvas-nvt-sync 
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 
'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.

Please report synchronization problems to openvas-f...@intevation.de.
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.

[i] Feed is already current, no synchronization necessary.
root@monkeyhill:~# ./openvas-check-setup --v9
openvas-check-setup 2.3.3
  Test completeness and readiness of OpenVAS-9

  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the 
problem.

  Use the parameter --server to skip checks for client tools
  like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ... 
OK: OpenVAS Scanner is present in version 5.1+beta2.
OK: OpenVAS Scanner CA Certificate is present as 
/var/lib/openvas/CA/cacert.pem.
OK: redis-server is present in version v=2.8.4.
OK: scanner (kb_location setting) is configured properly using the 
redis-server socket: /var/run/redis/redis.sock
OK: redis-server is running and listening on socket: 
/var/run/redis/redis.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: NVT collection in /var/lib/openvas/plugins contains 46769 NVTs.
WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
SUGGEST: Enable signature checking (see 
http://www.openvas.org/trusted-nvts.html).
OK: The NVT cache in /var/cache/openvas contains 46769 files for 46769 
NVTs.
Step 2: Checking OpenVAS Manager ... 
OK: OpenVAS Manager is present in version 6.1+beta2.
OK: OpenVAS Manager client certificate is present as 
/var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation 
enabled.
OK: OpenVAS Manager database is at revision 155.
OK: OpenVAS Manager expects database at revision 155.
OK: Database schema is up to date.
ERROR: The number of NVTs in the OpenVAS Manager database is too low.
FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT 
collection and run 'openvasmd --rebuild'.

 ERROR: Your OpenVAS-9 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze 
the problem.

root@monkeyhill:~# openvasmd --rebuild --progress
Rebuilding NVT cache... failed.
root@monkeyhill:~# cat /tmp/openvas-check-setup.log
openvas-check-setup 2.3.3
  Mode:  desktop
  Date:  Wed, 27 Apr 2016 15:38:07 -0400

Checking for old OpenVAS Scanner <= 2.0 ...
./openvas-check-setup: 163: ./openvas-check-setup: openvasd: not found

Checking presence of OpenVAS Scanner ...
OpenVAS Scanner 5.1+beta2
Most new code since 2005: (C) 2015 Greenbone Networks GmbH
Nessus origin: (C) 2004 Renaud Deraison 
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


Checking OpenVAS Scanner version ...

OK: OpenVAS Scanner is present in version 5.1+beta2.
plugins_folder = /var/lib/openvas/plugins
cache_folder = /var/cache/openvas
include_folders = /var/lib/openvas/plugins
max_hosts = 30
max_checks = 10
be_nice = no
logfile = /var/log/openvas/openvassd.messages
log_whole_attack = no
log_plugins_name_at_load = no
dumpfile = /var/log/openvas/openvassd.dump
cgi_path = /cgi-bin:/scripts
optimize_test = yes
checks_read_timeout = 5
network_scan = no
non_simult_ports = 139, 445
plugins_timeout = 320
safe_checks = yes
auto_enable_dependencies = yes
use_mac_addr = no
nasl_no_signature_check = yes
drop_privileges = no
unscanned_closed = yes
unscanned_closed_udp = yes
vhosts = 
vhosts_ip = 
report_host_details = yes
cert_file = /var/lib/openvas/CA/servercert.pem
key_file = /var/lib/openvas/private/CA/serverkey.pem
ca_file = /var/lib/openvas/CA/cacert.pem
kb_location = /var/run/redis/redis.sock
config_file = /etc/openvas/openvassd.conf
Checking OpenVAS Scanner CA cert ...

OK: OpenVAS Scanner CA Certificate

Re: [Openvas-discuss] tasks creation with OMP question

2016-04-27 Thread Adam Kehler 
It could be because your last "" tag should read
"".

On Wed, Apr 27, 2016 at 1:10 PM  wrote:

> OK Thanks, So I did this:
>
> omp -h 127.0.0.1 -u admin -w my_password --xml='
> 
> Site Name
> Site VLAN
> 
> 
> 
>
>  max_checks
>  6
>
>
>  max_hosts
>  25
>
> 
> '
>
> Now the command works, but the values are not changed accordingly. It's
> still the default value (10 and 30 in my case).
> I am confused by the  being a "Compact name of preference,
> from scanner."
>
> Any clarification there would be nice.
>
> Thanks !
>
> - Mail original -
> De: "mattm" 
> À: tato...@free.fr
> Cc: "Eero Volotinen" ,
> openvas-discuss@wald.intevation.org
> Envoyé: Mercredi 27 Avril 2016 18:48:19
> Objet: Re: [Openvas-discuss] tasks creation with OMP question
>
> > I alrady did, otherwise I wouldn't seek the mailing list for help...
> > I looked at http://www.openvas.org/omp-6-0.html#command_create_task but
> I still don't understand how I am suppose to achieve this.
>
> There's no NAME in PREFERENCES/PREFERENCE, just SCANNER_NAME.
>
> --
> Greenbone Networks GmbH
> Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
> Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] tasks creation with OMP question

2016-04-27 Thread mattm 
> I alrady did, otherwise I wouldn't seek the mailing list for help...
> I looked at http://www.openvas.org/omp-6-0.html#command_create_task but I 
> still don't understand how I am suppose to achieve this.

