[atomic] Openvas 4.x Updates

Atomic repository announcements, new release notifications and other news regarding the atomic yum repository.
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

[atomic] Openvas 4.x Updates

Unread post by scott »

This is the latest in the Openvas series of updates, the goal is to get the installation of OpenVAS down to a few basic steps starting with Fedora 14, and then backport that process to CentOS/RHEL. As it stands right now that is for the most part complete on Fedora 14, and 85% of the way on CentOS/RHEL.


Changelog:

* openvas-libraries 4.0.2
* openvas-scanner 3.2.2
* openvas-manager 2.0.1
* openvas-administrator 1.1.1
* openvas-cli 1.1.1
* GSD (Desktop Client) 1.1.0
* GSAD (Web Client) 2.0.0


Installation:

1) wget -q -O - http://www.atomicorp.com/installers/atomic |sh

2) yum install openvas

3) openvas-nvt-sync-cron

4) openvas-adduser

5) Log in! https://127.0.0.1:9392
organicspider
Forum User
Forum User
Posts: 16
Joined: Fri Feb 18, 2011 11:33 am
Location: uk

Re: [atomic] Openvas 4.x Updates

Unread post by organicspider »

Attempted to install and GSAD does not start. On checking in gsad.log I see

Code: Select all

gsad main:CRITICAL:2011-03-23 16h37.28 utc :30903: main: MHD_start_daemon failed!
and port 9392 is never bound to. The only other message I see was

Code: Select all

Starting greenbone-security-assistant: MHD HTTPS option 8 passed to MHD compiled without HTTPS support
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: [atomic] Openvas 4.x Updates

Unread post by scott »

What distro and architecture is that on?
organicspider
Forum User
Forum User
Posts: 16
Joined: Fri Feb 18, 2011 11:33 am
Location: uk

Re: [atomic] Openvas 4.x Updates

Unread post by organicspider »

Code: Select all

[root@gateway openvas]# cat /etc/redhat-release 
CentOS release 5.5 (Final)

[root@gateway openvas]# uname -r -v -m -p -i
2.6.18-194.3.1.el5 #1 SMP Thu May 13 13:09:10 EDT 2010 i686 i686 i386
organicspider
Forum User
Forum User
Posts: 16
Joined: Fri Feb 18, 2011 11:33 am
Location: uk

Re: [atomic] Openvas 4.x Updates

Unread post by organicspider »

Any thoughts Scott ?
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: [atomic] Openvas 4.x Updates

Unread post by scott »

Not yet, I havent been able to reproduce what you're seeing.

I did run across an sqlite incompatibility with openvas-manager, and a missing xslt dependency for gsad (just updated).
organicspider
Forum User
Forum User
Posts: 16
Joined: Fri Feb 18, 2011 11:33 am
Location: uk

Re: [atomic] Openvas 4.x Updates

Unread post by organicspider »

Scott, would you be able to post a list of the pertinent RPMs you have installed ? I can then check them against my system and see if there is a difference.
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: [atomic] Openvas 4.x Updates

Unread post by scott »

They're all wrapped up into one meta-package, called "openvas". yum install openvas should get everything for you. If you'd already done that then "yum upgrade" should get you the the updated gsad & openvas-manager packages.

I dont want to get into package by package instructions since that will get very unmaintainable very fast. It would also be completely different across distros and probably even architectures. Let yum do the work here :P
organicspider
Forum User
Forum User
Posts: 16
Joined: Fri Feb 18, 2011 11:33 am
Location: uk

Re: [atomic] Openvas 4.x Updates

Unread post by organicspider »

Ran yum update and greenbone-security-assistant and openvas-manager were updated. Still not dice on starting GSAD though :(
paulv_ap
New Forum User
New Forum User
Posts: 3
Joined: Fri Apr 22, 2011 12:19 pm
Location: United States

Re: [atomic] Openvas 4.x Updates

Unread post by paulv_ap »

I am on the following machine:

Code: Select all

[root@app3 ~]# uname -a
Linux app3.angelpoints.com 2.6.9-67.0.22.ELsmp #1 SMP Fri Jul 11 10:37:57 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux
Here is my installation:

Code: Select all

[root@app3 ~]# wget -q -O - http://www.atomicorp.com/installers/atomic |sh

Atomic Archive installer, version 1.4

BY INSTALLING THIS SOFTWARE AND BY USING ANY AND ALL SOFTWARE
PROVIDED BY ATOMICORP LIMITED YOU ACKNOWLEDGE AND AGREE:

THIS SOFTWARE AND ALL SOFTWARE PROVIDED IN THIS REPOSITORY IS
PROVIDED BY ATOMICORP LIMITED AS IS, IS UNSUPPORTED AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ATOMICORP LIMITED, THE
COPYRIGHT OWNER OR ANY CONTRIBUTOR TO ANY AND ALL SOFTWARE PROVIDED
BY OR PUBLISHED IN THIS REPOSITORY BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
OF THE POSSIBILITY OF SUCH DAMAGE.

Do you agree to these terms (yes/no): yes

Configuring the [atomic] yum archive for this system

Installing the Atomic GPG key: OK
Downloading atomic-release-1.0-13.el4.art.noarch.rpm: OK



The Atomic Rocket Turtle archive has now been installed and configured for your system
The following channels are available:
  atomic          - [ACTIVATED] - contains the stable tree of ART packages
  atomic-testing  - [DISABLED]  - contains the testing tree of ART packages
  atomic-bleeding - [DISABLED]  - contains the development tree of ART packages


[root@app3 ~]# yum install openvas
Setting up Install Process
Setting up repositories
atomic                    100% |=========================| 1.9 kB    00:00
Reading repository metadata in from local files
Parsing package install arguments
No Match for argument: openvas
Nothing to do
[root@app3 ~]# yum list openvas
Setting up repositories
Reading repository metadata in from local files
[root@app3 ~]
As you can see it can't find the package. Any ides what might be going on here? Pardon me if there is something remedial about this. Not super experienced with yum or openvas.

Thanks in advance for any help anyone can provide.
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: [atomic] Openvas 4.x Updates

Unread post by scott »

For 4.x branch I recommend using at least EL5 (CentOS/RHEL) or if you can, EL6. Unfortunately it doesn't look like much of openvas will be something upstream can handle in the EL4 environments.
paulv_ap
New Forum User
New Forum User
Posts: 3
Joined: Fri Apr 22, 2011 12:19 pm
Location: United States

Re: [atomic] Openvas 4.x Updates

Unread post by paulv_ap »

Thanks for answering.

Sorry if I don't quite understand the response. Are you saying that I should not install openvas on RHEL4 or that I need to take special configurations to do so?

If I need special configurations to do so, could you provide a link to such instructions? Should I be installing an older version of openvas?


Thanks,
Paul
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: [atomic] Openvas 4.x Updates

Unread post by scott »

Thats correct, OpenVAS 4.x has broken compatibility with EL4 environments. If there is enough community interest I can try and take a stab at building compatibility packages for it again, but at this time your other option is to use EL5 or EL6.
paulv_ap
New Forum User
New Forum User
Posts: 3
Joined: Fri Apr 22, 2011 12:19 pm
Location: United States

Re: [atomic] Openvas 4.x Updates

Unread post by paulv_ap »

Okay. I have identified a machine and installed openvas (let's call this machine 1), however this machine can't be the one to do the actual scanning since it only has limited access to the data center.

I have identified an EL5 machine (machine 2) in the data center that I can install the scanner on but not the UI or webUI, etc,.

I am hoping I can install minimum scanning components for scanning on machine 2 and connect the ui portions from machine 1 to machine 2.

So how would I do the partial install on the EL5 machine? ie how would I modify the commands for minimal components?
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: [atomic] Openvas 4.x Updates

Unread post by scott »

Just run yum install openvas on your scanner box, and turn off gsad. Its only a client really, you can connect to remote scanners from inside of gsad
Post Reply