- [00:26:06]*flock3 (~flock3@cpc3-harg4-2-0-cust46.7-1.cable.virginm.net) has quit (Remote host closed the connection)
- [00:33:50]*ingenius (~syntax@181.31.74.27) entered the channel
- [00:46:22]*benguigui (~g@roa76-6-82-238-233-207.fbx.proxad.net) entered the channel
- [00:46:25]*bgg (~g@roa76-6-82-238-233-207.fbx.proxad.net) entered the channel
- [00:46:37]*bgg (~g@roa76-6-82-238-233-207.fbx.proxad.net) has quit ()
- [00:47:49]*voix (~voix@199.79.168.163) entered the channel
- [00:48:35]voix"openvas-setup" on the newest, most updated CentOS fails with "Updating NVTs....
- [00:48:35]voixopenvassd: symbol lookup error: /lib64/libopenvas_nasl.so.7: undefined symbol: ssh_get_serverbanner"
- [01:13:28]atomicturtle Hmm... what version of libssh do you have installed?
- [01:13:45]atomicturtlethere was some epoch tomfoolery going on
- [01:31:55]voixlet me check
- [01:34:24]voixoh i deleted the centos VM bc i thought id never get it to work
- [01:35:23]voixplease release some OS X binaries for openvas
- [01:53:47]*Aristocles (~Aristocle@203.166.90.14) has quit (Read error: Connection reset by peer)
- [01:57:55]*voix (~voix@199.79.168.163) has quit (Quit: Textual IRC Client: www.textualapp.com)
- [02:21:26]*benguigui (~g@roa76-6-82-238-233-207.fbx.proxad.net) has quit (Remote host closed the connection)
- [02:22:05]*Aristocles (~Aristocle@203.166.90.14) entered the channel
- [06:19:31]*planet_bob (~bob@fa0-0.akl-grafton-vpn2.ihug.net) has quit (Quit: <Azer> i'm actually in a NSA bunker.)
- [07:00:47]*TRotter (~Thomas@ip1f1224a8.dynamic.kabel-deutschland.de) entered the channel
- [07:04:30]*TRotter1 (~Thomas@193.108.181.237) entered the channel
- [07:08:48]*TRotter (~Thomas@ip1f1224a8.dynamic.kabel-deutschland.de) has quit (Ping timeout: 480 seconds)
- [08:01:26]*mattm (~mattm@105-237-225-100.access.mtnbusiness.co.za) entered the channel
- [08:24:32]*Aristocles (~Aristocle@203.166.90.14) has quit (Quit: Going.. going... gone)
- [08:29:57]*Aristocles (~Aristocle@203.166.90.14) entered the channel
- [09:23:21]*flock3 (~flock3@5751df21.skybroadband.com) entered the channel
- [09:38:00]*mve (~mve@static.ip-171-033-133-058.signet.nl) entered the channel
- [09:52:32]*aheinecke (~quassel@193-83-28-240.adsl.highway.telekom.at) entered the channel
- [10:14:27]*cakruege (~Carsten@55d42f9d.access.ecotel.net) entered the channel
- [10:14:33]cakruegehi
- [10:14:58]cakruegemay I ask a question about openvas 7 - VA?
- [10:16:14]cakruegeI'm testing openvas 7 - VA. after settings passwords for root/openvas/admin and one time changeing the IP-adresse (new dhcp-reservation) the gasd-process didn't start automatically. Any ideas why?
- [10:20:57]mimecakruege: so '/etc/init.d/greenbone-security-assistant start' doesn't work? What if you start the gsa with "gsad -f -v"?
- [10:21:08]mimeas root...
- [10:22:41]cakruege/etc/init.d/greenbone-security-assistant start works but doesn't start at boot
- [10:23:22]cakruegeit worked at installation but not since changeing passwords and ip
- [10:26:36]mimei'm not able to reproduce this here but maybe "insserv -f -v greenbone-security-assistant" will fix that...
- [10:29:03]cakruegedidn't work.
- [10:29:08]cakruegeafter reboot:
- [10:29:08]cakruegeroot@skm-ko-openvas01:~# /etc/init.d/greenbone-security-assistant start
- [10:29:09]cakruege[ ok ] Starting greenbone-security-assistant : gsad.
- [10:29:09]cakruegeroot@skm-ko-openvas01:~#
- [10:29:09]cakruege(process:2506): GLib-CRITICAL (recursed) **: g_string_erase: assertion `pos + le
- [10:29:16]mimeahh...
- [10:29:28]mimesecond...
- [10:30:17]mime/usr/local/etc/openvas/gsad_log.conf -> change all "level=128" to "level=0"
- [10:31:10]mimehttp://lists.wald.intevation.org/pipermail/openvas-discuss/2011-May/002923.html
- [10:32:59]cakruegethx
- [10:33:23]cakruegewould be a good idea to change the demo-VM :-)
- [10:34:22]cakruegeimporting the ova to Vsphere didn't work at the first place, because the ovf is broken (not standard conform). filed a bug ...
- [10:37:31]mimeYes, I have seen...
- [10:41:09]cakruegetarget: 10.60.0.0/19
- [10:41:15]cakruegemessage that I get
- [10:41:16]cakruegeOperation: Run Wizard
- [10:41:16]cakruegeStatus code: 400
- [10:41:16]cakruegeStatus message: Failed to find target ''
- [10:42:56]cakruege10.60.1.0/24 for example is working
- [10:43:45]*ramaro (~ramaro@a95-95-107-36.cpe.netcabo.pt) entered the channel
- [10:45:24]mimecakruege: See gsa -> help -> Targets -> "The netmask in CIDR notation is limited to 20 for IPv4 and 116 for IPv6 (4095 hosts)."
- [10:46:52]cakruegeok
- [10:47:01]cakruegeShould I file a bug for a better message?
- [10:47:28]mimeyes, why not..:)
- [10:49:26]cakruegedone
- [10:49:36]cakruegeI like openvas!
- [10:50:30]cakruegefound 71 10.0 scorer after first try
- [10:57:23]mimecakruege: if you see false positives, please let me know...
- [10:58:53]cakruegeat least 23 trojan horse false positives
- [10:59:13]cakruegea windows trojan on a linux system is not plausible
- [10:59:29]cakruegethe openport / trojan list should be correlated to OS
- [10:59:43]mveis that port 10000 ?
- [10:59:52]mve(which is often used by backup software)
- [11:02:26]cakruege1099/tcp
- [11:02:27]cakruege1112/tcp
- [11:02:27]cakruege1115/tcp
- [11:02:27]cakruege1155/tcp
- [11:02:27]cakruege2000/tcp
- [11:02:28]cakruege2002/tcp
- [11:02:28]cakruege2007/tcp
- [11:02:30]cakruege2011/tcp
- [11:02:30]cakruege2155/tcp
- [11:02:32]cakruege3000/tcp
- [11:02:32]cakruege3024/tcp
- [11:02:34]cakruege3333/tcp
- [11:02:34]cakruege5554/tcp
- [11:02:36]cakruege5556/tcp
- [11:02:36]cakruege7000/tcp
- [11:02:38]cakruege8000/tcp
- [11:02:38]cakruege10000/tcp
- [11:02:40]cakruege10001/tcp
- [11:02:40]cakruege10002/tcp
- [11:02:42]cakruege15000/tcp
- [11:03:48]cakruegeother strange thing: open tcp/o (discard) get's a score of 10. why maximum?
- [11:06:25]mimeyes, that's to much. I'll chnage this to log...
- [11:07:33]mimeohh...no. http://nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0636 says it has to be a score of 10
- [11:13:05]cakruegewhy?
- [11:13:55]andabatawhy would you have discard running anyhow ? never came across it in the wild
- [11:14:55]*mve1 (~mve@static.ip-171-033-133-058.signet.nl) entered the channel
- [11:16:25]mimecakruege: http://www.scip.ch/?vuldb.14400
- [11:20:58]*mve (~mve@static.ip-171-033-133-058.signet.nl) has quit (Read error: Operation timed out)
- [11:28:59]cakruegethx andabata
- [11:29:12]cakruegeit's an old external managed system ...
- [11:41:00]*ingenius (~syntax@181.31.74.27) has quit (Ping timeout: 480 seconds)
- [12:01:26]*mve1 (~mve@static.ip-171-033-133-058.signet.nl) has left the channel ()
- [12:02:05]*TRotter1 (~Thomas@193.108.181.237) has quit (Read error: Connection reset by peer)
- [12:04:20]*flock3 (~flock3@5751df21.skybroadband.com) has quit (Remote host closed the connection)
- [12:05:31]*flock3 (~flock3@5751df21.skybroadband.com) entered the channel
- [12:50:50]*hpprinter100 (~hpprinter@46.246.44.175) entered the channel
- [12:50:53]hpprinter100Hey
- [12:52:38]*Ltning (~Adium@134.90.150.202) entered the channel
- [13:11:37]*cakruege (~Carsten@55d42f9d.access.ecotel.net) has left the channel ()
- [13:39:41]*Ltning (~Adium@134.90.150.202) has quit (Quit: Leaving.)
- [14:13:17]atomicturtlecertainly not in the wild these days
- [14:14:34]atomicturtle10 years ago it was a default service in inetd
- [14:42:40]*flock3 (~flock3@5751df21.skybroadband.com) has quit (Remote host closed the connection)
- [14:47:05]*flock3 (~flock3@5751df21.skybroadband.com) entered the channel
- [14:47:51]hpprinter100where are the xml config files for default scans stored?
- [15:07:12]mattmhpprinter100: what files do you mean? on manager side most stuff is in the db.
- [15:08:05]hpprinter100daba56c8-73ec-11df-a475-002264764cea Full and fast
- [15:08:42]hpprinter100it things a host is down if it does not respond to a ping
- [15:08:54]hpprinter100so ideally want to edit it so that it does
- [15:09:07]hpprinter100i don't have the gsa installed, just doing stuff via cli
- [15:09:33]hpprinter100thinks*
- [15:11:49]mimehpprinter100: http://openvas.org/omp-5-0.html#command_create_target <- "<alive_tests>"
- [15:12:18]mimehttp://openvas.org/omp-5-0.html#type_alive_test
- [15:12:22]hpprinter100mime, thanks didnt see that :D
- [15:13:18]*jstephan (~jstephan@fw.office-transfer.igb.de.key-systems.net) has quit (Remote host closed the connection)
- [15:21:04]hpprinter100mime, cna you give an example? <create_target><name>Test</name><hosts>192.168.1.84</hosts><alive_tests>xsd:token{ICMP & TCP Service Ping}<alive_tests/></create_target> fails
- [15:21:12]hpprinter100Please can*
- [15:22:09]*benguigui (~g@roa76-6-82-238-233-207.fbx.proxad.net) entered the channel
- [15:25:06]mimenot sure, but looks like: <alive_tests>TCP-SYN Service Ping<alive_tests/> or <alive_tests>Consider Alive<alive_tests/>
- [15:26:01]hpprinter100mime, <omp_response status_text="Bogus element: alive_tests" status="400"></omp_response>
- [15:26:42]mimeomp version?
- [15:26:56]hpprinter100latest
- [15:31:43]hpprinter100mime, openvas-manager-5.0.4
- [15:32:41]*qwyeth (~qwyeth@c-71-203-98-132.hsd1.fl.comcast.net) has quit (Remote host closed the connection)
- [15:33:38]mimehpprinter100: "<create_target><name>Test</name><hosts>192.168.1.84</hosts><alive_tests>TCP-SYN Service Ping</alive_tests></create_target>"
- [15:34:45]hpprinter100ah space
- [15:35:07]hpprinter100thanks for the help mime, where did you find TCP-SYN from?
- [15:35:52]mimehttps://svn.wald.intevation.org/svn/openvas/trunk/gsa/src/gsad.c
- [17:29:27]*mattm (~mattm@105-237-225-100.access.mtnbusiness.co.za) has quit (Quit: Leaving.)
- [18:29:19]*flock3 (~flock3@5751df21.skybroadband.com) has quit (Remote host closed the connection)
- [19:06:25]*Ltning (~Adium@m2m-host-105-24.osl255.netcom.no) entered the channel
- [19:13:33]*benguigui (~g@roa76-6-82-238-233-207.fbx.proxad.net) has quit (Remote host closed the connection)
- [19:15:48]*ramaro (~ramaro@a95-95-107-36.cpe.netcabo.pt) has quit (Ping timeout: 480 seconds)
- [19:16:54]*aheinecke (~quassel@193-83-28-240.adsl.highway.telekom.at) has quit (Remote host closed the connection)
- [19:27:48]*Ltning (~Adium@m2m-host-105-24.osl255.netcom.no) has quit (Quit: Leaving.)
- [20:29:11]*Old_Goat (~Old_Goat@143.166.197.6) entered the channel
- [20:30:41]Old_GoatAnother wierd one, the greenbone assistant says there are 3 reports available but none show up in the list.
- [21:31:18]*ingenius (~syntax@201.216.193.237) entered the channel
- [21:56:31]*flock3 (~flock3@cpc3-harg4-2-0-cust46.7-1.cable.virginm.net) entered the channel
- [22:24:56]*Old_Goat (~Old_Goat@143.166.197.6) has left the channel ()
- [22:25:43]*flock3 (~flock3@cpc3-harg4-2-0-cust46.7-1.cable.virginm.net) has quit (Remote host closed the connection)
- [23:10:25]*flock3 (~flock3@cpc3-harg4-2-0-cust46.7-1.cable.virginm.net) entered the channel
- [23:14:24]*flock3 (~flock3@cpc3-harg4-2-0-cust46.7-1.cable.virginm.net) has quit (Remote host closed the connection)
- [23:31:42]*ramaro (~ramaro@2.80.238.21) entered the channel
Last 30 days: