Re: [Openvas-discuss] openvasmd hangs trying to verify scanners
For reference, I found out the root cause of the problem. 1) The server certificate has expired 2) Seems like redis was hanged Re-generating the certificates and flushing/restarting redis did the trick. But there was absolutely NO logs at all despite openvasmd running in verbose modenot even a single clue ! How come the logging facility of OpenVAS is so useless ?!On Mon, 2018-10-08 at 10:17 +0200, tatooin wrote: > Hi everyone, > > Using OpenVAS 8 on Linux Mint 18.3. I was doing vulnerability scans > without issues last weeks, when during the week end my scans were > automatically put in "Stopped" mode. > > I tried to restart / resume my tasks but GSA hangs forever (same > results if launching tasks directly with OMP) > > So I checked my scanners and found that openvasmd cannot query the > scanner anymore. Openvasmd --verify-scanner hangs forever. I tried > re-creating a new scanner with same CA/certs but same results. > > So the communication between openvasmd and openvassd is broken. There > is absolutely NO informations in the logs. I even tried with > openvassd in foreground mode but same thing, no errors. > > Any clue on what's happening / How to solve this ? > > Thanks !!! > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-di > scuss___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] openvasmd hangs trying to verify scanners
Hi everyone, Using OpenVAS 8 on Linux Mint 18.3. I was doing vulnerability scans without issues last weeks, when during the week end my scans were automatically put in "Stopped" mode. I tried to restart / resume my tasks but GSA hangs forever (same results if launching tasks directly with OMP) So I checked my scanners and found that openvasmd cannot query the scanner anymore. Openvasmd --verify-scanner hangs forever. I tried re- creating a new scanner with same CA/certs but same results. So the communication between openvasmd and openvassd is broken. There is absolutely NO informations in the logs. I even tried with openvassd in foreground mode but same thing, no errors. Any clue on what's happening / How to solve this ? Thanks !!!___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Tasks Autostart plugin for openvas ?
Hi Louis, That's an idea, indeed. And probably the best solution until I move to openvas 9. ThanksOn Wed, 2018-04-25 at 08:40 -0400, Louis Bohm wrote: > Another way is to do it in a script. > Dump out the list of tasks and their UUIDs. > Create cron jobs to start the task. > Use the Alert method to send an email or create a file when the > task is complete. > When the task is complete fire off another task… > > Louis > : > Louis Bohm - Sr. Systems Engineer > Dell TechDirect Certified > > > On Apr 25, 2018, at 8:23 AM, Roger Davies > > wrote: > > > > Hi > > > > It's not the nicest solution, but it does work. > > > > In the 'Alerts' setup, you can use the 'Start Task' method, which > > then gives you the option to select a task name, 'Start Task'. > > > > You have one task, task1, that operates on a schedule, This task1 > > has an alert which is setup to call another task, task2, when the > > original task1 is 'done'. Then in task2, you have an alert that > > calls task3 etc.etc. > > > > Obviously, you can have many alerts for tasks, so an email to say > > it's started and an email to say it's finished and an alert that > > copies a report somewhere, or whatever. > > > > It's not as nice as having them on a schedule, but if you comment > > the structure in your task names or something, it should explain > > itself. > > > > Roger > > > > > > On 25 April 2018 at 12:58, Thijs Stuurman > > ervices.nl> wrote: > > > Sounds like a horrible solution to me even if it works. > > > > > > > > > Thijs Stuurman > > > Security Operations Center | KPN Internedservices B.V. > > > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > > > T: +31(0)299476185 | M: +31(0)624366778 > > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > > > > > W: https://www.internedservices.nl | L: https://nl.linkedin.com/i > > > n/thijsstuurman > > > > > > Van: tatooin > > > Verzonden: woensdag 25 april 2018 13:55 > > > Aan: Roger Davies > > > CC: Thijs Stuurman ; openvas- > > > disc...@wald.intevation.org > > > Onderwerp: Re: [Openvas-discuss] Tasks Autostart plugin for > > > openvas ? > > > > > > Hi Roger, > > > > > > I don't get it. Adding an alert to the first task will only log > > > when the task is done, it won't start the next task > > > automatically. Or am I missing something here ? > > > > > > Thanks > > > > > > On Wed, 2018-04-25 at 11:30 +0100, Roger Davies wrote: > > > Hi > > > > > > You can daisy-chain one task after another using the alerts bit. > > > So, setup an alert which uses the 'Start Task' method on "Task > > > run status changed (to Done)", then add that alert to the first > > > task. > > > > > > Roger > > > > > > On 18 April 2018 at 08:27, tatooin wrote: > > > > > > Thanks Thijs, > > > > > > I will have a look at your script. > > > > > > Best, > > > > > > On Tue, 2018-04-17 at 12:14 +, Thijs Stuurman wrote: > > > I use gvm-tools and a python script to schedule my jobs, perhaps > > > this can serve as inspriration for your own solution: > > > > > > https://github.com/Thij/openvas_scheduler > > > > > > Thijs Stuurman > > > Security Operations Center | KPN Internedservices B.V. > > > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > > > T: +31(0)299476185 | M: +31(0)624366778 > > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > > > > > W: https://www.internedservices.nl | L: https://nl.linkedin.com/i > > > n/thijsstuurman > > > > > > Van: Openvas-discuss > > > Namens tatooin > > > Verzonden: dinsdag 17 april 2018 09:09 > > > Aan: openvas-discuss@wald.intevation.org > > > Onderwerp: [Openvas-discuss] Tasks Autostart plugin for openvas ? > > > > > > Hi, > > > > > > I was wondering if there was a plugin to automatically start > > > tasks in order. I have ordered my tasks by groups, and on a > > > regu
Re: [Openvas-discuss] Tasks Autostart plugin for openvas ?
OK, but unfortunately I cannot upgrade to 9 yet, as gvm-tools no longer works with my existing scripts.. Too bad. Thanks anyway !On Wed, 2018-04-25 at 13:44 +0100, Roger Davies wrote: > Hi > > Ah, OpenVAS 8, I don't think so, sorry. I'm on OpenVAS 9. > > You'll have to script it, or upgrade to 9. > > Roger > > > > On 25 April 2018 at 13:34, tatooin wrote: > > Hi Roger, > > > > Is this feature available in openvas 8 ? In my alerts setup, the > > only available methods I have are: > > > > - Email > > - System logger > > - HTTP Get > > - Sourcefire/Verinice connectors > > - Send to host / SCP / SNMP > > > > There is nowhere a "Start Task" option which would allow me to to > > start the next one. Is this a plugin or something not bundled by > > default in openvas 8 ? > > > > Thanks > > > > On Wed, 2018-04-25 at 13:23 +0100, Roger Davies wrote: > > > Hi > > > > > > It's not the nicest solution, but it does work. > > > > > > In the 'Alerts' setup, you can use the 'Start Task' method, which > > > then gives you the option to select a task name, 'Start Task'. > > > > > > You have one task, task1, that operates on a schedule, This task1 > > > has an alert which is setup to call another task, task2, when the > > > original task1 is 'done'. Then in task2, you have an alert that > > > calls task3 etc.etc. > > > > > > Obviously, you can have many alerts for tasks, so an email to say > > > it's started and an email to say it's finished and an alert that > > > copies a report somewhere, or whatever. > > > > > > It's not as nice as having them on a schedule, but if you comment > > > the structure in your task names or something, it should explain > > > itself. > > > > > > Roger > > > > > > > > > On 25 April 2018 at 12:58, Thijs Stuurman > > > dservices.nl> wrote: > > > > Sounds like a horrible solution to me even if it works. > > > > > > > > > > > > Thijs Stuurman > > > > Security Operations Center | KPN Internedservices B.V. > > > > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > > > > T: +31(0)299476185 | M: +31(0)624366778 > > > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > > > > > > > W: https://www.internedservices.nl | L: > > > > https://nl.linkedin.com/in/thijsstuurman > > > > > > > > Van: tatooin > > > > Verzonden: woensdag 25 april 2018 13:55 > > > > Aan: Roger Davies > > > > CC: Thijs Stuurman ; openva > > > > s-disc...@wald.intevation.org > > > > Onderwerp: Re: [Openvas-discuss] Tasks Autostart plugin for > > > > openvas ? > > > > > > > > Hi Roger, > > > > > > > > I don't get it. Adding an alert to the first task will only log > > > > when the task is done, it won't start the next task > > > > automatically. Or am I missing something here ? > > > > > > > > Thanks > > > > > > > > On Wed, 2018-04-25 at 11:30 +0100, Roger Davies wrote: > > > > Hi > > > > > > > > You can daisy-chain one task after another using the alerts > > > > bit. So, setup an alert which uses the 'Start Task' method on > > > > "Task run status changed (to Done)", then add that alert to the > > > > first task. > > > > > > > > Roger > > > > > > > > On 18 April 2018 at 08:27, tatooin wrote: > > > > > > > > Thanks Thijs, > > > > > > > > I will have a look at your script. > > > > > > > > Best, > > > > > > > > On Tue, 2018-04-17 at 12:14 +, Thijs Stuurman wrote: > > > > I use gvm-tools and a python script to schedule my jobs, > > > > perhaps this can serve as inspriration for your own solution: > > > > > > > > https://github.com/Thij/openvas_scheduler > > > > > > > > Thijs Stuurman > > > > Security Operations Center | KPN Internedservices B.V. > > > > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > > > > T: +31(0)299476185
Re: [Openvas-discuss] Tasks Autostart plugin for openvas ?
Hi Roger, Is this feature available in openvas 8 ? In my alerts setup, the only available methods I have are: - Email - System logger - HTTP Get - Sourcefire/Verinice connectors - Send to host / SCP / SNMP There is nowhere a "Start Task" option which would allow me to to start the next one. Is this a plugin or something not bundled by default in openvas 8 ? ThanksOn Wed, 2018-04-25 at 13:23 +0100, Roger Davies wrote: > Hi > > It's not the nicest solution, but it does work. > > In the 'Alerts' setup, you can use the 'Start Task' method, which > then gives you the option to select a task name, 'Start Task'. > > You have one task, task1, that operates on a schedule, This task1 has > an alert which is setup to call another task, task2, when the > original task1 is 'done'. Then in task2, you have an alert that calls > task3 etc.etc. > > Obviously, you can have many alerts for tasks, so an email to say > it's started and an email to say it's finished and an alert that > copies a report somewhere, or whatever. > > It's not as nice as having them on a schedule, but if you comment the > structure in your task names or something, it should explain itself. > > Roger > > > On 25 April 2018 at 12:58, Thijs Stuurman > vices.nl> wrote: > > Sounds like a horrible solution to me even if it works. > > > > > > Thijs Stuurman > > Security Operations Center | KPN Internedservices B.V. > > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > > T: +31(0)299476185 | M: +31(0)624366778 > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > > > W: https://www.internedservices.nl | L: > > https://nl.linkedin.com/in/thijsstuurman > > > > Van: tatooin > > Verzonden: woensdag 25 april 2018 13:55 > > Aan: Roger Davies > > CC: Thijs Stuurman ; openvas-di > > sc...@wald.intevation.org > > Onderwerp: Re: [Openvas-discuss] Tasks Autostart plugin for openvas > > ? > > > > Hi Roger, > > > > I don't get it. Adding an alert to the first task will only log > > when the task is done, it won't start the next task automatically. > > Or am I missing something here ? > > > > Thanks > > > > On Wed, 2018-04-25 at 11:30 +0100, Roger Davies wrote: > > Hi > > > > You can daisy-chain one task after another using the alerts bit. > > So, setup an alert which uses the 'Start Task' method on "Task run > > status changed (to Done)", then add that alert to the first task. > > > > Roger > > > > On 18 April 2018 at 08:27, tatooin wrote: > > > > Thanks Thijs, > > > > I will have a look at your script. > > > > Best, > > > > On Tue, 2018-04-17 at 12:14 +, Thijs Stuurman wrote: > > I use gvm-tools and a python script to schedule my jobs, perhaps > > this can serve as inspriration for your own solution: > > > > https://github.com/Thij/openvas_scheduler > > > > Thijs Stuurman > > Security Operations Center | KPN Internedservices B.V. > > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > > T: +31(0)299476185 | M: +31(0)624366778 > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > > > W: https://www.internedservices.nl | L: > > https://nl.linkedin.com/in/thijsstuurman > > > > Van: Openvas-discuss > > Namens tatooin > > Verzonden: dinsdag 17 april 2018 09:09 > > Aan: openvas-discuss@wald.intevation.org > > Onderwerp: [Openvas-discuss] Tasks Autostart plugin for openvas ? > > > > Hi, > > > > I was wondering if there was a plugin to automatically start tasks > > in order. I have ordered my tasks by groups, and on a regular > > basis I'm running all tasks on a given group. But this remain a > > manual step, as I have to login to the console and start tasks one > > after the other (or not more than 2 or 3 tasks simultaneously to > > avoid overwhelming the Openvas manager) so I was wondering if there > > was any plugins or something close to it to allow automatic starts > > of tasks once the first in list is finished ? > > > > The scheduling feature cannot do this unfortunately. > > > > Thanks ! > > > > ___ > > Openvas-discuss mailing list > > Openvas-discuss@wald.intevation.org > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas- > > discuss > > > > > > > > ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Tasks Autostart plugin for openvas ?
Hi Roger, I don't get it. Adding an alert to the first task will only log when the task is done, it won't start the next task automatically. Or am I missing something here ? ThanksOn Wed, 2018-04-25 at 11:30 +0100, Roger Davies wrote: > Hi > > You can daisy-chain one task after another using the alerts bit. So, > setup an alert which uses the 'Start Task' method on "Task run status > changed (to Done)", then add that alert to the first task. > > Roger > > On 18 April 2018 at 08:27, tatooin wrote: > > Thanks Thijs, > > > > I will have a look at your script. > > > > Best, > > > > On Tue, 2018-04-17 at 12:14 +, Thijs Stuurman wrote: > > > I use gvm-tools and a python script to schedule my jobs, perhaps > > > this can serve as inspriration for your own solution: > > > > > > https://github.com/Thij/openvas_scheduler > > > > > > Thijs Stuurman > > > Security Operations Center | KPN Internedservices B.V. > > > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > > > T: +31(0)299476185 | M: +31(0)624366778 > > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > > > > > W: https://www.internedservices.nl | L: > > > https://nl.linkedin.com/in/thijsstuurman > > > > > > Van: Openvas-discuss > > > Namens tatooin > > > Verzonden: dinsdag 17 april 2018 09:09 > > > Aan: openvas-discuss@wald.intevation.org > > > Onderwerp: [Openvas-discuss] Tasks Autostart plugin for openvas ? > > > > > > Hi, > > > > > > I was wondering if there was a plugin to automatically start > > > tasks in order. I have ordered my tasks by groups, and on a > > > regular basis I'm running all tasks on a given group. But this > > > remain a manual step, as I have to login to the console and start > > > tasks one after the other (or not more than 2 or 3 tasks > > > simultaneously to avoid overwhelming the Openvas manager) so I > > > was wondering if there was any plugins or something close to it > > > to allow automatic starts of tasks once the first in list is > > > finished ? > > > > > > The scheduling feature cannot do this unfortunately. > > > > > > Thanks ! > > ___ > > Openvas-discuss mailing list > > Openvas-discuss@wald.intevation.org > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas- > > discuss > ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Tasks Autostart plugin for openvas ?
Thanks Thijs, I will have a look at your script. Best,On Tue, 2018-04-17 at 12:14 +, Thijs Stuurman wrote: > I use gvm-tools and a python script to schedule my jobs, perhaps this > can serve as inspriration for your own solution: > > https://github.com/Thij/openvas_scheduler > > Thijs Stuurman > Security Operations Center | KPN Internedservices B.V. > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > T: +31(0)299476185 | M: +31(0)624366778 > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > W: https://www.internedservices.nl | L: > https://nl.linkedin.com/in/thijsstuurman > > Van: Openvas-discuss > Namens tatooin > Verzonden: dinsdag 17 april 2018 09:09 > Aan: openvas-discuss@wald.intevation.org > Onderwerp: [Openvas-discuss] Tasks Autostart plugin for openvas ? > > Hi, > > I was wondering if there was a plugin to automatically start tasks in > order. I have ordered my tasks by groups, and on a regular basis I'm > running all tasks on a given group. But this remain a manual step, as > I have to login to the console and start tasks one after the other > (or not more than 2 or 3 tasks simultaneously to avoid overwhelming > the Openvas manager) so I was wondering if there was any plugins or > something close to it to allow automatic starts of tasks once the > first in list is finished ? > > The scheduling feature cannot do this unfortunately. > > Thanks !___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Tasks Autostart plugin for openvas ?
Hi, I was wondering if there was a plugin to automatically start tasks in order. I have ordered my tasks by groups, and on a regular basis I'm running all tasks on a given group. But this remain a manual step, as I have to login to the console and start tasks one after the other (or not more than 2 or 3 tasks simultaneously to avoid overwhelming the Openvas manager) so I was wondering if there was any plugins or something close to it to allow automatic starts of tasks once the first in list is finished ? The scheduling feature cannot do this unfortunately. Thanks !___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] how to minimize harm when introducing vuln scanning to a network
Hi Peter, I am using OpenVAS to conduct VA in the environment of a big corporate network (up to /21 networks) on a regular basis, and so far I have never witnessed any incidents on the IT world. I'm using default OpenVAS profile, altough I have also tried the most impactful profiles. So on IT side; unless you are using very old & unmaintained assets (in which case, at least your scans will help identify them) this shouldn't be a concern. However, on OT world this is significantly different. I have witnessed several crashes / reboot of OT devices, including recent ones. So I would be much more careful on this part of your environment. Best,On Wed, 2018-03-14 at 12:53 -0700, Peter Collins wrote: > (Sorry if this is a repost. I had a technical issue with my first > attempt) > > I would like to use OSSIM's OpenVAS component to run asset and > vulnerability scans on both prod and non-prod. Like every place, we > want to make sure the IT infrastructure is not harmed or jeopardized. > > So what is due care when introducing scanning? Should I do the asset > scans only during maintenance windows to start off, to make sure > nothing gets broken? Or are the non destructive, non authenticated > scans considered safe enough to run during production hours, on > production assets? > > I should add that Nessus has been used by an outside contractor > without issue, on our network. > > Thanks so much in advance > > Peter > > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-di > scuss___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Reporting on delta's between scans on same host
On Fri, 2017-12-15 at 11:14 +0100, Christian Fischer wrote: > Hi, > > On 15.12.2017 10:58, tatooin wrote: > > > > HiOn Thu, 2017-12-14 at 19:05 +0100, Christian Fischer wrote: > > > > > > Hi, > > > > > > On 14.12.2017 18:36, tatooin wrote: > > > > > > > > > > > > However, that still doesn't explain why such an important > > > > native > > > > feature > > > > of OpenVAS just don't work. > > > have you considered that a explanation for this cloud be that > > > there > > > might be no support for delta reports implemented for CSV > > > reports? > > > > > > So it might be just a "is not supported/implemented" rather then > > > a > > > "don't work". > > That's possible, indeed. But the documentation doesn't mention any > > exclusion; I would assume that if this feature is documented > > without > > any exclusion, then it's suppose to work whatever format natively > > supported by OpenVAS. > > Now if delta reports isn't supported by csv then discussion is > > closed; > > this should just be highlighted in the documentation to avoid > > bothering > > the openvas community uselessly. > a documentation about the "Delta" feature is available at: > > http://docs.greenbone.net/GSM-Manual/gos-4/en/reports.html#delta-repo > rts > > which explicitly states the following: > > > > > Subsequently you will receive the delta report. As usual, it can be > displayed in different formats and exported as PDF. > Thanks Christian. I saw that part as well, but I did not understood that as "the only format supported is PDF". The sentence upon is highly confusing. Still, is there any plan to support csv exporting in the future ? Thanks for the clarification. > > > > Thanks ! > > > > > > > > Regards, > > > > > > > > Regards, > > ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Reporting on delta's between scans on same host
HiOn Thu, 2017-12-14 at 19:05 +0100, Christian Fischer wrote: > Hi, > > On 14.12.2017 18:36, tatooin wrote: > > > > However, that still doesn't explain why such an important native > > feature > > of OpenVAS just don't work. > have you considered that a explanation for this cloud be that there > might be no support for delta reports implemented for CSV reports? > > So it might be just a "is not supported/implemented" rather then a > "don't work". That's possible, indeed. But the documentation doesn't mention any exclusion; I would assume that if this feature is documented without any exclusion, then it's suppose to work whatever format natively supported by OpenVAS. Now if delta reports isn't supported by csv then discussion is closed; this should just be highlighted in the documentation to avoid bothering the openvas community uselessly. Thanks ! > Regards, > > -- > > Christian Fischer | PGP Key: 0x54F3CE5B76C597AD > Greenbone Networks GmbH | http://greenbone.net > > Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 > Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner > > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Reporting on delta's between scans on same host
Thanks for the note; I will give it a try as it looks promising. However, that still doesn't explain why such an important native feature of OpenVAS just don't work. On Thu, 2017-12-14 at 11:34 +0200, ArkanoiD wrote: > (jumping in with a blatant ad) > Try Seccubus! https://www.seccubus.com/ > > It specifically designed to handle vulnerability state changes over > time. > > On Thu, Dec 14, 2017 at 11:31 AM, Joris wrote: > > Hi Tatooin, > > > > Thanks for the detailed information, I will test it out. No > > comments yet :) > > > > best regards > > joris > > > > On Tue, Dec 12, 2017 at 9:58 PM, tatooin wrote: > > > Hi Joris, > > > > > > No comments on this ? > > > > > > Regards, > > > > > > On Fri, 2017-12-08 at 22:00 +0100, tatooin wrote: > > > > Hi Joris, > > > > > > > > I face the same challenge than you do; as my stakeholders > > > > regularly ask me for delta reports which can highlight the > > > > efforts made to solve vulnerabilities. People will simply stop > > > > fixing vulnerabilities if the work done to solve previous ones > > > > is not recognized. > > > > So I completely agree with your statement below. > > > > > > > > Alas, it seems out of interest of OpenVAS developers. I have > > > > raised this topic on this mailing list already, and never > > > > received any positive answers. > > > > > > > > I tried the official way to report delta (because officially, > > > > yes, this is suppose to work ! Look at command "get_reports", > > > > you have the arguments @delta_report_id and @delta_states) > > > > > > > > Typically, If I do the following command to get the deltas in a > > > > csv file: > > > > > > > > omp -h 127.0.0.1 -u admin -w xxx -iX ' > > > > report_id="MyLastReportID" levels="hm" format_id="c1645568- > > > > 627a-11e3-a660-406186ea4fc5" > > > > delta_report_id="MySecondLastReportID" delta_states="cgns" />' > > > > | xmlstarlet sel -t -v get_reports_response/report/text\(\) | > > > > base64 -i -d > deltareport.csv > > > > > > > > Then my deltareport.csv won't highlight any delta. Do the same > > > > with format_id=1a60a67e-97d0-4cbf-bc77-f71b08e7043d (PDF) > > > > you'll get the deltas you are looking at. > > > > > > > > But obviously, when you are doing vulnerability management > > > > programs on a somewhat large scale, PDF reporting is completely > > > > useless > > > > > > > > So in a nutshell; it is suppose to work but it doesn't. :-( > > > > > > > > Best, > > > > > > > > On Thu, 2017-12-07 at 10:12 +0100, Joris wrote: > > > > > Thanks Thijs! > > > > > > > > > > You made me think about past results and not having to care > > > > > about it: It is true that the tickets will be only generated > > > > > on current results. On the other hand, does that mean that > > > > > you create multiple tickets for the same issue if it appears > > > > > in 2 consecutive scans? > > > > > > > > > > We're interested in differential for 2 other reasons:i Jori > > > > > - from a security culture perspective, it would be > > > > > interesting to report on reduction on vulnerabilities and > > > > > create some noise about who is doing well and who is not. > > > > > - some systems will have issues which cannot be remediated > > > > > per se. By differential reporting, we can look at new stuff > > > > > and the report would not be cluttered by old stuff we already > > > > > knew about / ticketed. > > > > > > > > > > Best regards > > > > > Joris > > > > > > > > > > > > > > > On Thu, Dec 7, 2017 at 10:05 AM, Thijs Stuurman > > > > > a...@internedservices.nl> wrote: > > > > > > You can schedule the scans to repeat them. > > > > > > > > > > > > Personally I wasn’t happy with the built in scheduler and > > > > > > automated one myself using python talking to the gvm-tools > > > > > > API. > > > > >
Re: [Openvas-discuss] Reporting on delta's between scans on same host
Hi Joris, No comments on this ? Regards,On Fri, 2017-12-08 at 22:00 +0100, tatooin wrote: > Hi Joris, > > I face the same challenge than you do; as my stakeholders regularly > ask me for delta reports which can highlight the efforts made to > solve vulnerabilities. People will simply stop fixing vulnerabilities > if the work done to solve previous ones is not recognized. > So I completely agree with your statement below. > > Alas, it seems out of interest of OpenVAS developers. I have raised > this topic on this mailing list already, and never received any > positive answers. > > I tried the official way to report delta (because officially, yes, > this is suppose to work ! Look at command "get_reports", you have the > arguments @delta_report_id and @delta_states) > > Typically, If I do the following command to get the deltas in a csv > file: > > omp -h 127.0.0.1 -u admin -w xxx -iX ' > report_id="MyLastReportID" levels="hm" format_id="c1645568-627a-11e3- > a660-406186ea4fc5" delta_report_id="MySecondLastReportID" > delta_states="cgns" />' | xmlstarlet sel -t -v > get_reports_response/report/text\(\) | base64 -i -d > deltareport.csv > > Then my deltareport.csv won't highlight any delta. Do the same with > format_id=1a60a67e-97d0-4cbf-bc77-f71b08e7043d (PDF) you'll get the > deltas you are looking at. > > But obviously, when you are doing vulnerability management programs > on a somewhat large scale, PDF reporting is completely useless > > So in a nutshell; it is suppose to work but it doesn't. :-( > > Best, > > On Thu, 2017-12-07 at 10:12 +0100, Joris wrote: > > Thanks Thijs! > > > > You made me think about past results and not having to care about > > it: It is true that the tickets will be only generated on current > > results. On the other hand, does that mean that you create multiple > > tickets for the same issue if it appears in 2 consecutive scans? > > > > We're interested in differential for 2 other reasons:i Jori > > - from a security culture perspective, it would be interesting to > > report on reduction on vulnerabilities and create some noise about > > who is doing well and who is not. > > - some systems will have issues which cannot be remediated per se. > > By differential reporting, we can look at new stuff and the report > > would not be cluttered by old stuff we already knew about / > > ticketed. > > > > Best regards > > Joris > > > > > > On Thu, Dec 7, 2017 at 10:05 AM, Thijs Stuurman > > ernedservices.nl> wrote: > > > You can schedule the scans to repeat them. > > > > > > Personally I wasn’t happy with the built in scheduler and > > > automated one myself using python talking to the gvm-tools API. > > > (https://github.com/Thij/openvas_scheduler which might help > > > you automate things yourself, gvm-tools also has example scripts: > > > https://bitbucket.org/greenbone/gvm-tools) > > > > > > I am not going for differences really; any finding with a CVSS > > > score of > 4 will trigger an alert which sends an email to our > > > ticketing system. > > > Once a month I start my scheduler which will start any job that > > > hasn’t run for 3 weeks or so. (I could leave it running in a > > > screen forever but I still supervise and time it all, when it is > > > not running I got time to update scan systems) > > > > > > If you go to tasks and click on the Reports > Total number you > > > can see an overview of all the reports and quickly see if things > > > improved or not. > > > There is a compare button (underneath Actions, next to ‘delete’ > > > so be careful), click on two and you’ll get a comparison > > > overview. > > > > > > Still, why care about past results; it’s the latest scan result > > > that counts in my book. > > > > > > Thijs Stuurman > > > Security Operations Center | KPN Internedservices B.V. > > > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > > > T: +31(0)299476185 | M: +31(0)624366778 > > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > > > > > W: https://www.internedservices.nl | L: > > > https://nl.linkedin.com/in/thijsstuurman > > > > > > Van: Openvas-discuss [mailto:openvas-discuss-bounces@wald.intevat > > > ion.org] Namens Joris > > > Verzonden:
Re: [Openvas-discuss] Reporting on delta's between scans on same host
Hi Joris, I face the same challenge than you do; as my stakeholders regularly ask me for delta reports which can highlight the efforts made to solve vulnerabilities. People will simply stop fixing vulnerabilities if the work done to solve previous ones is not recognized. So I completely agree with your statement below. Alas, it seems out of interest of OpenVAS developers. I have raised this topic on this mailing list already, and never received any positive answers. I tried the official way to report delta (because officially, yes, this is suppose to work ! Look at command "get_reports", you have the arguments @delta_report_id and @delta_states) Typically, If I do the following command to get the deltas in a csv file: omp -h 127.0.0.1 -u admin -w xxx -iX '' | xmlstarlet sel -t -v get_reports_response/report/text\(\) | base64 -i -d > deltareport.csv Then my deltareport.csv won't highlight any delta. Do the same with format_id=1a60a67e-97d0-4cbf-bc77-f71b08e7043d (PDF) you'll get the deltas you are looking at. But obviously, when you are doing vulnerability management programs on a somewhat large scale, PDF reporting is completely useless So in a nutshell; it is suppose to work but it doesn't. :-( Best, On Thu, 2017-12-07 at 10:12 +0100, Joris wrote: > Thanks Thijs! > > You made me think about past results and not having to care about it: > It is true that the tickets will be only generated on current > results. On the other hand, does that mean that you create multiple > tickets for the same issue if it appears in 2 consecutive scans? > > We're interested in differential for 2 other reasons:i Jori > - from a security culture perspective, it would be interesting to > report on reduction on vulnerabilities and create some noise about > who is doing well and who is not. > - some systems will have issues which cannot be remediated per se. By > differential reporting, we can look at new stuff and the report would > not be cluttered by old stuff we already knew about / ticketed. > > Best regards > Joris > > > On Thu, Dec 7, 2017 at 10:05 AM, Thijs Stuurman > nedservices.nl> wrote: > > You can schedule the scans to repeat them. > > > > Personally I wasn’t happy with the built in scheduler and automated > > one myself using python talking to the gvm-tools API. > > (https://github.com/Thij/openvas_scheduler which might help you > > automate things yourself, gvm-tools also has example scripts: > > https://bitbucket.org/greenbone/gvm-tools) > > > > I am not going for differences really; any finding with a CVSS > > score of > 4 will trigger an alert which sends an email to our > > ticketing system. > > Once a month I start my scheduler which will start any job that > > hasn’t run for 3 weeks or so. (I could leave it running in a screen > > forever but I still supervise and time it all, when it is not > > running I got time to update scan systems) > > > > If you go to tasks and click on the Reports > Total number you can > > see an overview of all the reports and quickly see if things > > improved or not. > > There is a compare button (underneath Actions, next to ‘delete’ so > > be careful), click on two and you’ll get a comparison overview. > > > > Still, why care about past results; it’s the latest scan result > > that counts in my book. > > > > Thijs Stuurman > > Security Operations Center | KPN Internedservices B.V. > > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > > T: +31(0)299476185 | M: +31(0)624366778 > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > > > W: https://www.internedservices.nl | L: > > https://nl.linkedin.com/in/thijsstuurman > > > > Van: Openvas-discuss [mailto:openvas-discuss-bounces@wald.intevatio > > n.org] Namens Joris > > Verzonden: donderdag 7 december 2017 09:51 > > Aan: openvas-discuss@wald.intevation.org > > Onderwerp: [Openvas-discuss] Reporting on delta's between scans on > > same host > > > > Hello list, > > > > Using the scanner here and are pretty impressed with the results > > and the web GUI. > > > > Our next move is basically to identify differences between > > consecutive scans on hosts (was a vulnerability patched? was a new > > vulnerability introduced on the system?) > > > > Based on my understanding, the system does not support this > > natively but I can be wrong. How do others solve this issue? Do you > > build automation around it ? > > > > Best regards > > Joris > > > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-di > scuss___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] I: Openvas 9 report issue
Hi Lucas, On my side I never managed to get openvas 9 create reports properly. I used the command line, but it failed. I had to fall back to openvas 8. I don't think openvas 9 is ready for production use; in particular due to the lack of available documentation. Sorry :-(On Thu, 2017-11-02 at 13:14 +, Luca Racca wrote: > Hi all, > > can anyone help about this issue? Maybe someone of you already > experienced same issue. > Thanks for the help, > Luca > > Da: Openvas-discuss [mailto:openvas-discuss-bounces@wald.intevation.o > rg] Per conto di Luca Racca > Inviato: lunedì 30 ottobre 2017 12:12 > A: openvas-discuss@wald.intevation.org > Oggetto: [Openvas-discuss] Openvas 9 report issue > > Hi all, > I’ve a problem when try to download report from Openvas. > From the menu I cannot choose any kind of report format. I just see > “No results found”. > Greenbone OS 4.1.7 Openvas 9 installed from the GSM community > edition. > Thanks in advance for the help. > Luca > > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-di > scuss___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas9 omp question
Thanks Raphael, reinstalling using pip3 did the trick. :-)On Mon, 2017-10-09 at
12:58 +0200, Raphael Grewe wrote:
> Only if it is the case und you have pip for python2 installed too. If
> true then you have to use the command "pip3" for installation.
> I tested it on a fresh install of linux mint and it works instantly
> with pip3.
>
> Am Montag, den 09.10.2017, 12:46 +0200 schrieb tatooin:
> > Indeed; but I actually have installed python3-pip, removed gvm-cli
> > and reinstalled it, but same results. It still complains about
> > module gmp :-(
> >
> > On Mon, 2017-10-09 at 12:38 +0200, Raphael Grewe wrote:
> > > Hi,
> > > maybe you used pip for python2. You have to use pip for python3.
> > > Linux Mint package: python3-pip
> > >
> > > Regards
> > > Raphael Grewe
> > >
> > > Am Montag, den 09.10.2017, 09:52 +0200 schrieb tatooin:
> > > > I followed the official documentation on https://bitbucket.org/
> > > > greenbone/gvm-tools
> > > >
> > > > That is:
> > > >
> > > > apt-get install python3-paramiko python3-lxml python3-dialog
> > > > pip install setuptools
> > > > pip install configparser
> > > >
> > > > I then downloaded the gvm-tools archive on the official
> > > > repository and did "pip install ."
> > > >
> > > > Everything went fine at all stage, but still gvm refuse to run
> > > > with the "ImportError: No module named gmp" error.
> > > >
> > > > I'm running linux mint 18.2
> > > >
> > > > Thank you
> > > >
> > > > On Fri, 2017-10-06 at 20:49 +0200, Raphael Grewe wrote:
> > > > > Which command did you use to install the tools?
> > > > >
> > > > > Gesendet mit BlueMail
> > > > > > Thanks Trent for your quick reply. I tried GVM, but I've
> > > > > > some problems to make it runs smoothly. After installing
> > > > > > dependencies it requested, I always end up with the
> > > > > > following error message:
> > > > > >
> > > > > > ForensicLab ~ # gvm-cli
> > > > > > Traceback (most recent call last):
> > > > > > File "/usr/local/bin/gvm-cli", line 11, in
> > > > > > load_entry_point('gvm-tools==1.2.0', 'console_scripts',
> > > > > > 'gvm-cli')()
> > > > > > File "/usr/local/lib/python2.7/dist-
> > > > > > packages/pkg_resources/__init__.py", line 570, in
> > > > > > load_entry_point
> > > > > > return get_distribution(dist).load_entry_point(group,
> > > > > > name)
> > > > > > File "/usr/local/lib/python2.7/dist-
> > > > > > packages/pkg_resources/__init__.py", line 2751, in
> > > > > > load_entry_point
> > > > > > return ep.load()
> > > > > > File "/usr/local/lib/python2.7/dist-
> > > > > > packages/pkg_resources/__init__.py", line 2405, in load
> > > > > > return self.resolve()
> > > > > > File "/usr/local/lib/python2.7/dist-
> > > > > > packages/pkg_resources/__init__.py", line 2411, in resolve
> > > > > > module = __import__(self.module_name,
> > > > > > fromlist=['__name__'], level=0)
> > > > > > File "/usr/local/lib/python2.7/dist-
> > > > > > packages/gmp/clients/gvm_cli.py", line 33, in
> > > > > > from gmp.gvm_connection import (SSHConnection,
> > > > > > File "/usr/local/lib/python2.7/dist-
> > > > > > packages/gmp/gvm_connection.py", line 33, in
> > > > > > from gmp.gmp import _gmp
> > > > > > ImportError: No module named gmp
> > > > > >
> > > > > > Seems like a dependency problem with gmp; which is weird
> > > > > > because gmp is in the source tree of gvm !
> > > > > >
> > > > > > Any clue ?
> > > > > >
> > > > > > Thanks
> > > > > >
> > > > > > On Fri, 2017-10-06 at 10:55 +, Trent Townsend wrote:
> > > > > > > Vincent,
> > > > > > > I had the exact same issue about a month ago. I never
>
Re: [Openvas-discuss] openvas9 omp question
Indeed; but I actually have installed python3-pip, removed gvm-cli and
reinstalled it, but same results. It still complains about module gmp
:-(On Mon, 2017-10-09 at 12:38 +0200, Raphael Grewe wrote:
> Hi,
> maybe you used pip for python2. You have to use pip for python3.
> Linux Mint package: python3-pip
>
> Regards
> Raphael Grewe
>
> Am Montag, den 09.10.2017, 09:52 +0200 schrieb tatooin:
> > I followed the official documentation on https://bitbucket.org/gree
> > nbone/gvm-tools
> >
> > That is:
> >
> > apt-get install python3-paramiko python3-lxml python3-dialog
> > pip install setuptools
> > pip install configparser
> >
> > I then downloaded the gvm-tools archive on the official repository
> > and did "pip install ."
> >
> > Everything went fine at all stage, but still gvm refuse to run with
> > the "ImportError: No module named gmp" error.
> >
> > I'm running linux mint 18.2
> >
> > Thank you
> >
> > On Fri, 2017-10-06 at 20:49 +0200, Raphael Grewe wrote:
> > > Which command did you use to install the tools?
> > >
> > > Gesendet mit BlueMail
> > > > Thanks Trent for your quick reply. I tried GVM, but I've some
> > > > problems to make it runs smoothly. After installing
> > > > dependencies it requested, I always end up with the following
> > > > error message:
> > > >
> > > > ForensicLab ~ # gvm-cli
> > > > Traceback (most recent call last):
> > > > File "/usr/local/bin/gvm-cli", line 11, in
> > > > load_entry_point('gvm-tools==1.2.0', 'console_scripts',
> > > > 'gvm-cli')()
> > > > File "/usr/local/lib/python2.7/dist-
> > > > packages/pkg_resources/__init__.py", line 570, in
> > > > load_entry_point
> > > > return get_distribution(dist).load_entry_point(group, name)
> > > > File "/usr/local/lib/python2.7/dist-
> > > > packages/pkg_resources/__init__.py", line 2751, in
> > > > load_entry_point
> > > > return ep.load()
> > > > File "/usr/local/lib/python2.7/dist-
> > > > packages/pkg_resources/__init__.py", line 2405, in load
> > > > return self.resolve()
> > > > File "/usr/local/lib/python2.7/dist-
> > > > packages/pkg_resources/__init__.py", line 2411, in resolve
> > > > module = __import__(self.module_name,
> > > > fromlist=['__name__'], level=0)
> > > > File "/usr/local/lib/python2.7/dist-
> > > > packages/gmp/clients/gvm_cli.py", line 33, in
> > > > from gmp.gvm_connection import (SSHConnection,
> > > > File "/usr/local/lib/python2.7/dist-
> > > > packages/gmp/gvm_connection.py", line 33, in
> > > > from gmp.gmp import _gmp
> > > > ImportError: No module named gmp
> > > >
> > > > Seems like a dependency problem with gmp; which is weird
> > > > because gmp is in the source tree of gvm !
> > > >
> > > > Any clue ?
> > > >
> > > > Thanks
> > > >
> > > > On Fri, 2017-10-06 at 10:55 +, Trent Townsend wrote:
> > > > > Vincent,
> > > > > I had the exact same issue about a month ago. I never
> > > > > figured out why OMP stopped working. Long story short, the
> > > > > problem described below is limited to OMP. The exact same
> > > > > XML commands I was using, when migrated to GVM Tools,
> > > > > produced repetitive, dependable, and expected results in the
> > > > > form of proper reports being generated. I don't know why OMP
> > > > > refused to produce the reports ()
> > > > > but GVM Tools works like a charm. Also, I believe GVM Tools
> > > > > is going to replace OMP so migrating to GVM isn’t bad
> > > > > anyway.
> > > > >
> > > > > --
> > > > > Trent Townsend
> > > > > CISSP, CCNA
> > > > > Next Step Innovation
> > > > > 601.708.4500 x1201
> > > > >
> > > > > On Oct 6, 2017, at 5:08 AM, tatooin < tato...@free.fr>
> > > > > wrote:
> > > > >
> > > > > > Hello,
> > > > > >
> > > > > > I'm trying to generate reports with omp under openvas9.
> > &g
Re: [Openvas-discuss] openvas9 omp question
I followed the official documentation on https://bitbucket.org/greenbon
e/gvm-tools
That is:
apt-get install python3-paramiko python3-lxml python3-dialog
pip install setuptools
pip install configparser
I then downloaded the gvm-tools archive on the official repository and
did "pip install ."
Everything went fine at all stage, but still gvm refuse to run with the
"ImportError: No module named gmp" error.
I'm running linux mint 18.2
Thank youOn Fri, 2017-10-06 at 20:49 +0200, Raphael Grewe wrote:
> Which command did you use to install the tools?
>
> Gesendet mit BlueMail
> > Thanks Trent for your quick reply. I tried GVM, but I've some
> > problems to make it runs smoothly. After installing dependencies it
> > requested, I always end up with the following error message:
> >
> > ForensicLab ~ # gvm-cli
> > Traceback (most recent call last):
> > File "/usr/local/bin/gvm-cli", line 11, in
> > load_entry_point('gvm-tools==1.2.0', 'console_scripts', 'gvm-
> > cli')()
> > File "/usr/local/lib/python2.7/dist-
> > packages/pkg_resources/__init__.py", line 570, in load_entry_point
> > return get_distribution(dist).load_entry_point(group, name)
> > File "/usr/local/lib/python2.7/dist-
> > packages/pkg_resources/__init__.py", line 2751, in load_entry_point
> > return ep.load()
> > File "/usr/local/lib/python2.7/dist-
> > packages/pkg_resources/__init__.py", line 2405, in load
> > return self.resolve()
> > File "/usr/local/lib/python2.7/dist-
> > packages/pkg_resources/__init__.py", line 2411, in resolve
> > module = __import__(self.module_name, fromlist=['__name__'],
> > level=0)
> > File "/usr/local/lib/python2.7/dist-
> > packages/gmp/clients/gvm_cli.py", line 33, in
> > from gmp.gvm_connection import (SSHConnection,
> > File "/usr/local/lib/python2.7/dist-
> > packages/gmp/gvm_connection.py", line 33, in
> > from gmp.gmp import _gmp
> > ImportError: No module named gmp
> >
> > Seems like a dependency problem with gmp; which is weird because
> > gmp is in the source tree of gvm !
> >
> > Any clue ?
> >
> > Thanks
> >
> > On Fri, 2017-10-06 at 10:55 +, Trent Townsend wrote:
> > > Vincent,
> > > I had the exact same issue about a month ago. I never figured
> > > out why OMP stopped working. Long story short, the problem
> > > described below is limited to OMP. The exact same XML commands I
> > > was using, when migrated to GVM Tools, produced repetitive,
> > > dependable, and expected results in the form of proper reports
> > > being generated. I don't know why OMP refused to produce the
> > > reports () but GVM Tools works like a
> > > charm. Also, I believe GVM Tools is going to replace OMP so
> > > migrating to GVM isn’t bad anyway.
> > >
> > > --
> > > Trent Townsend
> > > CISSP, CCNA
> > > Next Step Innovation
> > > 601.708.4500 x1201
> > >
> > > On Oct 6, 2017, at 5:08 AM, tatooin < tato...@free.fr> wrote:
> > >
> > > > Hello,
> > > >
> > > > I'm trying to generate reports with omp under openvas9. With
> > > > openvas8, the command below was working fine to generate a scan
> > > > report in csv format:
> > > >
> > > > omp -h 127.0.0.1 -u admin -w pass -iX '
> > > > report_id="'$reportId'" levels="hml" format_id="'$formatId'"
> > > > apply_overrides="1"/>' | xmlstarlet sel -t -v
> > > > get_reports_response/report/text\(\) | base64 -i -d >
> > > > $reportName
> > > >
> > > > Under openvas9, this no longer works. The output of xmlstarlet
> > > > is now empty. I don't have knowledge in XML, and I don't
> > > > succeed to generate reports with omp directly in base64 alhough
> > > > I understood from the documentation it seems possible.
> > > >
> > > > What's wrong with my command upon, or is there a better way to
> > > > generate reports with omp ?
> > > >
> > > > Thank you !
> > > > Vincent
> > >
> > > ___
> > > Openvas-discuss mailing list
> > > Openvas-discuss@wald.intevation.org
> > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openva
> > > s-discuss
> >
> > This email is confidential and intended solely for the use of the
> > individual to whom it is addressed. Any views or opinions presented
> > are solely those of the author, and do not necessarily represent
> > those of Next Step Innovation. If you are not the intended
> > recipient, be advised that you have received this email in error,
> > and that any use, dissemination, forwarding, printing or copying of
> > this email is strictly prohibited. If you have received this email
> > in error, please contact the sender.
>
>
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-di
> scuss
> ___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas9 omp question
Thanks Trent for your quick reply. I tried GVM, but I've some problems
to make it runs smoothly. After installing dependencies it requested, I
always end up with the following error message:
ForensicLab ~ # gvm-cli
Traceback (most recent call last):
File "/usr/local/bin/gvm-cli", line 11, in
load_entry_point('gvm-tools==1.2.0', 'console_scripts', 'gvm-
cli')()
File "/usr/local/lib/python2.7/dist-
packages/pkg_resources/__init__.py", line 570, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/local/lib/python2.7/dist-
packages/pkg_resources/__init__.py", line 2751, in load_entry_point
return ep.load()
File "/usr/local/lib/python2.7/dist-
packages/pkg_resources/__init__.py", line 2405, in load
return self.resolve()
File "/usr/local/lib/python2.7/dist-
packages/pkg_resources/__init__.py", line 2411, in resolve
module = __import__(self.module_name, fromlist=['__name__'],
level=0)
File "/usr/local/lib/python2.7/dist-packages/gmp/clients/gvm_cli.py",
line 33, in
from gmp.gvm_connection import (SSHConnection,
File "/usr/local/lib/python2.7/dist-packages/gmp/gvm_connection.py",
line 33, in
from gmp.gmp import _gmp
ImportError: No module named gmp
Seems like a dependency problem with gmp; which is weird because gmp is
in the source tree of gvm !
Any clue ?
ThanksOn Fri, 2017-10-06 at 10:55 +, Trent Townsend wrote:
> Vincent,
> I had the exact same issue about a month ago. I never figured out
> why OMP stopped working. Long story short, the problem described
> below is limited to OMP. The exact same XML commands I was using,
> when migrated to GVM Tools, produced repetitive, dependable, and
> expected results in the form of proper reports being generated. I
> don't know why OMP refused to produce the reports (
> report_id=x/>) but GVM Tools works like a charm. Also, I believe GVM
> Tools is going to replace OMP so migrating to GVM isn’t bad anyway.
>
> --
> Trent Townsend
> CISSP, CCNA
> Next Step Innovation
> 601.708.4500 x1201
>
> On Oct 6, 2017, at 5:08 AM, tatooin wrote:
>
> > Hello,
> >
> > I'm trying to generate reports with omp under openvas9. With
> > openvas8, the command below was working fine to generate a scan
> > report in csv format:
> >
> > omp -h 127.0.0.1 -u admin -w pass -iX '
> > report_id="'$reportId'" levels="hml" format_id="'$formatId'"
> > apply_overrides="1"/>' | xmlstarlet sel -t -v
> > get_reports_response/report/text\(\) | base64 -i -d > $reportName
> >
> > Under openvas9, this no longer works. The output of xmlstarlet is
> > now empty. I don't have knowledge in XML, and I don't succeed to
> > generate reports with omp directly in base64 alhough I understood
> > from the documentation it seems possible.
> >
> > What's wrong with my command upon, or is there a better way to
> > generate reports with omp ?
> >
> > Thank you !
> > Vincent
>
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-di
> scuss
>
> This email is confidential and intended solely for the use of the
> individual to whom it is addressed. Any views or opinions presented
> are solely those of the author, and do not necessarily represent
> those of Next Step Innovation. If you are not the intended recipient,
> be advised that you have received this email in error, and that any
> use, dissemination, forwarding, printing or copying of this email is
> strictly prohibited. If you have received this email in error, please
> contact the sender. ___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] openvas9 omp question
Hello, I'm trying to generate reports with omp under openvas9. With openvas8, the command below was working fine to generate a scan report in csv format: omp -h 127.0.0.1 -u admin -w pass -iX '' | xmlstarlet sel -t -v get_reports_response/report/text\(\) | base64 -i -d > $reportName Under openvas9, this no longer works. The output of xmlstarlet is now empty. I don't have knowledge in XML, and I don't succeed to generate reports with omp directly in base64 alhough I understood from the documentation it seems possible. What's wrong with my command upon, or is there a better way to generate reports with omp ? Thank you ! Vincent___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] [Fwd: Delta reports in CSV]
Hi, == I'm posting this question again as I received no answer last time == I'm trying to get delta in CSV Results format, but it doesn't seem to work while I have no problem to get it in PDF format. I have tried both with GSA and with omp using the command below: omp -h 127.0.0.1 -u admin -w xxx -iX '' | xmlstarlet sel -t -v get_reports_response/report/text\(\) | base64 -i -d > deltareport.csv The report is generated fine but there is no delta informations which normally appears in the pdf version (with the "+" and "-") Am I missing something or am I just trying to achieve something which is not implemented yet ? I'm using openvas 6.0.9 Thank you ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Delta reports in CSV
Hi there, I'm trying to get delta in CSV Results format, but it doesn't seem to work while I have no problem to get it in PDF format. I have tried both with GSA and with omp using the command below: omp -h 127.0.0.1 -u admin -w xxx -iX '' | xmlstarlet sel -t -v get_reports_response/report/text\(\) | base64 -i -d > deltareport.csv The report is generated fine but there is no delta informations which normally appears in the pdf version (with the "+" and "-") Am I missing something or am I just trying to achieve something which is not implemented yet ? I'm using openvas 6.0.9 Thank you ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Openvas & DHCP networks
On Wed, 2017-02-15 at 17:40 +0100, Christian Fischer wrote: > Hi, > > On 15.02.2017 16:26, tatooin wrote: > > I'm using openvas to scan my company networks which contains both > > static IP hosts and DHCP hosts. I am looking at a way to better identify > > dynamic hosts, through more static informations such as MAC address and > > Hostname. > > maybe have a look at the "use_mac_addr" setting explained here: > > http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scan_configuration.html#general-preferences > > which describes: > C > > use_mac_addr: Systems will be identified by MAC address and not by IP > address. This could be beneficial in a DHCP environment. > > The new asset management in the upcoming OpenVAS 9 might also help as it > is also keeping various host identifiers beside the IP. Thanks for the reply Christian. I am considering use_mac_addr setting, but I'm a bit afraid this will replace IP addresses by MAC address everywhlacks ere in the reports, while I would actually need both information. As I already have static IP networks, replacing IP address by MAC address there will only complexify remediation effort. The documentation lacks details, but this setting is boolean: yes or no. There is no in-between. I will closely have a look at OpenVAS 9 to see where it goes on that topic. I was also thinking about embedding external tools in OpenVAS which could be run before IP scans actually start. One of this tool is nbtscan, which has the huge benefit of identifying hostname and MAC address associated to an IP address. Which in the end provide uniq authentication of the host. This doesn't work all the time, but from what I've seen so far it works quiet well. However, I'm wondering how this could be integrated in OpenVAS. I have not seen any option to launch scripts before testing. Is there any flexibility in OpenVAS to run a particular command, such as nbtscan, before probes are sent against an host, to ease asset identification ? Thanks a lot > > -- > > Christian Fischer | PGP Key: 0x54F3CE5B76C597AD > Greenbone Networks GmbH | http://greenbone.net > Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 > Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Openvas & DHCP networks
Hi all, I'm using openvas to scan my company networks which contains both static IP hosts and DHCP hosts. I am looking at a way to better identify dynamic hosts, through more static informations such as MAC address and Hostname. The fact is that scanning dynamic IP hosts is kind of useless if you cannot map the hosts to physical targets, as it's the only way to engage remediation days after the scan is done. So I was curious about how you guys were managing this issue ? I'm looking at something automatic or semi-automatic as my company is very large, so there is dozen of different networks to address, in different locations and managed by different DHCP/AD servers and different core switches. I'm looking at advices, but scripts and other suggestions are more than welcome. Thanks ! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA crashes / OpenVAS hungs
I have 4Gb memory so it should be ok I guess. As for Kali, I am capable of installing every tools on my own (it's what I did in the past actually), but the main benefit of Kali is that it centralize all hacking tools in one plateform with some level of integration. So from a management perspective, it's easier and you gain time. I am actually more or less "testing" Kali since two years now, and I must confess that I am considering building my own plateform based on a more robust distro such as ubuntu or debian. But this is a highly time consuming task, and in the meantime my duties must go on... not speaking about having the feeling to reinvent the wheel, though.. :-) Anyway thanks for your quick help. Currently my scans still go on.. :) Best, -Original Message- From: Reindl Harald To: openvas-discuss@wald.intevation.org Subject: Re: [Openvas-discuss] GSA crashes / OpenVAS hungs Date: Fri, 3 Feb 2017 17:06:21 +0100 Am 03.02.2017 um 16:57 schrieb tatooin: > Hi Reindl, > > And thanks for your answer. Actually your questions made me find out > that for some reason my swap partition wasn't mounted. So perhaps it > explains the issues I'm facing in the end. > I have mounted my swap back, restarted gsa/redis/openvas and resumed my > scans. you should assign at least 3 GB pyhisal RAM to your openvas machine, otherwise there is a butcher called OOM killer which will sooner or later slaughter your kittens > Let's see if it fix the issue. > > As for Kali, I can unfortunately only agree with your statement. This > distrib is just buggy as hell but unfortunately there is no particular > alternative at the moment when you need a dedicated plateform for > ethical hacking, which is my case... don't get me wrong but OpenVAS doe snot only run on Kali and when you want to become a hacker you should first become capable to install the tools at your own, Kali is no magic, it's just a distribution > -Original Message- > *From*: Reindl Harald <mailto:reindl%20harald%20%3ch.rei...@thelounge.net%3e>> > *To*: openvas-discuss@wald.intevation.org > <mailto:openvas-discuss@wald.intevation.org> > *Subject*: Re: [Openvas-discuss] GSA crashes / OpenVAS hungs > *Date*: Fri, 3 Feb 2017 16:17:53 +0100 > > > Am 03.02.2017 um 16:04 schrieb tatooin: >> I can resume works for some times. But again, as soon as the load >> becomes significant, gsa crashes and openvassd becomes unresponsive. >> >> It's not a load problem are purging/restarting redis is the key. >> >> Apart from commenting out all save options in redis.conf, is there >> anything I am missing with redis to get it work properly ? >> >> I have the following error logs when gsa crashes in openvassd.messages: >> /[Fri Feb 3 14:40:18 2017][7333] Client abruptly closed the communication/ >> /[Fri Feb 3 14:40:18 2017][7333] Test complete/ >> /[Fri Feb 3 14:40:18 2017][15974] Process 16844 (OID: >> 1.3.6.1.4.1.25623.1.0.805139) seems to have died too early/ >> /[Fri Feb 3 14:40:18 2017][15968] Process 7400 (OID: >> 1.3.6.1.4.1.25623.1.0.105211) seems to have died too early/ >> /[Fri Feb 3 14:40:18 2017][15970] Process 16513 (OID: >> 1.3.6.1.4.1.25623.1.0.805927) seems to have died too early/ >> /[continuing]/ >> /openvassd: testing 10.169.74.94(sighand_segv+0x7c)[0x56176464e10c]/ >> /openvassd: testing 10.169.74.91(sighand_segv+0x7c)[0x56176464e10c]/ >> //lib/x86_64-linux-gnu/libc.so.6(+0x33040)[0x7f574a5a0040]/ >> //lib/x86_64-linux-gnu/libc.so.6(+0x33040)[0x7f574a5a0040]/ > > these are segfaults > > how many RAM has the machine? > what does dmesg say? > what doe sthe global syslog say? > how have you installed openvas? > did you ask on a kali linux channel? > > each and every time kali linux is mentioned on this than becuse nothing > works as expeted ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA crashes / OpenVAS hungs
Hi Reindl, And thanks for your answer. Actually your questions made me find out that for some reason my swap partition wasn't mounted. So perhaps it explains the issues I'm facing in the end. I have mounted my swap back, restarted gsa/redis/openvas and resumed my scans. Let's see if it fix the issue. As for Kali, I can unfortunately only agree with your statement. This distrib is just buggy as hell but unfortunately there is no particular alternative at the moment when you need a dedicated plateform for ethical hacking, which is my case... Thanks again -Original Message- From: Reindl Harald To: openvas-discuss@wald.intevation.org Subject: Re: [Openvas-discuss] GSA crashes / OpenVAS hungs Date: Fri, 3 Feb 2017 16:17:53 +0100 Am 03.02.2017 um 16:04 schrieb tatooin: > I can resume works for some times. But again, as soon as the load > becomes significant, gsa crashes and openvassd becomes unresponsive. > > It's not a load problem are purging/restarting redis is the key. > > Apart from commenting out all save options in redis.conf, is there > anything I am missing with redis to get it work properly ? > > I have the following error logs when gsa crashes in openvassd.messages: > /[Fri Feb 3 14:40:18 2017][7333] Client abruptly closed the communication/ > /[Fri Feb 3 14:40:18 2017][7333] Test complete/ > /[Fri Feb 3 14:40:18 2017][15974] Process 16844 (OID: > 1.3.6.1.4.1.25623.1.0.805139) seems to have died too early/ > /[Fri Feb 3 14:40:18 2017][15968] Process 7400 (OID: > 1.3.6.1.4.1.25623.1.0.105211) seems to have died too early/ > /[Fri Feb 3 14:40:18 2017][15970] Process 16513 (OID: > 1.3.6.1.4.1.25623.1.0.805927) seems to have died too early/ > /[continuing]/ > /openvassd: testing 10.169.74.94(sighand_segv+0x7c)[0x56176464e10c]/ > /openvassd: testing 10.169.74.91(sighand_segv+0x7c)[0x56176464e10c]/ > //lib/x86_64-linux-gnu/libc.so.6(+0x33040)[0x7f574a5a0040]/ > //lib/x86_64-linux-gnu/libc.so.6(+0x33040)[0x7f574a5a0040]/ these are segfaults how many RAM has the machine? what does dmesg say? what doe sthe global syslog say? how have you installed openvas? did you ask on a kali linux channel? each and every time kali linux is mentioned on this than becuse nothing works as expeted ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] GSA crashes / OpenVAS hungs
Hi there, I have just reinstalled OpenVAS from scratch, on a fresh new install of kali (latest release). I have followed openvas-check-setup guidelines and everything is marked as OK. I have updated the default redis.conf file to comment out all "save lines", regenerated all my certificates, etc... I start GSA along with openvas-manager/openvas-scanner and everything works fine for a moment. I can start scans, etc... without issues. After around 10minutes, GSA crashes without error message and openvasmd stop communicating with openvassd (although both processes are up & running.) I can still communicate with openvasmd through omp, but openvasmd <-> openvassd communication is cut. Commands sent by openvasmd to openvassd remains ignored. The only way to fix the problem and comes back to a working state is to: - Stop redis / openvasmd / openvassd - Purge redis including database and config file - Reinstall redis from scratch - Fix redis configuration file again - Restart everything I can resume works for some times. But again, as soon as the load becomes significant, gsa crashes and openvassd becomes unresponsive. It's not a load problem are purging/restarting redis is the key. Apart from commenting out all save options in redis.conf, is there anything I am missing with redis to get it work properly ? I have the following error logs when gsa crashes in openvassd.messages: [Fri Feb 3 14:40:18 2017][7333] Client abruptly closed the communication [Fri Feb 3 14:40:18 2017][7333] Test complete [Fri Feb 3 14:40:18 2017][15974] Process 16844 (OID: 1.3.6.1.4.1.25623.1.0.805139) seems to have died too early [Fri Feb 3 14:40:18 2017][15968] Process 7400 (OID: 1.3.6.1.4.1.25623.1.0.105211) seems to have died too early [Fri Feb 3 14:40:18 2017][15970] Process 16513 (OID: 1.3.6.1.4.1.25623.1.0.805927) seems to have died too early [continuing] openvassd: testing 10.169.74.94(sighand_segv+0x7c)[0x56176464e10c] openvassd: testing 10.169.74.91(sighand_segv+0x7c)[0x56176464e10c] /lib/x86_64-linux-gnu/libc.so.6(+0x33040)[0x7f574a5a0040] /lib/x86_64-linux-gnu/libc.so.6(+0x33040)[0x7f574a5a0040] Thanks ! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] NVT with error severity level
Well the only thing I see is the NVT timeout error, which seems to happen fairly often on many different NVTs. I have added "plugins_timeout = 1500" in /etc/openvas/openvassd.conf to raise the default timeout. I suppose it should fix the issue for new scans ? Thanks -Original Message- From: Christian Fischer To: openvas-discuss@wald.intevation.org Subject: Re: [Openvas-discuss] NVT with error severity level Date: Tue, 24 Jan 2017 08:40:17 +0100 Hi, On 23.01.2017 19:12, tato...@free.fr wrote: > Hello, > > I'm trying to get a list of hosts vulnerable to a particular NVT. In this case, 1.3.6.1.4.1.25623.1.0.100610 (JBoss Enterprise Application Platform Multiple Vulnerabilities). Looking at this particular NVT in GSA, and clicking on the "Show scan results for this NVT" menu, takes me to the list of hosts vulnerable to this NVT, as expected. > > However, on the listing, the vulnerability appears with a severity set to "Error" on all vulnerable hosts (see attached screenshot if it goes through), while on the NVT page detail, the severity score is set to 5.0 (Medium). I also notice that the location is set to "General/TCP", while I would expect here to see the application port (8080). Is this a bug or am I missing something ? And in that particular case, are the results reliable ? > > Thank you > > System Info: > openvas-manager-6.0.9-0kali1 > openvas-scanner-5.0.7-3 > > On Kali Linux Rolling. All packages up to date. an "Error" severity mostly means that e.g. the NVT timed out after a specific time or similar. You can get this information if you open the Reports page for that specific report where the error happened: http://docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html#reports Then open the "Report: Error Messages" link as shown on the "Different views of the same report." image. Regards, ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] OpenVAS hangs the system while using very few ressources
Dear all, I'm using OpenVAS to scan large networks using default scan profiles. So far so good. However, at some points during the scan, the system becomes unresponsive, while OpenVAS keeps running and scanning. So the system works, but very very very slowly until the scan finish. Sometimes I can't even ssh into the system anymore. When this happens, if I run a top command; while the command takes ages to succeed, it doesn't show any particular overload. CPU and memory consumption are perfectly normal, and actually even low. So I suspect a problem of buffer; probably network buffers since this happens only when scanning large networks (/22 or above). Is there any /proc settings I could tweak to fix the issue ? I'm using Openvas on kali linux. Thank you ! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
Hi Fabio, You just saved my day ! :-) It works perfectly. I was just missing the apply_overrides attribute ! Now with this, overrides applied in GSA are effective in the reports generated via omp. Thank you so much ! On Thu, 2016-10-06 at 11:56 +0100, Fábio Fernandes wrote: > Hi i think i discovered the solution although i’m not using omp. I tested the > command get_reports with the attribute apply_overrides=“1” and the overrides > were applied. > What command are you using in omp? > > Fabio > > > No dia 06/10/2016, às 11:32, tatooin escreveu: > > > > Hi Fabio, > > > > Thank you, as indeed this was the right syntax to use ! And the newly > > created override is properly seen by GSA. > > > > However the problem unfortunately remains. If I generate reports from > > omp, the overrides are still not applied in the generated csv files. I > > start to believe it's a bug with openvas-manager. Or is there any > > specific omp command to force overrides being applied to reports ? > > > > Thanks > > > > On Thu, 2016-10-06 at 02:31 +0100, Fábio Fernandes wrote: > >> Ok i found how to do it now. Set severity to -1.0. > >> > >> Fabio > >> > >>> No dia 06/10/2016, às 02:26, Fábio Fernandes > >>> escreveu: > >>> > >>> I tried your example but never managed to set an override with threat > >>> “False Positive”. > >>> Try this: > >>> > >>> > >>> This is actually of little concern. > >>> > >>> 0.0 > >>> > >>> > >>> > >>> Fabio > >>> > >>>> No dia 01/10/2016, às 08:01, tato...@free.fr escreveu: > >>>> > >>>> Hello, > >>>> > >>>> There is really nobody able to answer the issue below ? I find hard to > >>>> believe that none of the experts in this group don't have a clue on this. > >>>> I'm just trying to set an override !! > >>>> > >>>> Thanks > >>>> > >>>> - Mail original - > >>>> De: tato...@free.fr > >>>> À: "Fábio Fernandes" > >>>> Cc: openvas-discuss@wald.intevation.org > >>>> Envoyé: Mercredi 28 Septembre 2016 09:17:35 > >>>> Objet: Re: [Openvas-discuss] Overrides management questions > >>>> > >>>> The problem is that the documentation is impossible to understand if > >>>> you're not a developper yourself or an xml expert... > >>>> > >>>> I tried with the following xml: > >>>> > >>>> > >>>> This is actually of little concern. > >>>> > >>>> False Positive > >>>> > >>>> > >>>> > >>>> Same error: > >>>> > >>>> >>>> status="500"> > >>>> > >>>> :-( > >>>> > >>>> - Mail original - > >>>> De: "Fábio Fernandes" > >>>> À: tato...@free.fr > >>>> Cc: "matthew mundell" , > >>>> openvas-discuss@wald.intevation.org > >>>> Envoyé: Mercredi 28 Septembre 2016 01:55:23 > >>>> Objet: Re: [Openvas-discuss] Overrides management questions > >>>> > >>>> There seems to be a problem with your request but the error code seems > >>>> suspicious. > >>>> Task should be: >>>>> status="500"> > >>>>> > >>>>> tnx > >>>>> > >>>>> - Mail original - > >>>>> De: tato...@free.fr > >>>>> À: "matthew mundell" > >>>>> Cc: openvas-discuss@wald.intevation.org > >>>>> Envoyé: Lundi 26 Septembre 2016 17:15:26 > >>>>> Objet: Re: [Openvas-discuss] Overrides management questions > >>>>> > >>>>> Well, then I get an "internal error" message... > >>>>> > >>>>> >>>>> status="500"> > >>>>> > >>>>> I tried with your example: > >>>>> > >>>>> > >>>>> This is actually of little concern. > >>>>> > >>>>> False Positive > >>>>> a
Re: [Openvas-discuss] Overrides management questions
Hi Fabio, Thank you, as indeed this was the right syntax to use ! And the newly created override is properly seen by GSA. However the problem unfortunately remains. If I generate reports from omp, the overrides are still not applied in the generated csv files. I start to believe it's a bug with openvas-manager. Or is there any specific omp command to force overrides being applied to reports ? Thanks On Thu, 2016-10-06 at 02:31 +0100, Fábio Fernandes wrote: > Ok i found how to do it now. Set severity to -1.0. > > Fabio > > > No dia 06/10/2016, às 02:26, Fábio Fernandes > > escreveu: > > > > I tried your example but never managed to set an override with threat > > “False Positive”. > > Try this: > > > > > > This is actually of little concern. > > > > 0.0 > > > > > > > > Fabio > > > >> No dia 01/10/2016, às 08:01, tato...@free.fr escreveu: > >> > >> Hello, > >> > >> There is really nobody able to answer the issue below ? I find hard to > >> believe that none of the experts in this group don't have a clue on this. > >> I'm just trying to set an override !! > >> > >> Thanks > >> > >> - Mail original - > >> De: tato...@free.fr > >> À: "Fábio Fernandes" > >> Cc: openvas-discuss@wald.intevation.org > >> Envoyé: Mercredi 28 Septembre 2016 09:17:35 > >> Objet: Re: [Openvas-discuss] Overrides management questions > >> > >> The problem is that the documentation is impossible to understand if > >> you're not a developper yourself or an xml expert... > >> > >> I tried with the following xml: > >> > >> > >> This is actually of little concern. > >> > >> False Positive > >> > >> > >> > >> Same error: > >> > >> >> status="500"> > >> > >> :-( > >> > >> - Mail original - > >> De: "Fábio Fernandes" > >> À: tato...@free.fr > >> Cc: "matthew mundell" , > >> openvas-discuss@wald.intevation.org > >> Envoyé: Mercredi 28 Septembre 2016 01:55:23 > >> Objet: Re: [Openvas-discuss] Overrides management questions > >> > >> There seems to be a problem with your request but the error code seems > >> suspicious. > >> Task should be: >>> status="500"> > >>> > >>> tnx > >>> > >>> - Mail original - > >>> De: tato...@free.fr > >>> À: "matthew mundell" > >>> Cc: openvas-discuss@wald.intevation.org > >>> Envoyé: Lundi 26 Septembre 2016 17:15:26 > >>> Objet: Re: [Openvas-discuss] Overrides management questions > >>> > >>> Well, then I get an "internal error" message... > >>> > >>> >>> status="500"> > >>> > >>> I tried with your example: > >>> > >>> > >>> This is actually of little concern. > >>> > >>> False Positive > >>> a06cbabd-0cd4-4604-a58d-f831d9c7ec29 > >>> any > >>> > >>> > >>> Please clarify what I am doing wrong, I'm a bit lost with the syntax. > >>> > >>> Thanks > >>> > >>> - Mail original - > >>> De: "mattm" > >>> À: tato...@free.fr > >>> Cc: "Fábio Fernandes" , > >>> openvas-discuss@wald.intevation.org > >>> Envoyé: Lundi 26 Septembre 2016 14:50:20 > >>> Objet: Re: [Openvas-discuss] Overrides management questions > >>> > I did some research and I tried sending the following xml command to omp > to create an override: > > > This is actually of little concern. > 1.3.6.1.4.1.25623.1.0.103239 > >>> > >>> The NVT oid should be an attribute: > >>> > >>> > >>> > >>> See > >>> > >>> http://www.openvas.org/omp-6-0.html#command_create_override > >>> > >>> The example is wrong though, I'll update it. > >>> > >>> -- > >>> Greenbone Networks GmbH > >>> Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 > >>> Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner > >>> ___ > >>> Openvas-discuss mailing list > >>> Openvas-discuss@wald.intevation.org > >>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > >>> ___ > >>> Openvas-discuss mailing list > >>> Openvas-discuss@wald.intevation.org > >>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > >> > >> ___ > >> Openvas-discuss mailing list > >> Openvas-discuss@wald.intevation.org > >> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > > ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
Hello, There is really nobody able to answer the issue below ? I find hard to believe that none of the experts in this group don't have a clue on this. I'm just trying to set an override !! Thanks - Mail original - De: tato...@free.fr À: "Fábio Fernandes" Cc: openvas-discuss@wald.intevation.org Envoyé: Mercredi 28 Septembre 2016 09:17:35 Objet: Re: [Openvas-discuss] Overrides management questions The problem is that the documentation is impossible to understand if you're not a developper yourself or an xml expert... I tried with the following xml: This is actually of little concern. False Positive Same error: :-( - Mail original - De: "Fábio Fernandes" À: tato...@free.fr Cc: "matthew mundell" , openvas-discuss@wald.intevation.org Envoyé: Mercredi 28 Septembre 2016 01:55:23 Objet: Re: [Openvas-discuss] Overrides management questions There seems to be a problem with your request but the error code seems suspicious. Task should be: status="500"> > > tnx > > - Mail original - > De: tato...@free.fr > À: "matthew mundell" > Cc: openvas-discuss@wald.intevation.org > Envoyé: Lundi 26 Septembre 2016 17:15:26 > Objet: Re: [Openvas-discuss] Overrides management questions > > Well, then I get an "internal error" message... > > > > I tried with your example: > > > This is actually of little concern. > > False Positive > a06cbabd-0cd4-4604-a58d-f831d9c7ec29 > any > > > Please clarify what I am doing wrong, I'm a bit lost with the syntax. > > Thanks > > - Mail original - > De: "mattm" > À: tato...@free.fr > Cc: "Fábio Fernandes" , > openvas-discuss@wald.intevation.org > Envoyé: Lundi 26 Septembre 2016 14:50:20 > Objet: Re: [Openvas-discuss] Overrides management questions > >> I did some research and I tried sending the following xml command to omp to >> create an override: >> >> >> This is actually of little concern. >> 1.3.6.1.4.1.25623.1.0.103239 > > The NVT oid should be an attribute: > > > > See > > http://www.openvas.org/omp-6-0.html#command_create_override > > The example is wrong though, I'll update it. > > -- > Greenbone Networks GmbH > Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 > Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA crashes, no log
Actually the GSAD is still running, but refusing connections to the service,
like if the port was no longer open.
Tracing the process don't show any activity. It's just stalling... like it's
frozen.
- Mail original -
De: "Fábio Fernandes"
À: tato...@free.fr
Cc: "Reindl Harald" ,
openvas-discuss@wald.intevation.org
Envoyé: Mercredi 28 Septembre 2016 01:25:43
Objet: Re: [Openvas-discuss] GSA crashes, no log
I don’t see anything in the log. What kind of crash is it? GSAD terminates or
the website gets unresponsive?
You said that you upgraded GSAD maybe you can try to use a version where it is
not upgraded and see if that behavior persists.
Fabio.
> No dia 26/09/2016, às 13:21, tato...@free.fr escreveu:
>
> Hello,
>
> Crash just happened again. Now I have logs but I'm afraid it won't help. Here
> are the last lines:
>
> lib serv: DEBUG:2016-09-26 13h40.29 CEST:5476:send 65 from
>
> lib serv: DEBUG:2016-09-26 13h40.29 CEST:5476: => done
> lib xml: DEBUG:2016-09-26 13h40.29 CEST:5476:asking for 1048576
> lib xml: DEBUG:2016-09-26 13h40.29 CEST:5476: <= status="200" status_text="OK"> start="1" max="-1"/> id="20f3034c-e709-11e1-87e7-406186ea4fc5">Wizard RowsIf
> the number of rows in a listing is above this any wizard be
> hidden.3 id="20f3034c-e709-11e1-87e7-406186ea4fc5">Wizard RowsIf
> the number of rows in a listing is above this any wizard be
> hidden.3462
>
> The crash time and last log time are consistent. But I don't see anything
> wrong.
>
> Any idea ?
>
> Thanks
>
> - Mail original -
> De: "tatooin"
> À: "Reindl Harald"
> Cc: openvas-discuss@wald.intevation.org
> Envoyé: Mercredi 14 Septembre 2016 16:33:56
> Objet: Re: [Openvas-discuss] GSA crashes, no log
>
> Thanks Reindl, and actually I agree with you given the number of stupid
> issues I've struggled with since using Kali. But unfortunately, for
> pentesting, I don't see any alternatives to kali.
>
> Anyway thanks for posting your scripts, I'm using yours now. For
> reference, the default logrotate files shipped with kali contains:
>
>
> /var/log/openvas/gsad.log {
> missingok
> notifempty
> create 640 root adm
> daily
> rotate 7
> compress
> postrotate
>if [ -s /var/run/gsad.pid ]; then kill -1 `cat /var/run/gsad.pid`;
> fi
>openvaslogs=`ls /var/log/openvas/gsad.log.*`
>if [ -n "$openvaslogs" ]; then
>chown root:adm $openvaslogs
>chmod 640 $openvaslogs
>fi
> endscript
> }
>
> Same for openvas manager and scanner...
>
> On Wed, 2016-09-14 at 16:14 +0200, Reindl Harald wrote:
>>
>> Am 14.09.2016 um 14:42 schrieb tatooin:
>>> Yes, I understand that. But the point is; why is this broken logrotate
>>> script shipped by default with OpenVas (and actually, GSA) on kali ?
>>
>> because "kali" without ever used it seems to be a broken distribution
>> when they are even not capable to write a working logrotate script which
>> sends a SIGHUP to the process to actually get the filehandle closed
>>
>> [root@openvas:~]$ cat /etc/logrotate.d/openvas-gsa
>> # logrotate for openvas-manager
>> /var/log/openvas/openvas-gsa.log {
>> rotate 4
>> weekly
>> compress
>> delaycompress
>> missingok
>> postrotate
>> /usr/bin/killall -HUP gsad > /dev/null 2>&1 || true
>> endscript
>> }
>>
>> [root@openvas:~]$ cat /etc/logrotate.d/openvas-manager
>> # logrotate for openvas-manager
>> /var/log/openvas/openvasmd.log {
>> rotate 4
>> weekly
>> compress
>> delaycompress
>> missingok
>> postrotate
>> /usr/bin/killall -HUP openvasmd > /dev/null 2>&1 || true
>> endscript
>> }
>>
>> [root@openvas:~]$ cat /etc/logrotate.d/openvas-scanner
>> # logrotate for openvas
>> /var/log/openvas/openvassd.log {
>> rotate 4
>> weekly
>> compress
>> delaycompress
>> missingok
>> postrotate
>> /usr/bin/killall -HUP openvassd > /dev/null 2>&1 || true
>> endscript
>> }
>>
>>> Probably a question best posted to Kali forums, though
>>
>> yes
>> ___
>> Openvas-discuss mailing list
>> Openvas-discuss@wald.intevation.org
>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
>
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
The problem is that the documentation is impossible to understand if you're not a developper yourself or an xml expert... I tried with the following xml: This is actually of little concern. False Positive Same error: :-( - Mail original - De: "Fábio Fernandes" À: tato...@free.fr Cc: "matthew mundell" , openvas-discuss@wald.intevation.org Envoyé: Mercredi 28 Septembre 2016 01:55:23 Objet: Re: [Openvas-discuss] Overrides management questions There seems to be a problem with your request but the error code seems suspicious. Task should be: status="500"> > > tnx > > - Mail original - > De: tato...@free.fr > À: "matthew mundell" > Cc: openvas-discuss@wald.intevation.org > Envoyé: Lundi 26 Septembre 2016 17:15:26 > Objet: Re: [Openvas-discuss] Overrides management questions > > Well, then I get an "internal error" message... > > > > I tried with your example: > > > This is actually of little concern. > > False Positive > a06cbabd-0cd4-4604-a58d-f831d9c7ec29 > any > > > Please clarify what I am doing wrong, I'm a bit lost with the syntax. > > Thanks > > - Mail original - > De: "mattm" > À: tato...@free.fr > Cc: "Fábio Fernandes" , > openvas-discuss@wald.intevation.org > Envoyé: Lundi 26 Septembre 2016 14:50:20 > Objet: Re: [Openvas-discuss] Overrides management questions > >> I did some research and I tried sending the following xml command to omp to >> create an override: >> >> >> This is actually of little concern. >> 1.3.6.1.4.1.25623.1.0.103239 > > The NVT oid should be an attribute: > > > > See > > http://www.openvas.org/omp-6-0.html#command_create_override > > The example is wrong though, I'll update it. > > -- > Greenbone Networks GmbH > Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 > Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
Sorry, wrong error message; that was: tnx - Mail original - De: tato...@free.fr À: "matthew mundell" Cc: openvas-discuss@wald.intevation.org Envoyé: Lundi 26 Septembre 2016 17:15:26 Objet: Re: [Openvas-discuss] Overrides management questions Well, then I get an "internal error" message... I tried with your example: This is actually of little concern. False Positive a06cbabd-0cd4-4604-a58d-f831d9c7ec29 any Please clarify what I am doing wrong, I'm a bit lost with the syntax. Thanks - Mail original - De: "mattm" À: tato...@free.fr Cc: "Fábio Fernandes" , openvas-discuss@wald.intevation.org Envoyé: Lundi 26 Septembre 2016 14:50:20 Objet: Re: [Openvas-discuss] Overrides management questions > I did some research and I tried sending the following xml command to omp to > create an override: > > >This is actually of little concern. >1.3.6.1.4.1.25623.1.0.103239 The NVT oid should be an attribute: See http://www.openvas.org/omp-6-0.html#command_create_override The example is wrong though, I'll update it. -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
Well, then I get an "internal error" message... I tried with your example: This is actually of little concern. False Positive a06cbabd-0cd4-4604-a58d-f831d9c7ec29 any Please clarify what I am doing wrong, I'm a bit lost with the syntax. Thanks - Mail original - De: "mattm" À: tato...@free.fr Cc: "Fábio Fernandes" , openvas-discuss@wald.intevation.org Envoyé: Lundi 26 Septembre 2016 14:50:20 Objet: Re: [Openvas-discuss] Overrides management questions > I did some research and I tried sending the following xml command to omp to > create an override: > > >This is actually of little concern. >1.3.6.1.4.1.25623.1.0.103239 The NVT oid should be an attribute: See http://www.openvas.org/omp-6-0.html#command_create_override The example is wrong though, I'll update it. -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
Hi Fabio, I did some research and I tried sending the following xml command to omp to create an override: This is actually of little concern. 1.3.6.1.4.1.25623.1.0.103239 False Positive a06cbabd-0cd4-4604-a58d-f831d9c7ec29 any OMP answers with the following: I have no clue about what "NVT entity" is. I have googled it but found nothing related. I really don't understand why it's so complicated to perform what should be such a simple operation... Any clue ? Thanks - Mail original - De: "Fábio Fernandes" À: "tatooin" Cc: openvas-discuss@wald.intevation.org Envoyé: Jeudi 15 Septembre 2016 18:52:16 Objet: Re: [Openvas-discuss] Overrides management questions I have never done that but it should’t be hard check here http://www.openvas.org/omp-6-0.html#command_create_override . Fabio No dia 14/09/2016, às 10:59, tatooin < tato...@free.fr > escreveu: Hi Fabio, I'm not sure how to actually do this. Could you give an example of such command ? Thank you ! On Tue, 2016-09-06 at 15:12 +0100, Fábio Fernandes wrote: That is to enable overrides i was trying to say to add the override with amp CLI but it is just an idea. http://www.openvas.org/omp-6-0.html#command_create_override Fabio No dia 06/09/2016, às 13:57, tatooin escreveu: Hi Fabio, I tried adding the override with omp (this is actually the only way I know of), using the command : omp -h 127.0.0.1 -u admin -w "pass" -iX '' | xmlstarlet sel -t -v get_reports_response/report/text\(\) | base64 -i -d report.csv But I still don't get the overrides applied. :-( Is there any other way ? Thanks again for your help. On Mon, 2016-09-05 at 20:55 +0100, Fábio Fernandes wrote: I don’t think so maybe someone can help? Have you tried to add the override with the omp maybe it will work. Fabio No dia 02/09/2016, às 09:24, tatooin escreveu: piping an xml file directly to omp ? ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA crashes, no log
Hello,
Crash just happened again. Now I have logs but I'm afraid it won't help. Here
are the last lines:
lib serv: DEBUG:2016-09-26 13h40.29 CEST:5476:send 65 from
lib serv: DEBUG:2016-09-26 13h40.29 CEST:5476: => done
lib xml: DEBUG:2016-09-26 13h40.29 CEST:5476:asking for 1048576
lib xml: DEBUG:2016-09-26 13h40.29 CEST:5476: <= Wizard RowsIf
the number of rows in a listing is above this any wizard be
hidden.3Wizard RowsIf
the number of rows in a listing is above this any wizard be
hidden.3462
The crash time and last log time are consistent. But I don't see anything
wrong.
