So since this is OpenVAS...

[k0d3k]

I do not need to use my Nessus Professional feed key to register this,
correct? It will update on it's own, every morning according to your
previous post? Where can I go to view the version of the updates?
Can you force an update on your own or no?

[Scott]

You are correct, you don't need your Nessus key. I believe that I
removed that from the latest VM that I had uploaded. If you like, I
can post an update that also removes it.

The plugins sync at midnight. There is no option to force an update
but I could make that a feature if you like. Once the sync runs,
another script will update the dashboard screen showing the various
families of plugins that were synced. Clicking on this pie should
result in a page being displayed that shows all of the plugins along
with the option to view their details. I just checked my build here
and noticed that feature is not working. Let me put together an
update to fix that immediately.

-Scott

[kaba kaba]

Thank you for that! I will be checking in the next few days for the
update to fix that feature. It's awesome you fix things so quickly,
it's most appreciated!
I would assume the next update would be 10014?

[Scott]

It is there. update10014 is ready for download. If you click on the
pie chart on the dashboard or go to the Logs menu item on the left and
click the Latest Plugins, you will end up in the same place. I also
added functionality to the All Plugins tab as well. Both tabs start
by dividing plugins into categories and then you drill down into
families per category and then finally the list of plugins per
category per family. From there, you are not able to pull up the
details regarding a plugin. I didn't remove the license tab yet to
hide the Nessus key stuff....I figured that the plugins stuff would be
a more welcome change.

Glad to hear that you are using this clunky thing :)

Let me know what else breaks or causes you pain. I'm always happy to
improve it and make it more useful. I'm working on some reporting
features that I could try to put out as a feature update if you like?

-Scott

[k0d3k]

I would be more than happy to try out any type of reports you wish to
test out. I'm not even opposed to breaking my system, it's a vmware,
easy to fix :) What type of reports are you looking to create? Delta
type reports? Summary of security information type reports? Maybe
they could be exported to PDF or .DOC also when generating a report?
Or e-mailing a report when completed, like a weekly scheduled report
that would generate a summary of a weeks worth of high vulnerabilities
or what not.

I updated my system with Update 10014 but it says no plugins are
found. It says "No Plugins That Does Not Seem Right. Maybe you need
to SYNC "
How do I do that?

Again, I'm happy to test out all you need, feel free to go crazy :)

[Scott]

Excellent! Let me start by creating an update plugins button for
you. I also have some basic reports that can be kicked out just so
you don't have to view _everything_ in the web interface. I already
have them exporting via Excel and was working on PDF. They are mainly
some basic summary reports combined with the same type that the
NessusWX client could exporting

I already have some builtin graphing for simple trending that show
total number of findings and total number of computers found on
particular days. I will get to work for you immediately. For the
delta "stuff", I do have some differential scanning where you can do
one scan as a baseline and then run what I called a differential scan
against that original scan. This allows you to go against the
original scan, mark false positives and other findings that you want
ignored for whatever reason. When you run the differential scan based
upon that one, all findings that were marked as ignore or false
positive are automatically hidden in the results of the differential
scan. The reporting then allows you to export results while filtering
out those ignored and false positive results as well.

I get cracking for you. Tell me your other hopes, features, gripes,
needs, and wants in the software. I will build it in as soon as
humanly possible for you and anyone else that decides to use it.

-Scott

[Scott]

oh yeah. The plugins "should" be running on their own nightly around
midngiht through I think 2am. For now, if you want to update them on
the fly login to the appliance using ssh and run:

/usr/local/sbin/openvas-nvt-sync

Once that finally completes, then "su shellie -" and run:

/usr/home/shellie/cmds/grabplugins.php

The NVT Sync will sync all of the OpenVAS plugins. My grabplugins
script will snag the newest plugins and load those into the dashboard
and the latest plugins tab for you. Of course, if you haven't synced
yet, then all plugins and latest plugins will look about the same to
you.

-Scott

[k0d3k]

This is awesome. I'm glad to help in any way you need. I realized
why my plugins weren't showing that they were updated after you made
the 10014 fix. I have to get a firewall change made to allow RSYNC
outbound. No big issue there but will have that up and running.

Some ideas I have are user restrictions based on IP scope.
User A Scans Subnet A
User B Scans Subnet B
User B cannot Scan Subnet A
User A cannot Scan Subnet B

Maybe some features to allow Ip addresses or ranges/subnets to be
entered. Then when creating scans, you pick your IP address?

Or when you start a scan, the page has a wait:timer to refresh to the /
Home screen instead of sitting on the Scan Submitted for Run?

That's all I can think of for now, but I'm sure we'll be discussing
this more soon :)

[Scott]

I didn't forget! School delayed my ability to get this out sooner.


I had the reporting awhile ago but then found some other bugs
preventing it from working correctly. I'm hoping to release
feature003, I think is the release number, before the weekend is
through. I tested it last night and all worked in the development
environment so I just need to test a deployment and make sure
everything works.

-Scott

[Scott]

feature10003 is out there for download.

-Scott