store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Fri Oct 31, 2014 3:38 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 82 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6  Next
Author Message
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon May 16, 2011 12:36 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon Oct 29, 2007 6:51 pm
Posts: 645
Maybe i missed it, but is there a quick quide on how to use this using the CLI intead of a GUI ?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Thu May 19, 2011 9:56 am 
Offline
Forum User
Forum User

Joined: Thu Nov 12, 2009 9:01 am
Posts: 42
if I get it correctly the client is now the openvas manager? it can give commands to openvas-server and GSA is the web based interface for that.

Question for Scott: if I am correct I can not do the following: change the scanning configuration or do SSL weak cipher checking because of a bug in NMAP ?
Do you know if there is any idea when this will be fixed?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Thu May 19, 2011 1:06 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7946
Location: earth
Quote:
if I get it correctly the client is now the openvas manager? it can give commands to openvas-server and GSA is the web based interface for that.


openvas-client was replaced by GSA (web client) and GSD (desktop client). Manager is middleware to handle communications between everything. It acts as both a queue, and a distributed management layer. If you remember nessus and older openvas scans would die if the client detached from the server. This solves that among other problems

Quote:
Question for Scott: if I am correct I can not do the following: change the scanning configuration or do SSL weak cipher checking because of a bug in NMAP ?
Do you know if there is any idea when this will be fixed?


Its not so much a bug in nmap as my overly-aggressive response to requests to update packages :P Someone pointed out the version of nmap in atomic was 4.x and 5.51 was out, so I just bumped it without testing other applications. It turns ut openvas 4 wasnt up to the new stuff in 5.51 and some of the SSL tests arent working the way they should. So yes, its been fixed in but I don't know when that will be released.


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon May 23, 2011 6:07 am 
Offline
Forum User
Forum User

Joined: Thu Nov 12, 2009 9:01 am
Posts: 42
Can I fix it by rpm -e nmap and exclude the nmap package from atomic and install the centos version?
I really need the SSL version/weak ciphers checking working so I can show that OpenVAS easily can compete with Nessus at my company.
Or is there an other way of fixing the SSL checking method?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon May 23, 2011 6:30 am 
Offline
Forum User
Forum User

Joined: Thu Nov 12, 2009 9:01 am
Posts: 42
I am tring oit now with the old centos nmap version..

Another question: when I perform the sqlite command to check how many plugins are in the tasks.db file I get:

[root@vps500 mgr]# sqlite3 tasks.db "select count(*) from nvts;"
21265

When I check how many NVT's there are in /var/lib/openvas/plugins;

[root@vps500 plugins]# ls -l | wc -l
42157

How come it dont match? it the tasks.db file automatically updated with new NVT's?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon May 23, 2011 6:39 am 
Offline
Forum User
Forum User

Joined: Thu Nov 12, 2009 9:01 am
Posts: 42
Hmm also with the old CentOS nmap I get not SSL checking using the Full and Fast :(
Does anyone know how I can fix the SSL checking?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon May 23, 2011 9:26 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7946
Location: earth
each NVT also has a signature that goes along with it, thats why you'll see double the rules in there. I don't have anything to update on nmap yet, you might want to try the irc channel


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon May 23, 2011 10:41 am 
Offline
Forum User
Forum User

Joined: Thu Nov 12, 2009 9:01 am
Posts: 42
All is solved now :)
I fixed it by the kind help of the OpenVAS people via IRC, creating a new scan target through the interface and click twice sometimes fixed it for me :)


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon May 23, 2011 3:41 pm 
Offline
Forum User
Forum User

Joined: Thu Nov 12, 2009 9:01 am
Posts: 42
I have a small question about the plugin wapiti and w3af, both are installed from Atomic but fail to do actual scanning.
Wapiti gives me an error:


[root@vps500 ~]# wapiti
Traceback (most recent call last):
File "/usr/bin/wapiti", line 38, in ?
lan.configure()
File "/usr/lib/python2.4/site-packages/wapiti/language/language.py", line 53, in configure
lang = langCounty[:2] #en
TypeError: unsubscriptable object

And w3af does no actual scanning..how can I solve this so I can do more XSS/SQL injection scanning?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon May 23, 2011 8:07 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7946
Location: earth
yup, it needs the newer python suite which I'm not done with on el5 yet.


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Sun Jun 05, 2011 6:23 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon Oct 29, 2007 6:51 pm
Posts: 645
trying to compile GSD is annoying on how it needs so much stuff that then has to be compiled, and each of those need things - is there anywhere you know of where its already done and compiled into an RPM or something?


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Sun Jun 05, 2011 8:29 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7946
Location: earth
for Fedora 13 and up yes, its in atomic now. For EL5 its not possible, they based all the internals on newer versions of cairo and gtk.


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon Jun 06, 2011 12:57 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon Oct 29, 2007 6:51 pm
Posts: 645
The first 2 things were that the openvas-libraries that are in atomic do not contain all the files that GSD needs - so it needs to be compiled from source, which then require a ton of other things to be installed - some of which needed to be source compiled as well - if I remember right one of them was gnutils v2 or greater which the 1.x branch is in the main distro chanel.


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Mon Jun 06, 2011 2:43 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7946
Location: earth
GSD on Fedora 13 and above certainly dont need that, I use those now. And like I said before, you will never be able to get it to work on EL5 without major changes. Enough that it would be faster to just use EL6 (which it does work on)


Top
 Profile  
 
 Post subject: Re: [atomic] Openvas 4.x Updates
Unread postPosted: Sun Jul 03, 2011 3:24 am 
Offline
New Forum User
New Forum User

Joined: Sun Jul 03, 2011 3:14 am
Posts: 1
Location: United Kingdom
Hi,
There is an issue with PDF generation when installing the OpenVAS/GSD packages from the atomic archive on CentOS 5.x. There is a simple workaround which will fix this.

http://jimhalfpenny.blogspot.com/2011/0 ... urity.html

Regards,
Jim


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 82 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6  Next

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group