Any idea ?
Thanks
- Mail original -
De: "tatooin"
À: "Reindl Harald"
Cc: openvas-discuss@wald.intevation.org
Envoyé: Mercredi 14 Septembre 2016 16:33:56
Objet: Re: [Openvas-discuss] GSA crashes, no log
Thanks Reindl, and actually I agree with you given the number of stupid
issues I've struggled with since using Kali. But unfortunately, for
pentesting, I don't see any alternatives to kali.
Anyway thanks for posting your scripts, I'm using yours now. For
reference, the default logrotate files shipped with kali contains:
/var/log/openvas/gsad.log {
missingok
notifempty
create 640 root adm
daily
rotate 7
compress
postrotate
if [ -s /var/run/gsad.pid ]; then kill -1 `cat /var/run/gsad.pid`;
fi
openvaslogs=`ls /var/log/openvas/gsad.log.*`
if [ -n "$openvaslogs" ]; then
chown root:adm $openvaslogs
chmod 640 $openvaslogs
fi
endscript
}
Same for openvas manager and scanner...
On Wed, 2016-09-14 at 16:14 +0200, Reindl Harald wrote:
>
> Am 14.09.2016 um 14:42 schrieb tatooin:
> > Yes, I understand that. But the point is; why is this broken logrotate
> > script shipped by default with OpenVas (and actually, GSA) on kali ?
>
> because "kali" without ever used it seems to be a broken distribution
> when they are even not capable to write a working logrotate script which
> sends a SIGHUP to the process to actually get the filehandle closed
>
> [root@openvas:~]$ cat /etc/logrotate.d/openvas-gsa
> # logrotate for openvas-manager
> /var/log/openvas/openvas-gsa.log {
> rotate 4
> weekly
> compress
> delaycompress
> missingok
> postrotate
> /usr/bin/killall -HUP gsad > /dev/null 2>&1 || true
> endscript
> }
>
> [root@openvas:~]$ cat /etc/logrotate.d/openvas-manager
> # logrotate for openvas-manager
> /var/log/openvas/openvasmd.log {
> rotate 4
> weekly
> compress
> delaycompress
> missingok
> postrotate
> /usr/bin/killall -HUP openvasmd > /dev/null 2>&1 || true
> endscript
> }
>
> [root@openvas:~]$ cat /etc/logrotate.d/openvas-scanner
> # logrotate for openvas
> /var/log/openvas/openvassd.log {
> rotate 4
> weekly
> compress
> delaycompress
> missingok
> postrotate
> /usr/bin/killall -HUP openvassd > /dev/null 2>&1 || true
> endscript
> }
>
> > Probably a question best posted to Kali forums, though
>
> yes
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS large PDF export
I don't think it's related to his installation, as I witness the same problem.
After a certain number of online hosts scanned, the pdf export function will
fail (timeout)
- Mail original -
De: "Eero Volotinen"
À: "Tijmen Schoemaker"
Cc: openvas-discuss@wald.intevation.org
Envoyé: Mercredi 21 Septembre 2016 12:52:57
Objet: Re: [Openvas-discuss] OpenVAS large PDF export
well, your source file is corrupted or incomplete? It might be bug or something
.. like memory problem?
Eero
21.9.2016 12.22 ip. "Schoemaker, Tijmen" < tijmen.schoema...@sheerenloo.nl >
kirjoitti:
Alrigt, process is done.
It ends with:
Lookup variable 'threat'
Lookup variable 'threat'
Lookup variable 'threat'
xsltIf: test evaluate to 0
call-template returned: name result-details-host-port-threat
call-template returned: name results-per-host-single-host-findings
call-template returned: name results-per-host-single-host
call-template returned: name results-per-host
xsltApplySequenceConstructor: copy text
\begin{center}
\medskip
\rule{\textwidth}{0.1pt}
This file was automatically generated.
\end{center}
\end{document}
xsltCopyText: copy text
\begin{center}
\medskip
\rule{\textwidth}{0.1pt}
This file was automatically generated.
\end{center}
\end{document}
call-template returned: name real-report
Shutting down module : http://exslt.org/functions
freeing transformation dictionary
Shutting down module : http://exslt.org/functions
freeing dictionary from stylesheet
cat: /tmp/tmp.J2fGT7DmLq/report.pdf: No such file or directory
The directory is present, but there is no .pdf file.
/tmp/tmp.J2fGT7DmLq/report.log says: (to much for mail, pastebin link below)
http://pastebin.com/7LMGaZxP
Gr Tijmen
Van: eero.t.voloti...@gmail.com [mailto: eero.t.voloti...@gmail.com ] Namens
Eero Volotinen
Verzonden: woensdag 21 september 2016 10:18
Aan: Schoemaker, Tijmen
CC: Fábio Fernandes; openvas-discuss@wald.intevation.org
Onderwerp: Re: [Openvas-discuss] OpenVAS large PDF export
sounds like DNS (nameserver) problem?
Eero
2016-09-21 11:16 GMT+03:00 Schoemaker, Tijmen < tijmen.schoema...@sheerenloo.nl
> :
I added --verbose --debug to the xsltproc command line.
It's processing 31846 times 'lookup variable host' for several processes.
So far, it hasnt quit on me and it's still running.
Gr
Van: eero.t.voloti...@gmail.com [mailto: eero.t.voloti...@gmail.com ] Namens
Eero Volotinen
Verzonden: woensdag 21 september 2016 9:44
Aan: Schoemaker, Tijmen
CC: Fábio Fernandes; openvas-discuss@wald.intevation.org
Onderwerp: Re: [Openvas-discuss] OpenVAS large PDF export
You could add some debugging to generate script that is used to generate pdf.
use
find / -type f -iname 'generate' -print
and locate the correct one..
Eero
2016-09-21 8:19 GMT+03:00 Schoemaker, Tijmen < tijmen.schoema...@sheerenloo.nl
> :
Using the CLI wasnt a succes either. Just keeps on busy.
(sudo omp -h 127.0.0.1 -p-port=9391 -u admin -p -R
6e637591-b6e2-425d-b3a1-8f49d47cabc1 --format
c402cc3e-b531-11e1-9163-406186ea4fc5 > report.pdf)
I also tried to copy the report.xml to /tmp, then:
cd
/usr/share/openvas/openvasmd/global_report_formats/c402cc3e-b531-11e1-9163-406186ea4fc5
sudo ./generate /tmp/report.xml >/tmp/report.pdf
Whitout succes..
W hat level is max? 0 or 128?
Van: Fábio Fernandes [mailto: fabiogfernan...@gmail.com ]
Verzonden: dinsdag 20 september 2016 14:00
Aan: Eero Volotinen
CC: Schoemaker, Tijmen; openvas-discuss@wald.intevation.org
Onderwerp: Re: [Openvas-discuss] OpenVAS large PDF export
I never scanned so many hosts but if i were you i would try to download the
report through openvas-cli or connecting directly with the OpenVAS Manager.
Also check the GSAD and Manager logs it can give a hint to what is happening
(remember to raise the log level to max).
Fabio
No dia 20/09/2016, às 07:19, Eero Volotinen < eero.voloti...@iki.fi > escreveu:
This might be memory limit or timeout?
Eero
2016-09-19 14:19 GMT+03:00 Schoemaker, Tijmen < tijmen.schoema...@sheerenloo.nl
> :
Hello,
A large PDF export of a /23 subnet with 9971 results is not possible.
Doing a cat on the report.log from the tmp folder shows:
sudo cat /tmp/tmp.zGGqzDb0VU/report.log
This is pdfTeX, Version 3.14159265-2.6-1.40.16 (TeX Live 2015/Debian)
(preloaded format=pdflatex 2016.9.15) 19 SEP 2016 08:15
entering extended mode
restricted \write18 enabled.
%&-line parsing enabled.
**/tmp/tmp.zGGqzDb0VU/report.tex
(/tmp/tmp.zGGqzDb0VU/report.tex
LaTeX2e <2016/02/01>
Babel <3.9q> and hyphenation patterns for 3 language(s) loaded.
)
! Emergency stop.
<*> /tmp/tmp.zGGqzDb0VU/report.tex
*** (job aborted, no legal \end found)
Here is how much of TeX's memory you used:
6 strings out of 494953
208 string characters out of 6180977
45171 words of memory out of 500
3390 multiletter control sequenc
Re: [Openvas-discuss] GSA crashes, no log
Thanks Reindl, and actually I agree with you given the number of stupid
issues I've struggled with since using Kali. But unfortunately, for
pentesting, I don't see any alternatives to kali.
Anyway thanks for posting your scripts, I'm using yours now. For
reference, the default logrotate files shipped with kali contains:
/var/log/openvas/gsad.log {
missingok
notifempty
create 640 root adm
daily
rotate 7
compress
postrotate
if [ -s /var/run/gsad.pid ]; then kill -1 `cat /var/run/gsad.pid`;
fi
openvaslogs=`ls /var/log/openvas/gsad.log.*`
if [ -n "$openvaslogs" ]; then
chown root:adm $openvaslogs
chmod 640 $openvaslogs
fi
endscript
}
Same for openvas manager and scanner...
On Wed, 2016-09-14 at 16:14 +0200, Reindl Harald wrote:
>
> Am 14.09.2016 um 14:42 schrieb tatooin:
> > Yes, I understand that. But the point is; why is this broken logrotate
> > script shipped by default with OpenVas (and actually, GSA) on kali ?
>
> because "kali" without ever used it seems to be a broken distribution
> when they are even not capable to write a working logrotate script which
> sends a SIGHUP to the process to actually get the filehandle closed
>
> [root@openvas:~]$ cat /etc/logrotate.d/openvas-gsa
> # logrotate for openvas-manager
> /var/log/openvas/openvas-gsa.log {
> rotate 4
> weekly
> compress
> delaycompress
> missingok
> postrotate
> /usr/bin/killall -HUP gsad > /dev/null 2>&1 || true
> endscript
> }
>
> [root@openvas:~]$ cat /etc/logrotate.d/openvas-manager
> # logrotate for openvas-manager
> /var/log/openvas/openvasmd.log {
> rotate 4
> weekly
> compress
> delaycompress
> missingok
> postrotate
> /usr/bin/killall -HUP openvasmd > /dev/null 2>&1 || true
> endscript
> }
>
> [root@openvas:~]$ cat /etc/logrotate.d/openvas-scanner
> # logrotate for openvas
> /var/log/openvas/openvassd.log {
> rotate 4
> weekly
> compress
> delaycompress
> missingok
> postrotate
> /usr/bin/killall -HUP openvassd > /dev/null 2>&1 || true
> endscript
> }
>
> > Probably a question best posted to Kali forums, though
>
> yes
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA crashes, no log
On Wed, 2016-09-14 at 13:26 +0200, Christian Fischer wrote: > Hi, > > On 09/14/2016 01:19 PM, tatooin wrote: > > I can actually witness the same situation with openvas. Whenever the > > logfile is rotated, the new logfile remain empty. > > which is expected depending on your logrotate script. You need to reload > all services after logrotating. If this is not done the new logfile > remains empty. See an example here: > > https://stackoverflow.com/questions/36325214/how-does-nginx-restart-after-being-killed-by-log-rotate > Yes, I understand that. But the point is; why is this broken logrotate script shipped by default with OpenVas (and actually, GSA) on kali ? Probably a question best posted to Kali forums, though. Best, ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA crashes, no log
Hi, I did. But the old one doesn't teach me anything. It just logged the actions I performed yesterday, and everything went fine. The crash occured this morning, while the logfile was already empty and not updated. Thanks On Wed, 2016-09-14 at 13:26 +0200, Reindl Harald wrote: > > Am 14.09.2016 um 13:19 schrieb tatooin: > > GSA crashed again, but unfortunately the /var/log/openvas/gsad.log file > > is empty. It was rotated yesterday, and the new logfile is empty > > so why don't you just look in the old one? > what says "ls -lh /var/log/openvas/" > > and if it's .xz, .gz or .bz2 use > xzcat > zcat > bzcat > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA crashes, no log
Hi Fabio, GSA crashed again, but unfortunately the /var/log/openvas/gsad.log file is empty. It was rotated yesterday, and the new logfile is empty. I can actually witness the same situation with openvas. Whenever the logfile is rotated, the new logfile remain empty. However, I checked gsa this morning and it was working fine, while the logfile was rotated yesterday, so I'm not sure it's related. Any clue ? Thanks On Tue, 2016-09-13 at 11:00 +0100, Fábio Fernandes wrote: > I’m not using OpenVAS Kali version anymore but you could try to increase the > log level at "/etc/openvas/gsad_log.conf”. > > [*] > prepend=%t %p > prepend_time_format=%Y-%m-%d %Hh%M.%S %Z > file=/var/log/openvas/gsad.log > level=0 > > Change level to “level=128” and restart GSAD then see what happens. > > Fabio > > > No dia 13/09/2016, às 10:21, tatooin escreveu: > > > > Hello, > > > > Since I upgraded to GSA 6.0.10-0kali1, using standard Kali repos, GSA is > > crashing from times to times; in general 2 or 3 times a week. I just > > have to restart the service and it's working again. > > > > The logfile is empty. Is there anything I could configure on GSA side to > > check what's going on ? I don't see any particular loggings directives > > nor options if I run the daemon in the foreground with --help. > > > > Thank you > > > > ___ > > Openvas-discuss mailing list > > Openvas-discuss@wald.intevation.org > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
Hi Fabio, I'm not sure how to actually do this. Could you give an example of such command ? Thank you ! On Tue, 2016-09-06 at 15:12 +0100, Fábio Fernandes wrote: > That is to enable overrides i was trying to say to add the override > with amp CLI but it is just an idea. > > http://www.openvas.org/omp-6-0.html#command_create_override > > > Fabio > > > No dia 06/09/2016, às 13:57, tatooin escreveu: > > > > Hi Fabio, > > > > I tried adding the override with omp (this is actually the only way > > I > > know of), using the command : > > > > omp -h 127.0.0.1 -u admin -w "pass" -iX ' > report_id="5c9870b4-2d15-4b97-91ca-8fd6ee0a1b2b" > > format_id="c1645568-627a-11e3-a660-406186ea4fc5" overrides="1" />' | > > xmlstarlet sel -t -v get_reports_response/report/text\(\) | base64 > > -i -d > > > report.csv > > > > But I still don't get the overrides applied. :-( > > > > Is there any other way ? > > > > Thanks again for your help. > > > > On Mon, 2016-09-05 at 20:55 +0100, Fábio Fernandes wrote: > > > I don’t think so maybe someone can help? Have you tried to add the > > > override with the omp maybe it will work. > > > > > > > > > Fabio > > > > > > > No dia 02/09/2016, às 09:24, tatooin escreveu: > > > > > > > > piping an xml file directly to omp ? > > > > > > > > > > > > > > > > > > ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] GSA crashes, no log
Done. Thank you Fabio. Let's see what happens now.. Best, On Tue, 2016-09-13 at 11:00 +0100, Fábio Fernandes wrote: > I’m not using OpenVAS Kali version anymore but you could try to increase the > log level at "/etc/openvas/gsad_log.conf”. > > [*] > prepend=%t %p > prepend_time_format=%Y-%m-%d %Hh%M.%S %Z > file=/var/log/openvas/gsad.log > level=0 > > Change level to “level=128” and restart GSAD then see what happens. > > Fabio > > > No dia 13/09/2016, às 10:21, tatooin escreveu: > > > > Hello, > > > > Since I upgraded to GSA 6.0.10-0kali1, using standard Kali repos, GSA is > > crashing from times to times; in general 2 or 3 times a week. I just > > have to restart the service and it's working again. > > > > The logfile is empty. Is there anything I could configure on GSA side to > > check what's going on ? I don't see any particular loggings directives > > nor options if I run the daemon in the foreground with --help. > > > > Thank you > > > > ___ > > Openvas-discuss mailing list > > Openvas-discuss@wald.intevation.org > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] GSA crashes, no log
Hello, Since I upgraded to GSA 6.0.10-0kali1, using standard Kali repos, GSA is crashing from times to times; in general 2 or 3 times a week. I just have to restart the service and it's working again. The logfile is empty. Is there anything I could configure on GSA side to check what's going on ? I don't see any particular loggings directives nor options if I run the daemon in the foreground with --help. Thank you ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
Hi Fabio, I tried adding the override with omp (this is actually the only way I know of), using the command : omp -h 127.0.0.1 -u admin -w "pass" -iX '' | xmlstarlet sel -t -v get_reports_response/report/text\(\) | base64 -i -d > report.csv But I still don't get the overrides applied. :-( Is there any other way ? Thanks again for your help. On Mon, 2016-09-05 at 20:55 +0100, Fábio Fernandes wrote: > I don’t think so maybe someone can help? Have you tried to add the > override with the omp maybe it will work. > > > Fabio > > > No dia 02/09/2016, às 09:24, tatooin escreveu: > > > > piping an xml file directly to omp ? > > > > ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
Hello Fabio, And thank you very much for your answer. Do you know if there is a workaround to this, like piping an xml file directly to omp ? I have dozens of reports to work with, and generating them via GSA is overkill, so I would like to generate them via omp, but with the overrides. Thank you On Thu, 2016-09-01 at 23:27 +0100, Fábio Fernandes wrote: > Hi i don’t have OpenVAS 6 but i tried that in OpenVAS 8 and it happens too. > It is a bug or there is something missing in the request. Maybe someone that > uses overrides more frequently can help? > > Fabio > > > No dia 01/09/2016, às 13:10, tato...@free.fr escreveu: > > > > Hello, > > > > Anyone can help ? I'm sure the fix is easy but I can't figure out what I am > > doing wrong !! > > > > - Mail original - > > De: "tatooin" > > À: openvas-discuss@wald.intevation.org > > Envoyé: Lundi 29 Août 2016 12:04:47 > > Objet: Re: [Openvas-discuss] Overrides management questions > > > > I tried generating the report with the following omp command: > > > > omp -h 127.0.0.1 -u admin -w "pass" -iX ' > report_id="5c9870b4-2d15-4b97-91ca-8fd6ee0a1b2b" > > format_id="c1645568-627a-11e3-a660-406186ea4fc5" overrides="1" />' | > > xmlstarlet sel -t -v get_reports_response/report/text\(\) | base64 -i -d > >> report.csv > > > > However the overrides are still not applied in the report. > > > > What am I doing wrong ? > > > > Thanks ! > > > > On Mon, 2016-08-29 at 09:56 +0200, tatooin wrote: > >> Hello ! > >> > >> I'm using GSA 6.0.10 with openvas 6.0.8 to manage my campaigns, but > >> using omp command line tool to generate reports (for scripting > >> reasons). > >> > >> However I have an issue with overrides. I create overrides in GSA for > >> certain false positives in my reports; but while those FP are managed > >> correctly when generating reports from GSA interface, they are absent if > >> I generate reports directly with omp, so the reports will score those > >> vulnerabilities as HIGH while I scored them as FP in GSA. > >> > >> Is there any solution to this ? Any way to have openvas-manager and GSA > >> sync each other for overrides ? > >> > >> Thanks in advance ! > >> Best, > >> > >> Vincent > >> > >> > >> > >> ___ > >> Openvas-discuss mailing list > >> Openvas-discuss@wald.intevation.org > >> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > > > > > ___ > > Openvas-discuss mailing list > > Openvas-discuss@wald.intevation.org > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > ___ > > Openvas-discuss mailing list > > Openvas-discuss@wald.intevation.org > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
Hello, Anyone can help ? I'm sure the fix is easy but I can't figure out what I am doing wrong !! - Mail original - De: "tatooin" À: openvas-discuss@wald.intevation.org Envoyé: Lundi 29 Août 2016 12:04:47 Objet: Re: [Openvas-discuss] Overrides management questions I tried generating the report with the following omp command: omp -h 127.0.0.1 -u admin -w "pass" -iX '' | xmlstarlet sel -t -v get_reports_response/report/text\(\) | base64 -i -d > report.csv However the overrides are still not applied in the report. What am I doing wrong ? Thanks ! On Mon, 2016-08-29 at 09:56 +0200, tatooin wrote: > Hello ! > > I'm using GSA 6.0.10 with openvas 6.0.8 to manage my campaigns, but > using omp command line tool to generate reports (for scripting > reasons). > > However I have an issue with overrides. I create overrides in GSA for > certain false positives in my reports; but while those FP are managed > correctly when generating reports from GSA interface, they are absent if > I generate reports directly with omp, so the reports will score those > vulnerabilities as HIGH while I scored them as FP in GSA. > > Is there any solution to this ? Any way to have openvas-manager and GSA > sync each other for overrides ? > > Thanks in advance ! > Best, > > Vincent > > > > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Overrides management questions
I tried generating the report with the following omp command: omp -h 127.0.0.1 -u admin -w "pass" -iX '' | xmlstarlet sel -t -v get_reports_response/report/text\(\) | base64 -i -d > report.csv However the overrides are still not applied in the report. What am I doing wrong ? Thanks ! On Mon, 2016-08-29 at 09:56 +0200, tatooin wrote: > Hello ! > > I'm using GSA 6.0.10 with openvas 6.0.8 to manage my campaigns, but > using omp command line tool to generate reports (for scripting > reasons). > > However I have an issue with overrides. I create overrides in GSA for > certain false positives in my reports; but while those FP are managed > correctly when generating reports from GSA interface, they are absent if > I generate reports directly with omp, so the reports will score those > vulnerabilities as HIGH while I scored them as FP in GSA. > > Is there any solution to this ? Any way to have openvas-manager and GSA > sync each other for overrides ? > > Thanks in advance ! > Best, > > Vincent > > > > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Overrides management questions
Hello ! I'm using GSA 6.0.10 with openvas 6.0.8 to manage my campaigns, but using omp command line tool to generate reports (for scripting reasons). However I have an issue with overrides. I create overrides in GSA for certain false positives in my reports; but while those FP are managed correctly when generating reports from GSA interface, they are absent if I generate reports directly with omp, so the reports will score those vulnerabilities as HIGH while I scored them as FP in GSA. Is there any solution to this ? Any way to have openvas-manager and GSA sync each other for overrides ? Thanks in advance ! Best, Vincent ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvasmd broken after package upgrade: undefined symbol
Yes, I actually already did. thanks On Sun, 2016-07-03 at 14:06 +0200, Chris wrote: > Hi, > > > Nevermind, I found the issue. For some reason the new package improperly > > check the dependencies. > > probably still something you should report to the kali guys so they can > fix it. > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvasmd broken after package upgrade: undefined symbol
Nevermind, I found the issue. For some reason the new package improperly check the dependencies. In my case libopenvas8 was needed but not installed.. After installing it, problem was fixed. On Sun, 2016-07-03 at 13:25 +0200, tatooin wrote: > Hello all, > > Just upgraded to the latest stable release of kali rolling > openvas-manager package (6.0.8-0kali1) > > Now the daemon fails to run immediately, I cannot even get access to the > --help menu. > > root@kali-gis-eur:~# /usr/sbin/openvasmd --help > /usr/sbin/openvasmd: symbol lookup error: /usr/sbin/openvasmd: undefined > symbol: osp_param_name > > Any suggestions appart from downgrading to the previous stable version ? > > Thanks ! > > ___ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] openvasmd broken after package upgrade: undefined symbol
Hello all, Just upgraded to the latest stable release of kali rolling openvas-manager package (6.0.8-0kali1) Now the daemon fails to run immediately, I cannot even get access to the --help menu. root@kali-gis-eur:~# /usr/sbin/openvasmd --help /usr/sbin/openvasmd: symbol lookup error: /usr/sbin/openvasmd: undefined symbol: osp_param_name Any suggestions appart from downgrading to the previous stable version ? Thanks ! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Openvasmd hangs after some time
Hello, Same problem happened again. All packages are up to date, and the server is almost a fresh install. Any clue why this is happening and where I should look to understand what's happening ? Sounds like another serious quality issue to me. Thanks ! - Mail original - De: "tatooin" À: openvas-discuss@wald.intevation.org Envoyé: Vendredi 10 Juin 2016 16:19:46 Objet: [Openvas-discuss] Openvasmd hangs after some time Hi, I'm trying to understand why my openvas-manager, working fine during several hours suddenly stop answering requests. Yesterday I ran a scan on a large network (/23); everything went fine during a couple of hours, scan was progressing normally, etc... then suddenly I couldn't login to GSA anymore. Looking at the console, I found that openvasmd was stuck updating it's database: root@kali-gis-eur:~# ps -ef | grep openvas root 12758 12746 0 15:57 pts/000:00:00 grep openvas root 16223 1 0 Jun09 ?00:00:15 openvasmd root 16224 1 0 Jun09 ?00:05:05 openvassd: Waiting for incoming connections root 21099 16223 0 07:35 ?00:00:00 openvasmd: Reloading root 21429 21099 98 07:40 ?08:08:12 openvasmd: Rebuilding It's already the 2nd time it's happening in a week. Any reason why this could happen ? I'm using openvas 6.0.5 with redis.conf file shipped with it. Thanks for your help ! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] sqlite3_prepare failed: no such table: result_new_severities
Hello, I have the following warning error in my openvas-manager (6.0.5) logs: md main:WARNING:2016-06-11 08h38.17 CEST:31119: sql_prepare_internal: sqlite3_prepare failed: no such table: result_new_severities md main:WARNING:2016-06-11 08h38.17 CEST:31119: init_iterator: sql_prepare failed md main:WARNING:2016-06-11 08h38.17 CEST:31119: sql_close: attempt to close db with open statement(s) This error happens right after a scan task finishes, and while my manager is still non-responsive (stuck in rebuilding forever) I wonder if this could be related to http://lists.wald.intevation.org/pipermail/openvas-discuss/2015-August/008317.html Could the same fix apply ? Thank you ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Openvasmd hangs after some time
Hi, I'm trying to understand why my openvas-manager, working fine during several hours suddenly stop answering requests. Yesterday I ran a scan on a large network (/23); everything went fine during a couple of hours, scan was progressing normally, etc... then suddenly I couldn't login to GSA anymore. Looking at the console, I found that openvasmd was stuck updating it's database: root@kali-gis-eur:~# ps -ef | grep openvas root 12758 12746 0 15:57 pts/000:00:00 grep openvas root 16223 1 0 Jun09 ?00:00:15 openvasmd root 16224 1 0 Jun09 ?00:05:05 openvassd: Waiting for incoming connections root 21099 16223 0 07:35 ?00:00:00 openvasmd: Reloading root 21429 21099 98 07:40 ?08:08:12 openvasmd: Rebuilding It's already the 2nd time it's happening in a week. Any reason why this could happen ? I'm using openvas 6.0.5 with redis.conf file shipped with it. Thanks for your help ! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Merge two Openvas database from two different installation
Hello everyone, I am looking at merging two OpenVAS databases into one. Both databases are installed currently in two different openVAS servers, and I would like to have a global database to that everything is available to GSA in one administration interface. There may be duplicates in the databases, but it's ok, I can do the manual cleanup later. I tried to merge both sqlite DB using the following method: sqlite3 database1 .dump >fileall.sql sqlite3 database2 .dump >>fileall.sql sqlite3 database3 https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvasmd regular tasks.db corruption issue
On Wed, 2016-05-25 at 16:12 +0200, Michael Meyer wrote: > *** tatooin wrote: > > > Thanks for your reply. I use the default redis configuration file > > shipped with Kali Rolling. In my redis.conf file, all lines beginning > > with "save" are NOT commented out: > > > > save 900 1 > > save 300 10 > > save 60 1 > > Stop redis, comment them out and delete the dump.rdb. Start redis. > Restart the scanner. Does it help? > > root@kali-gis-eur:/var/lib/openvas/mgr# sqlite3 tasks.db "PRAGMA > > integrity_check;" > > ok > > Ok...so probably not an tasks.db corruption issue... > > Micha > Michael, You just found the root cause ! Doing what you said on redis fixed the problem. Now I can start my tasks again and create new targets / tasks ! Thank you VERY VERY VERY much ! as I was definitely desperate with this. Side questions; I have kept my older tasks.db from my first Openvas installation right after the first redis corruption. I have important data in it, so I would like to know if it's possible to merge my current openvas database with my previous one, and if yes, how ? Thank you again ! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvasmd regular tasks.db corruption issue
On Wed, 2016-05-25 at 12:27 +0200, Michael Meyer wrote:
> *** tatooin wrote:
>
> > When this happens, openvas continue to work correclty except that I
> > cannot run any tasks. I can still create / delete tasks and targets, but
> > I cannot run any scans.
>
> Could be a redis issue. Did you use the example_redis_2_{4,6}.conf
> shipped with openvas
> (https://svn.wald.intevation.org/svn/openvas/trunk/openvas-scanner/doc/)?
>
> Especially do you have all lines beginning with "save" commented out?
>
> If it's not a redis issue. Could you please run "sqlite3 tasks.db "PRAGMA
> integrity_check;" next time it happens?
>
> Micha
>
Hello Mikael,
Thanks for your reply. I use the default redis configuration file
shipped with Kali Rolling. In my redis.conf file, all lines beginning
with "save" are NOT commented out:
save 900 1
save 300 10
save 60 1
I also ran the sqlite command:
root@kali-gis-eur:/var/lib/openvas/mgr# sqlite3 tasks.db "PRAGMA
integrity_check;"
ok
But I still cannot start any tasks; it continues to hang forever...
Thanks !
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvasmd regular tasks.db corruption issue
Thank you Tyler for the reply, but unfortunately this is workaround, not a solution suitable for production uses. If OpenVAS cannot run properly without corrupting it's database regularly -especially on a fresh new install system- then it means this application is really just in a beta testing version, which I find hard to believe considering it's history. My experience with this is just a disaster for now and without any fix or at least understanding of this problem, I will have to switch to another solution, most likely Nessus. Which is really bad because I like the GSA frontend, and the fact OpenVAS is open source. Again for such a critical problem (it can hit you any time as soon as you have a somehow active usage of it and permanentely corrupt your data), I don't understand how come the developers are not interested in looking at it. Best regards, - Mail original - De: "Tyler Sable" À: openvas-discuss@wald.intevation.org Envoyé: Mardi 24 Mai 2016 20:57:44 Objet: Re: [Openvas-discuss] openvasmd regular tasks.db corruption issue I don't have any knowledge or suggestions for preventing this corruption... but you could do daily database backups. Restoring from a night-old backup would be a lot less disruptive than losing all your data. Even something this easy could be helpful: echo ".dump" | sqlite3 tasks.db > tasks-backup.sql The corresponding restore would look like this mv tasks.db tasks.db.old sqlite3 tasks.db < tasks-backup.sql Obviously you should try a backup and restore before counting on it. Hope this helps! Date: Mon, 23 May 2016 22:38:28 +0200 From: tatooin To: openvas-discuss@wald.intevation.org Subject: [Openvas-discuss] openvasmd regular tasks.db corruption issue Message-ID: <1464035908.12620.10.camel@wisukind> Content-Type: text/plain; charset="UTF-8" Hello, I'm trying to open a new thread on this issue as apparently my previous question did not raised a lot of interest... I am using OpenVas since 6 months now, and I have regular database corruptions issue which happens right after adding serveral targets and tasks with omp. When this happens, openvas continue to work correclty except that I cannot run any tasks. I can still create / delete tasks and targets, but I cannot run any scans. openvasmd --rebuild / --update will hang forever. No informations in OpenVAS logfiles. If I run an omp command to start a task, like : omp -v -h 127.0.0.1 --details -u admin -w admin -S 7e75c909-f376-41f6-abb0-b14cee30ca9e WARNING: Verbose mode may reveal passwords! Will try to connect to host 127.0.0.1, port 9390... It just hangs forever... This is the second time this is happening in 3 months. Last time I couldn't find any fix to this problem and I had to delete the database completely and create a new one, meaning I lost all my data. This problem is clearly critical from my point of view, so I'm a bit surprised nobody is reacting. I saw a lot of articles regarding gnutls issues which may create this problem, but it's clearly not my situation since the box has not been updated recently. Really I'm stuck here, so I would really appreciate some help at least to understand where the problem comes from. I am not the only one to face this problem, and so far I saw no resolution to this which means there is a severe bug somewhere. Thanks for your comments, if any. Best, ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] openvasmd regular tasks.db corruption issue
Hello, I'm trying to open a new thread on this issue as apparently my previous question did not raised a lot of interest... I am using OpenVas since 6 months now, and I have regular database corruptions issue which happens right after adding serveral targets and tasks with omp. When this happens, openvas continue to work correclty except that I cannot run any tasks. I can still create / delete tasks and targets, but I cannot run any scans. openvasmd --rebuild / --update will hang forever. No informations in OpenVAS logfiles. If I run an omp command to start a task, like : omp -v -h 127.0.0.1 --details -u admin -w admin -S 7e75c909-f376-41f6-abb0-b14cee30ca9e WARNING: Verbose mode may reveal passwords! Will try to connect to host 127.0.0.1, port 9390... It just hangs forever... This is the second time this is happening in 3 months. Last time I couldn't find any fix to this problem and I had to delete the database completely and create a new one, meaning I lost all my data. This problem is clearly critical from my point of view, so I'm a bit surprised nobody is reacting. I saw a lot of articles regarding gnutls issues which may create this problem, but it's clearly not my situation since the box has not been updated recently. Really I'm stuck here, so I would really appreciate some help at least to understand where the problem comes from. I am not the only one to face this problem, and so far I saw no resolution to this which means there is a severe bug somewhere. Thanks for your comments, if any. Best, ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] openvasmd --rebuild takes forever
Hello, I have a task which for some reason refuse to start... (GAS loads forever but nothing happens...) I'm trying to rebuild my openvasmd database in case something is corrupted, but the command openvasmd -v --rebuild takes forever and nothing happens. No load on the system, and obviously no logs at all in any of /var/log/openvas logfiles... Stracing the processes just show: root@kali-gis-eur:/var/log/openvas# ps -ef | grep openvasmd <..snip...> root 5057 4124 0 16:28 pts/000:00:00 openvasmd: Reloading root 5058 5057 0 16:28 pts/000:00:01 openvasmd: Rebuilding root@kali-gis-eur:/var/log/openvas# strace -p 5057 Process 5057 attached waitpid(5058, root@kali-gis-eur:/var/log/openvas# strace -p 5058 Process 5058 attached recv(7, And nothing else... Is there anything else I can do to understand what's going on ? Thanks ! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Fwd: openvasmd <-> openvassd communication problem
I'm attaching the logfile of openvas-check-setup, in case it helps. Thank you ! - Mail transféré - De: tato...@free.fr À: openvas-discuss@wald.intevation.org Envoyé: Lundi 9 Mai 2016 12:19:01 Objet: [Openvas-discuss] openvasmd <-> openvassd communication problem Hello, During the pas few weeks my Openvas installation on kali was working fine. Managing my scans with GSA were ok. Last friday I added with omp various targets and tasks to prepare the next campaign for this week, then headed over the week end without doing anything else. Now I try to start a task with GSA, but nothing happens. GSA hangs in a connecting state with openvas manager. There is no logs in either openvassd / openvasmd logfiles. Openvas-checkeup reports no prolem but only: Step 8: Checking nmap installation ... WARNING: Your version of nmap is not fully supported: 7.12 SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs. Both openvasmd and openvassd are running, but still; nothing happens: root@kali-gis:/var/log/openvas# ps -efl | grep openvas 5 S root 22201 1 13 80 0 - 8254 hrtime 11:55 ?00:02:18 openvassd: Reloaded all the NVTs. 1 S root 22212 1 0 80 0 - 33866 poll_s 11:56 pts/300:00:01 openvasmd 1 S root 28818 22212 0 80 0 - 33885 sk_wai 12:02 pts/300:00:00 openvasmd root@kali-gis:/var/log/openvas# netstat -tpan | grep openvas tcp0 0 127.0.0.1:9390 0.0.0.0:* LISTEN 22212/openvasmd tcp1 0 127.0.0.1:9391 0.0.0.0:* LISTEN 22201/openvassd: Re tcp0 0 127.0.0.1:38144 127.0.0.1:9391 ESTABLISHED 28818/openvasmd tcp0 0 127.0.0.1:9390 127.0.0.1:45248 ESTABLISHED 28818/openvasmd I suspect a communication problem between openvasmd and openvassd because the GSA interface works fine otherwise. I am using the latest version of Kali Linux with the last packages updates. Is there anything I can do to find out the root cause of this issue, as I'm completely blocked at this point. Best, ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss openvas-check-setup 2.3.3 Mode: desktop Date: Mon, 09 May 2016 16:28:09 +0200 Checking for old OpenVAS Scanner <= 2.0 ... /usr/bin/openvas-check-setup: 177: /usr/bin/openvas-check-setup: openvasd: not found Checking presence of OpenVAS Scanner ... OpenVAS Scanner 5.0.4 Most new code since 2005: (C) 2015 Greenbone Networks GmbH Nessus origin: (C) 2004 Renaud Deraison License GPLv2: GNU GPL version 2 This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Checking OpenVAS Scanner version ... OK: OpenVAS Scanner is present in version 5.0.4. plugins_folder = /var/lib/openvas/plugins cache_folder = /var/cache/openvas include_folders = /var/lib/openvas/plugins max_hosts = 30 max_checks = 10 be_nice = no logfile = /var/log/openvas/openvassd.log log_whole_attack = no log_plugins_name_at_load = no dumpfile = /var/log/openvas/openvassd.dump.log cgi_path = /cgi-bin:/scripts optimize_test = yes checks_read_timeout = 5 network_scan = no non_simult_ports = 139, 445 plugins_timeout = 320 safe_checks = yes auto_enable_dependencies = yes use_mac_addr = no nasl_no_signature_check = no drop_privileges = no unscanned_closed = yes unscanned_closed_udp = yes vhosts = vhosts_ip = report_host_details = yes cert_file = /var/lib/openvas/CA/servercert.pem key_file = /var/lib/openvas/private/CA/serverkey.pem ca_file = /var/lib/openvas/CA/cacert.pem kb_location = /var/lib/redis/redis.sock config_file = /etc/openvas/openvassd.conf Checking OpenVAS Scanner CA cert ... OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem. Checking OpenVAS Manager server certificate ... OK: OpenVAS Scanner server certificate is valid and present as /var/lib/openvas/CA/servercert.pem. Checking presence of redis ... OK: redis-server is present in version v=3.0.6. Checking if redis-server is configured properly to run with openVAS ... OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/lib/redis/redis.sock Checking if redis-server is running ... OK: redis-server is running and listening on socket: /var/lib/redis/redis.sock. OK: redis-server configuration is OK and redis-server is running. Checking NVT collection ... OK: NVT collection in /var/lib/openvas/plugins contains 47056 NVTs. Checking status of signature checking in OpenVAS Scanner ... OK: Signature checking of NVTs is enabled in OpenVAS Scanner. OK: The NVT cache in /var/cache/openvas contains 47064 files for 47056 NVTs. Checking presence of OpenVAS Manager ... OpenVAS M
[Openvas-discuss] openvasmd <-> openvassd communication problem
Hello, During the pas few weeks my Openvas installation on kali was working fine. Managing my scans with GSA were ok. Last friday I added with omp various targets and tasks to prepare the next campaign for this week, then headed over the week end without doing anything else. Now I try to start a task with GSA, but nothing happens. GSA hangs in a connecting state with openvas manager. There is no logs in either openvassd / openvasmd logfiles. Openvas-checkeup reports no prolem but only: Step 8: Checking nmap installation ... WARNING: Your version of nmap is not fully supported: 7.12 SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs. Both openvasmd and openvassd are running, but still; nothing happens: root@kali-gis:/var/log/openvas# ps -efl | grep openvas 5 S root 22201 1 13 80 0 - 8254 hrtime 11:55 ?00:02:18 openvassd: Reloaded all the NVTs. 1 S root 22212 1 0 80 0 - 33866 poll_s 11:56 pts/300:00:01 openvasmd 1 S root 28818 22212 0 80 0 - 33885 sk_wai 12:02 pts/300:00:00 openvasmd root@kali-gis:/var/log/openvas# netstat -tpan | grep openvas tcp0 0 127.0.0.1:9390 0.0.0.0:* LISTEN 22212/openvasmd tcp1 0 127.0.0.1:9391 0.0.0.0:* LISTEN 22201/openvassd: Re tcp0 0 127.0.0.1:38144 127.0.0.1:9391 ESTABLISHED 28818/openvasmd tcp0 0 127.0.0.1:9390 127.0.0.1:45248 ESTABLISHED 28818/openvasmd I suspect a communication problem between openvasmd and openvassd because the GSA interface works fine otherwise. I am using the latest version of Kali Linux with the last packages updates. Is there anything I can do to find out the root cause of this issue, as I'm completely blocked at this point. Best, ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] tasks creation with OMP question
OK Thanks, So I did this: omp -h 127.0.0.1 -u admin -w my_password --xml=' Site Name Site VLAN max_checks 6 max_hosts 25 ' Now the command works, but the values are not changed accordingly. It's still the default value (10 and 30 in my case). I am confused by the being a "Compact name of preference, from scanner." Any clarification there would be nice. Thanks ! - Mail original - De: "mattm" À: tato...@free.fr Cc: "Eero Volotinen" , openvas-discuss@wald.intevation.org Envoyé: Mercredi 27 Avril 2016 18:48:19 Objet: Re: [Openvas-discuss] tasks creation with OMP question > I alrady did, otherwise I wouldn't seek the mailing list for help... > I looked at http://www.openvas.org/omp-6-0.html#command_create_task but I > still don't understand how I am suppose to achieve this. There's no NAME in PREFERENCES/PREFERENCE, just SCANNER_NAME. -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] tasks creation with OMP question
I alrady did, otherwise I wouldn't seek the mailing list for help... I looked at http://www.openvas.org/omp-6-0.html#command_create_task but I still don't understand how I am suppose to achieve this. Thanks - Mail original - De: "Eero Volotinen" À: tato...@free.fr Cc: openvas-discuss@wald.intevation.org Envoyé: Mercredi 27 Avril 2016 18:38:05 Objet: Re: [Openvas-discuss] tasks creation with OMP question Take look of protocol specs.. 27.4.2016 7.22 ip. < tato...@free.fr > kirjoitti: Thank you for your answer, but then how am I suppose to do this ? - Mail original - De: "Eero Volotinen" < eero.voloti...@iki.fi > À: tato...@free.fr Cc: openvas-discuss@wald.intevation.org Envoyé: Mercredi 27 Avril 2016 18:17:35 Objet: Re: [Openvas-discuss] tasks creation with OMP question Your are using non existent elemwnt 27.4.2016 7.13 ip. < tato...@free.fr > kirjoitti: Hello ! I am currently setting up an openvas dedicated machine to scan some of my company's lab networks. Since the number of networks are quiet significant I am using OMP to create tasks to openvas-manager. However, I have some problems creating the tasks I need. Currently, I create simple tasks with the following command: omp -h 127.0.0.1 -u admin -w my_password --xml=' Site Name Site VLAN ' This works fine. Now, I would like to tune this a little bit, like specifying the number of concurrent scans and number of simultaneous NVTs, so I do the following: omp -h 127.0.0.1 -u admin -w my_password --xml=' Site Name Site VLAN Maximum concurrently executed NVTs per host max_checks 4 Maximum concurrently scanned hosts max_hosts 20 ' The command fails with the following error: What exactly am I doing wrong here ? thanks a lot !! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] tasks creation with OMP question
Thank you for your answer, but then how am I suppose to do this ? - Mail original - De: "Eero Volotinen" À: tato...@free.fr Cc: openvas-discuss@wald.intevation.org Envoyé: Mercredi 27 Avril 2016 18:17:35 Objet: Re: [Openvas-discuss] tasks creation with OMP question Your are using non existent elemwnt 27.4.2016 7.13 ip. < tato...@free.fr > kirjoitti: Hello ! I am currently setting up an openvas dedicated machine to scan some of my company's lab networks. Since the number of networks are quiet significant I am using OMP to create tasks to openvas-manager. However, I have some problems creating the tasks I need. Currently, I create simple tasks with the following command: omp -h 127.0.0.1 -u admin -w my_password --xml=' Site Name Site VLAN ' This works fine. Now, I would like to tune this a little bit, like specifying the number of concurrent scans and number of simultaneous NVTs, so I do the following: omp -h 127.0.0.1 -u admin -w my_password --xml=' Site Name Site VLAN Maximum concurrently executed NVTs per host max_checks 4 Maximum concurrently scanned hosts max_hosts 20 ' The command fails with the following error: What exactly am I doing wrong here ? thanks a lot !! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] tasks creation with OMP question
Hello ! I am currently setting up an openvas dedicated machine to scan some of my company's lab networks. Since the number of networks are quiet significant I am using OMP to create tasks to openvas-manager. However, I have some problems creating the tasks I need. Currently, I create simple tasks with the following command: omp -h 127.0.0.1 -u admin -w my_password --xml=' Site Name Site VLAN ' This works fine. Now, I would like to tune this a little bit, like specifying the number of concurrent scans and number of simultaneous NVTs, so I do the following: omp -h 127.0.0.1 -u admin -w my_password --xml=' Site Name Site VLAN Maximum concurrently executed NVTs per host max_checks 4 Maximum concurrently scanned hosts max_hosts 20 ' The command fails with the following error: What exactly am I doing wrong here ? thanks a lot !! ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
