Atomicorp

Ubuntu 16 and Kali linux packages are now also available in the atomic repo. These are still really early stage, so there are some rough edges to work out yet.

Please give them a shot, and let us know how they're working out!

Are you in a position to try our testing builds?

yum --enablerepo=asl-4.0-testing upgrade ossec-hids

That gvm-tools package is planned for a newer release, on el7 it gets complicated because of the python 3 dependencies. Its disabled in the EL7 (centos/rhel) repos and active in the Fedora ones. The update on your platform is: openvas-9.0.0-2796 All this is fixable on EL7, we just need to get some o...

Looks like libssh is out of date? This is what I have on mine:

[root@localhost ~]# rpm -q libssh
libssh-0.7.1-3.el7.x86_64

Yeah so I normally generate everything from one system (the one running manager) and then copy the certs from there to openvas scanner nodes. It saves a lot of time sorting out the CA's that way

So the SCAP and CERT data come from different sources than the NVTs. If you look at the scripts greenbone-certdata-sync and greenbone-scapdata-sync it has the URLs its using to download the data from cert & mitre. The 2nd step here is that you need to reload openvas-scanner after an update, and ...

Well you can add notes to it now in the false positive "reason" and other areas as I recall. Those definitely end up in the reports (pdf, html, etc)

That is the sqlite file, the postgres db would be under /var/lib/postgres/

Yeah I believe it can, we'd already started planning out the email part of this in the docker container:

https://hub.docker.com/r/atomicorp/openvas/

the first leg was fixing pdf support for centos/rhel 7 which we just finished. (Note: pdf was working in fedora 24+ already)

Could be an epoch tag that slipped in on an older version. I seem to recall that happened when some branch packages were published for a day or so to the repo.

Sure, make sure you're using the 1.13.5 version of the nginx-module-geoip package from the atomic repo:

nginx-module-geoip.x86_64 0:1.13.5-2195.el6.art

This is a good place to start, but the TL;DR: You need to allow remote registry access

http://docs.greenbone.net/GSM-Manual/go ... th-windows

This release implements the libmodsecurity v3 WAF as a DSO (Dynamic Shared Object) in the popular Nginx web server. Unlike previous iterations that required a full recompile of nginx, this iteration allows an external module to be added through a simple config file change. Please note that libmodsec...

This is a problem with Plesk, not our modsecurity ruleset. If you look at the error you'll see plesk is trying to update itself. This error means you couldnt connect to autoinstall.plesk.com and they dont have any other mirrors: http://autoinstall.plesk.com/PSA_17.5.3 ... repomd.xml: [Errno 12] Time...

Yeah, the bulk of the packaging work over the last few months has been on OSSEC with the debian/ubuntu/windows channels (now complete). This week we wrapped up on the nginx 1.13.x packaging with libmodsecurity v3, that one should dovetail with PHP Panda pretty well as a total apache replacement.