There's no NAME in PREFERENCES/PREFERENCE, just SCANNER_NAME.

--
Greenbone Networks GmbH
Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] tasks creation with OMP question

2016-04-27 Thread Eero Volotinen 
Take look of protocol specs..
27.4.2016 7.22 ip.  kirjoitti:

> Thank you for your answer, but then how am I suppose to do this ?
>
> - Mail original -
> De: "Eero Volotinen" 
> À: tato...@free.fr
> Cc: openvas-discuss@wald.intevation.org
> Envoyé: Mercredi 27 Avril 2016 18:17:35
> Objet: Re: [Openvas-discuss] tasks creation with OMP question
>
>
>
> Your are using non existent elemwnt
> 27.4.2016 7.13 ip. < tato...@free.fr > kirjoitti:
>
>
> Hello !
>
> I am currently setting up an openvas dedicated machine to scan some of my
> company's lab networks. Since the number of networks are quiet significant
> I am using OMP to create tasks to openvas-manager.
>
> However, I have some problems creating the tasks I need. Currently, I
> create simple tasks with the following command:
>
> omp -h 127.0.0.1 -u admin -w my_password --xml='
> 
> Site Name
> Site VLAN
> 
> 
> '
>
> This works fine. Now, I would like to tune this a little bit, like
> specifying the number of concurrent scans and number of simultaneous NVTs,
> so I do the following:
>
> omp -h 127.0.0.1 -u admin -w my_password --xml='
> 
> Site Name
> Site VLAN
> 
> 
> 
> 
> Maximum concurrently executed NVTs per host
> max_checks
> 4
> 
> 
> Maximum concurrently scanned hosts
> max_hosts
> 20
> 
> 
> '
>
> The command fails with the following error:
>
>  status="400">
>
> What exactly am I doing wrong here ?
>
> thanks a lot !!
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] tasks creation with OMP question

2016-04-27 Thread tatooin 
Thank you for your answer, but then how am I suppose to do this ? 

- Mail original -
De: "Eero Volotinen" 
À: tato...@free.fr
Cc: openvas-discuss@wald.intevation.org
Envoyé: Mercredi 27 Avril 2016 18:17:35
Objet: Re: [Openvas-discuss] tasks creation with OMP question



Your are using non existent elemwnt 
27.4.2016 7.13 ip. < tato...@free.fr > kirjoitti: 


Hello ! 

I am currently setting up an openvas dedicated machine to scan some of my 
company's lab networks. Since the number of networks are quiet significant I am 
using OMP to create tasks to openvas-manager. 

However, I have some problems creating the tasks I need. Currently, I create 
simple tasks with the following command: 

omp -h 127.0.0.1 -u admin -w my_password --xml=' 
 
Site Name 
Site VLAN 
 
 
' 

This works fine. Now, I would like to tune this a little bit, like specifying 
the number of concurrent scans and number of simultaneous NVTs, so I do the 
following: 

omp -h 127.0.0.1 -u admin -w my_password --xml=' 
 
Site Name 
Site VLAN 
 
 
 
 
Maximum concurrently executed NVTs per host 
max_checks 
4 
 
 
Maximum concurrently scanned hosts 
max_hosts 
20 
 
 
' 

The command fails with the following error: 

 

What exactly am I doing wrong here ? 

thanks a lot !! 
___ 
Openvas-discuss mailing list 
Openvas-discuss@wald.intevation.org 
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss 
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] tasks creation with OMP question

2016-04-27 Thread tatooin 
Hello ! 

I am currently setting up an openvas dedicated machine to scan some of my 
company's lab networks. Since the number of networks are quiet significant I am 
using OMP to create tasks to openvas-manager. 

However, I have some problems creating the tasks I need. Currently, I create 
simple tasks with the following command:

omp -h 127.0.0.1 -u admin -w my_password --xml='

Site Name
Site VLAN


'

This works fine. Now, I would like to tune this a little bit, like specifying 
the number of concurrent scans and number of simultaneous NVTs, so I do the 
following:

omp -h 127.0.0.1 -u admin -w my_password --xml='

Site Name
Site VLAN



   
 Maximum concurrently executed NVTs per host
 max_checks
 4
   
   
 Maximum concurrently scanned hosts
 max_hosts
 20
   

'

The command fails with the following error:



What exactly am I doing wrong here ?

thanks a lot !!
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss