- [00:22:05]*HOWA308 (~howa308@cpe-76-167-68-53.san.res.rr.com) entered the channel
- [00:24:51]HOWA308Hi all.. Looking for some assistance in setting up OpenVAS on SuSE
- [00:24:58]HOWA308anyone available
- [02:29:40]*ramaro1 (~ramaro@bl19-250-238.dsl.telepac.pt) entered the channel
- [02:32:10]*bogart (~bogart@2001:1868:a004:b08:8533:fce9:c6d1:9e65) has quit (Remote host closed the connection)
- [02:32:41]*bogart (~bogart@2001:1868:a004:b08:8533:fce9:c6d1:9e65) entered the channel
- [03:19:38]*bogart (~bogart@2001:1868:a004:b08:8533:fce9:c6d1:9e65) has quit (Quit: Leaving...)
- [08:01:31]*mattm (~mattm@105-237-213-44.access.mtnbusiness.co.za) entered the channel
- [09:33:36]*karel-barel (~jirka@x.proofreason.com) entered the channel
- [09:48:30]*aheinecke (~quassel@62-46-184-204.adsl.highway.telekom.at) entered the channel
- [10:06:13]*ramaro1 (~ramaro@bl19-250-238.dsl.telepac.pt) has quit (Ping timeout: 480 seconds)
- [10:57:05]*ramaro (~ramaro@a95-95-107-36.cpe.netcabo.pt) entered the channel
- [11:06:30]*xelo (~dustin@2001:638:500:2502:3018:6ce:25ad:b8d4) entered the channel
- [14:47:02]*ingenius (~syntax@201.216.193.237) entered the channel
- [15:57:11]*karel-barel (~jirka@x.proofreason.com) has quit (Ping timeout: 480 seconds)
- [16:09:38]*mattm (~mattm@105-237-213-44.access.mtnbusiness.co.za) has quit (Quit: Leaving.)
- [16:14:13]*Old_Goat (~Old_Goat@143.166.197.6) entered the channel
- [16:17:03]Old_GoatHello, I have installed the latest version 7 on top of Centos 6.5 web version and it is running but when i run a scan there are no results. Anyone?
- [16:17:39]atomicturtleare you using selinux?
- [16:19:20]Old_Goatnot that i know of, new to linux. how woiuld i check? is that a component of Centos?
- [16:19:28]atomicturtlegetenforce
- [16:20:13]Old_Goatenforcing
- [16:20:23]atomicturtlethat'll do it
- [16:20:25]*br3nt (~brent@101.103.157.161) entered the channel
- [16:20:34]atomicturtleyou need to disable selinux
- [16:20:43]Old_Goatok
- [16:24:22]*xelo (~dustin@2001:638:500:2502:3018:6ce:25ad:b8d4) has quit (Quit: Leaving.)
- [16:28:33]Old_Goatco-worker just explained why this needs to be done. Thanks for the heads up on the config.
- [16:57:33]*ingenius (~syntax@201.216.193.237) has quit (Ping timeout: 480 seconds)
- [17:02:48]*ingenius (~syntax@201.216.193.237) entered the channel
- [17:17:04]*br3nt (~brent@101.103.157.161) has quit (Quit: br3nt)
- [17:43:48]*br3nt (~brent@101.103.157.161) entered the channel
- [17:55:28]*Old_Goat (~Old_Goat@143.166.197.6) has left the channel ()
- [17:55:55]*br3nt (~brent@101.103.157.161) has quit (Quit: br3nt)
- [19:05:09]HOWA308Morning all..
- [19:06:22]HOWA308Anyone here for question on OpenVAS
- [19:08:39]HOWA308Installed OpenVAS on RHEL 6.5
- [19:08:51]atomicturtleshoot
- [19:09:54]HOWA308Right now I'm ./openvas-check-setup and its checking out ok.. get a "it seems like your OpenVAS-7 installation is ok
- [19:10:09]HOWA308but when trying to connect to it "https://IP:9392" the page times out
- [19:10:38]atomicturtledid openvas-setup run OK?
- [19:10:49]HOWA308Looks like the services are running "openvas-manager" and "openvassd"
- [19:10:54]HOWA308Yes..
- [19:11:27]HOWA308Do you need to manually open that port?
- [19:11:37]HOWA308I'm pretty new on RHEL
- [19:12:00]atomicturtleyes youd have to manually adjust your firewall rules
- [19:12:31]HOWA308let me investigate that .. and I"ll post by my results gonna have to look that up on how to
- [19:12:32]HOWA308:)
- [19:13:17]HOWA308One more.. Right now I know IP tables are disabled. so need to enable and open port??
- [19:14:28]atomicturtleand when you're running setup it will prompt you if you want to allow external connections to gsas
- [19:14:31]atomicturtlegsad rather
- [19:14:42]HOWA308ok
- [19:19:54]HOWA308question.. "running setup" meaning this during the OpenVAS install
- [19:29:42]*sean2k1 (~sean2k@www.nowhere-else.org) entered the channel
- [19:29:53]sean2k1Hello
- [19:30:30]*aheinecke (~quassel@62-46-184-204.adsl.highway.telekom.at) has quit (Remote host closed the connection)
- [19:31:05]atomicturtleits openvas-setup
- [19:32:01]HOWA308I started iptables service and added "-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 9392 -j ACCEPT"
- [19:32:22]HOWA308But still no luck connecting w/ https://IPaddress:9392
- [19:33:03]HOWA308I had already run the openvas-setup using "yum install openvas openvas-setup"
- [19:33:24]*sean2k1 (~sean2k@www.nowhere-else.org) has quit (Remote host closed the connection)
- [19:58:17]HOWA308still no luck connecting to https://IPaddress:9392
- [19:58:31]HOWA308Here is the output from ./openvas-check-setup
- [19:58:37]HOWA308Step 1: Checking OpenVAS Scanner ...
- [19:58:37]HOWA308 OK: OpenVAS Scanner is present in version 4.0.3.
- [19:58:37]HOWA308 OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
- [19:58:39]HOWA308 OK: NVT collection in /var/lib/openvas/plugins contains 36244 NVTs.
- [19:58:41]HOWA308 WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
- [19:58:43]HOWA308 SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
- [19:58:45]HOWA308 OK: The NVT cache in /var/cache/openvas contains 36244 files for 36244 NVTs.
- [19:58:47]HOWA308Step 2: Checking OpenVAS Manager ...
- [19:58:49]HOWA308 OK: OpenVAS Manager is present in version 5.0.4.
- [19:58:51]HOWA308 OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
- [19:58:53]HOWA308 OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
- [19:58:55]HOWA308 OK: Access rights for the OpenVAS Manager database are correct.
- [19:58:57]HOWA308 OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
- [19:58:59]HOWA308 OK: OpenVAS Manager database is at revision 123.
- [19:59:01]HOWA308 OK: OpenVAS Manager expects database at revision 123.
- [19:59:03]HOWA308 OK: Database schema is up to date.
- [19:59:05]HOWA308 OK: OpenVAS Manager database contains information about 36244 NVTs.
- [19:59:07]HOWA308 OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
- [19:59:09]HOWA308 OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
- [19:59:11]HOWA308 OK: xsltproc found.
- [19:59:13]HOWA308Step 3: Checking user configuration ...
- [19:59:15]HOWA308 WARNING: Your password policy is empty.
- [19:59:17]HOWA308 SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy.
- [19:59:19]HOWA308Step 4: Checking Greenbone Security Assistant (GSA) ...
- [19:59:21]HOWA308 OK: Greenbone Security Assistant is present in version 5.0.3.
- [19:59:23]HOWA308Step 5: Checking OpenVAS CLI ...
- [19:59:25]HOWA308 OK: OpenVAS CLI version 1.3.0.
- [19:59:27]HOWA308Step 6: Checking Greenbone Security Desktop (GSD) ...
- [19:59:29]HOWA308 SKIP: Skipping check for Greenbone Security Desktop.
- [19:59:31]HOWA308Step 7: Checking if OpenVAS services are up and running ...
- [19:59:33]HOWA308 OK: netstat found, extended checks of the OpenVAS services enabled.
- [19:59:35]HOWA308 OK: OpenVAS Scanner is running and listening on all interfaces.
- [19:59:37]HOWA308 OK: OpenVAS Scanner is listening on port 9391, which is the default port.
- [19:59:46]HOWA308 OK: OpenVAS Manager is running and listening on all interfaces.
- [19:59:57]HOWA308 OK: OpenVAS Manager is listening on port 9390, which is the default port.
- [20:00:02]HOWA308 WARNING: Greenbone Security Assistant is running and listening only on the local interface.
- [20:00:04]HOWA308 This means that you will not be able to access the Greenbone Security Assistant from the
- [20:00:07]HOWA308 outside using a web browser.
- [20:00:17]HOWA308 SUGGEST: Ensure that Greenbone Security Assistant listens on all interfaces.
- [20:00:17]HOWA308 OK: Greenbone Security Assistant is listening on port 9392, which is the default port.
- [20:00:20]HOWA308Step 8: Checking nmap installation ...
- [20:00:25]HOWA308 WARNING: Your version of nmap is not fully supported: 6.47
- [20:00:25]HOWA308 SUGGEST: You should install nmap 5.51.
- [20:00:34]HOWA308Step 9: Checking presence of optional tools ...
- [20:00:35]HOWA308 OK: pdflatex found.
- [20:00:42]HOWA308 OK: PDF generation successful. The PDF report format is likely to work.
- [20:00:46]HOWA308 OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
- [20:00:48]HOWA308 OK: rpm found, LSC credential package generation for RPM based targets is likely to work.
- [20:00:49]HOWA308 WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work.
- [20:00:54]HOWA308 SUGGEST: Install alien.
- [20:00:58]HOWA308 OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
- [20:01:05]HOWA308 OK: SELinux is disabled.
- [22:58:09]HOWA308Attempted on a new server
- [22:58:44]HOWA308and started getting "no package openvas found"
- [22:58:46]HOWA308grr
- [22:59:12]HOWA308I'm attempting again on a 32-bit system instead of 64-bti based on research found on google
- [22:59:18]HOWA308keep anyone interested posted
- [23:07:21]atomicturtlewhat distro are you using
- [23:37:47]HOWA308during the "openvas-setup" i'm getting a parser error during the updating of CPE
- [23:38:11]HOWA308/usr/sbin/openvas-scapdata-sync: line 901: 14368 Killed xsltproc --stringparam refdate $CVE_REFDATE $SCAP_RES_DIR/cve_youngerthan.xsl $cvefile
- [23:38:12]HOWA308-:661978: parser error : Couldn't find end of Start Tag fact-re line 661978 <cpe-lang:fact-re
- [23:38:40]HOWA308OpenVas-6 packages
- [23:38:46]HOWA308for RedHat
- [23:41:03]HOWA308Update of CVEs failed at file '/var/lib/openvas/scap-data/nvdcve-2.0-2010.xml': xsltproc exited with code 137
- [23:49:31]*planet_bob (~bob@fa0-0.akl-grafton-vpn2.ihug.net) entered the channel
- [23:50:22]*ingenius (~syntax@201.216.193.237) has quit (Remote host closed the connection)
Last 30 days: