store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Tue Sep 30, 2014 9:49 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 82 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6  Next
Author Message
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon Apr 25, 2011 1:57 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon Oct 29, 2007 6:51 pm
Posts: 644
is openvas-nvt-sync-cron supposed to take a long time?
Its been running for about 20 minutes so far....

Is there also some instructions for CLI usage for scanning and emailing reports for those of us who don't use a GUI or dont want to use a web based manager?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon Apr 25, 2011 9:40 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7910
Location: earth
Yes, its grabbing all the NVT's from upstream. That can take a while, depending on how loaded the servers are.

I havent used omp myself (I use GSA), you'd have to check on the openvas website for more information on that.


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon Apr 25, 2011 10:07 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon Oct 29, 2007 6:51 pm
Posts: 644
well it was at 2 hours last I checked - its on a server with no cusotmers, no traffic and no load so I expected it to be quite a bit faster starting the scanner.....


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Tue Apr 26, 2011 8:26 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7910
Location: earth
Yeah but how many people are hitting the openvas update server right now?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Tue Apr 26, 2011 11:40 am 
Offline
Forum Regular
Forum Regular

Joined: Mon Oct 29, 2007 6:51 pm
Posts: 644
If i do it manually it takes for ever loading all the plugins

[edit]
I came back this morning and it had started, but I still do see this never working

Code:
# ./openvas-check-setup
openvas-check-setup 2.0.6
  Test completeness and readiness of OpenVAS-4

  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

  Use the parameter --server to skip checks for client tools
  like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ...
        OK: OpenVAS Scanner is present in version 3.2.3.
        OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
        OK: NVT collection in /var/lib/openvas/plugins contains 21019 NVTs.
Step 2: Checking OpenVAS Manager ...
        OK: OpenVAS Manager is present in version 2.0.3.
        OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
        ERROR: No OpenVAS Manager database found. (Tried: /var/lib/openvas/mgr/tasks.db)
        FIX: Run 'openvasmd --rebuild' while OpenVAS Scanner is running.

 ERROR: Your OpenVAS-4 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

# openvasmd --rebuild
Aborted
# service openvas-scanner status
openvassd (pid  813200) is running...

# service openvas-manager status
-l is stopped

# service openvas-manager start
Starting openvas-manager:
                                                           [  OK  ]

# service openvas-manager status
-l is stopped



So apparently it didnt like that it didnt create the db file, so I created an empty one and now that all is ok
Code:
# touch /var/lib/openvas/mgr/tasks.db
# openvasmd --backup
# openvasmd --rebuild
# service openvas-manager status
-l is stopped

# service openvas-manager start
Starting openvas-manager:
                                                           [  OK  ]

# service openvas-manager status
-l (pid  463527) is running...


Now the setup verification script is complaining about something else

Code:
# ./openvas-check-setup --server
openvas-check-setup 2.0.6
  Test completeness and readiness of OpenVAS-4

  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

Step 1: Checking OpenVAS Scanner ...
        OK: OpenVAS Scanner is present in version 3.2.3.
        OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
        OK: NVT collection in /var/lib/openvas/plugins contains 21019 NVTs.
Step 2: Checking OpenVAS Manager ...
        OK: OpenVAS Manager is present in version 2.0.3.
        OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
        OK: Access rights for the OpenVAS Manager database are correct.
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
        OK: OpenVAS Manager database is at revision 41.
        OK: OpenVAS Manager expects database at revision 41.
        OK: Database schema is up to date.
        OK: OpenVAS Manager database contains information about 21019 NVTs.
        OK: xsltproc found.
[b]Step 3: Checking OpenVAS Administrator ...
        ERROR: No OpenVAS Administrator (openvasad) found.
        FIX: Please install OpenVAS Administrator.[/b]

 ERROR: Your OpenVAS-4 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.



So it wanted me to install openvas-administrator which didnt auto install with the yum install openvas command previously.

and even though I did this from the start, it now wants me to create a user
Code:
Step 3: Checking OpenVAS Administrator ...
        OK: OpenVAS Administrator is present in version 1.1.1.
        OK: At least one user exists.
        ERROR: No admin user found. You need to create at least one admin user to log in.
        FIX: Create a user using 'openvasad -c 'add_user' -n <name> -r Admin'


# openvasad -c 'add_user' -n ovAdmin -r Admin
Enter password:
ad   main:MESSAGE:465416:2011-04-26 09h22.41 PDT: No rules file provided, the new user will have no restrictions.
ad   main:MESSAGE:465416:2011-04-26 09h22.41 PDT: User ovAdmin has been successfully created.



it also didnt start the openvas administrator, so I had to start that manually as well.
Now it seems to be "ok" except that it always complains that the GSA is not bound to anything other than the local interface, and says it fixes it, but it says this every time - how can I make that permanent?

Code:
Step 7: Checking if OpenVAS services are up and running ...
        OK: netstat found, extended checks of the OpenVAS services enabled.
        OK: OpenVAS Scanner is running and listening on all interfaces.
        OK: OpenVAS Scanner is listening on port 9391, which is the default port.
        OK: OpenVAS Manager is running and listening on all interfaces.
        OK: OpenVAS Manager is listening on port 9390, which is the default port.
        OK: OpenVAS Administrator is running and listening on all interfaces.
        OK: OpenVAS Administrator is listening on port 9393, which is the default port.
        [b]WARNING: Greenbone Security Assistant is running and listening only on the local interface. This means that you will not be able to access the Greenbone Security Assistant from the outside using a web browser.
        SUGGEST: Ensure that Greenbone Security Assistant listens on all interfaces.
        OK: Greenbone Security Assistant is listening on port 9392, which is the default port.[/b]
It seems like your OpenVAS-4 installation is OK.


Code:
# netstat -an | grep 939
tcp        0      0 0.0.0.0:9390                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9391                0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:9392              0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9393                0.0.0.0:*                   LISTEN


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Tue Apr 26, 2011 2:44 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7910
Location: earth
The setup check script still needs some work as you see. I'd report that to upstream, since its not even part of the distribution yet. They could definitely use the feedback.


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Tue Apr 26, 2011 4:23 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon Oct 29, 2007 6:51 pm
Posts: 644
how do I tell it to bind to the private IP on the box instead of 0.0.0.0/127.0.0.1 so I can access the gui from outside of the local machine?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Tue Apr 26, 2011 4:34 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7910
Location: earth
it uses the same sysconfig system as other daemons, so you can modify scanner/administrator/gsad/manager from there respective /etc/sysconfig/ files. 0.0.0.0 should be all interfaces though, are there firewall rules blocking it?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Fri Apr 29, 2011 4:17 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon Oct 29, 2007 6:51 pm
Posts: 644
I dont think so but its possible. It may be an upstream firewall - I'll check.

Is there a way to initiate a scan from the command line and send the results via email instead of using the web gui?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Fri Apr 29, 2011 4:25 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7910
Location: earth
I don't know about OMP, but you can create scheduled scans through GSA and create events (called "Escalators") around scans & scan targets. That event can be send an email, execute something, SNMP Trap, etc. So if you're trying to create a regularly scheduled test for your environment Id probably start with that.

Also you do not need to run GSA on the same system you scan from. Its basically just a client to openvas-manager. I run mine on my desktop, and then have it set to connect to remote scanners, which will let you view your reports while the scans are running, stop/start/pause, configure false positives & false negatives, etc.


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Wed May 04, 2011 6:58 pm 
Offline
Forum User
Forum User

Joined: Wed Aug 05, 2009 4:33 am
Posts: 54
Attn hostingguy or Scott

RE: can access the gui from outside of the local machine?

Did you ever get this working? I have installed Openvas on a Centos 5 64bit system and would also like to access it from outside, I have punched a hole in my firewall but nothing works using my server IP on port :9392 so just wondered if you ever got it going and could point me in the right direction as to what might need changing, everything my end so far is as per default installation.

Thanks.


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Wed May 04, 2011 7:00 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon Oct 29, 2007 6:51 pm
Posts: 644
I only spent another 5 minutes on this so far to confirm it wasnt a upstream firewall issue, but after that got sidetracked on other stuff and havent made it back to this yet unfortunately, so I dont think I will be much help in the short term.


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Thu May 05, 2011 8:35 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7910
Location: earth
I didnt have to do anything other than allow that port through the host firewall rules.


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Fri May 06, 2011 7:43 am 
Offline
Forum User
Forum User

Joined: Thu Nov 12, 2009 9:01 am
Posts: 42
Hi,

I am having a similair problem with OpenVAS 4.* and gasd.
When I run the '/usr/local/sbin/openvas-check-setup' script I get:

ERROR: The number of NVTs in the OpenVAS Manager database is too low.
FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT collection and run 'openvasmd --rebuild'.

ERROR: Your OpenVAS-4 installation is not yet complete!

I did the following to create the openvas-manager db:

touch /var/lib/openvas/mgr/tasks.db
openvasmd --backup
openvasmd --rebuild
service openvas-manager status
-l is stopped
service openvas-manager start
Starting openvas-manager:
[ OK ]
service openvas-manager status
-l is stopped

Then I check the database:
sqlite3 tasks.db "select count(*) from nvts;"
0

So it seems the NVT's are being uploaded in the database.
I can run the cron script fine and when I run openvas-nvt-sync --wget manually it gets all files.
user is created, new cert has been made.

Distro: CentOS 5.6 64 bit

What can be wrong with putting the NVT in the task.db file?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Fri May 06, 2011 3:47 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7910
Location: earth
Ok looks like that is a bug in openvas-manager, its not letting it create the tasks db. Go ahead and upgrade to 2.0.3-3, delete that tasks.db and try running rebuild again.

For new users, just skip all the above and use the documented method:
1. yum install openvas
2. openvas-nvt-sync-cron
3. openvas-adduser


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 82 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6  Next

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group