Openvas 8 now available

[scott]

OV-8 packages are now available for EL6 platforms. I'm still looking for an automated way to handle the PDF issues on EL7, ironically newer (fedora 23) and older (rhel 6) platforms are already fixed. It looks like a larger problem with tex on EL7 to sort it out.

In the mean time the manual process fmyoen for the pdf fix on EL7 is the way to go

[usuario]

OV-8 packages are now available for EL6 platforms. I'm still looking for an automated way to handle the PDF issues on EL7, ironically newer (fedora 23) and older (rhel 6) platforms are already fixed. It looks like a larger problem with tex on EL7 to sort it out.

In the mean time the manual process fmyoen for the pdf fix on EL7 is the way to go

Do you mean this post (from atk-x): https://atomicorp.com/forums/viewtopic. ... 261#p43261 ??

[ninjavz]

I installed in Centos 7, but redis is not running.

openvas-check-setup error:

openvas-check-setup 2.3.2
Mode: desktop
Date: Thu, 07 Apr 2016 19:21:15 -0500

Checking for old OpenVAS Scanner <= 2.0 ...
/usr/bin/openvas-check-setup: line 163: openvasd: command not found

Checking presence of OpenVAS Scanner ...
OpenVAS Scanner 5.0.5
Most new code since 2005: (C) 2015 Greenbone Networks GmbH
Nessus origin: (C) 2004 Renaud Deraison <deraison@nessus.org>
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


Checking OpenVAS Scanner version ...

OK: OpenVAS Scanner is present in version 5.0.5.
plugins_folder = /var/lib/openvas/plugins
cache_folder = /var/cache/openvas
include_folders = /var/lib/openvas/plugins
max_hosts = 30
max_checks = 10
be_nice = no
logfile = /var/log/openvas/openvassd.log
log_whole_attack = no
log_plugins_name_at_load = no
dumpfile = /var/log/openvas/openvassd.dump
cgi_path = /cgi-bin:/scripts
optimize_test = yes
checks_read_timeout = 5
network_scan = no
non_simult_ports = 139, 445
plugins_timeout = 320
safe_checks = yes
auto_enable_dependencies = yes
use_mac_addr = no
nasl_no_signature_check = yes
drop_privileges = no
unscanned_closed = yes
unscanned_closed_udp = yes
vhosts =
vhosts_ip =
report_host_details = yes
cert_file = /var/lib/openvas/CA/servercert.pem
key_file = /var/lib/openvas/private/CA/serverkey.pem
ca_file = /var/lib/openvas/CA/cacert.pem
kb_location = /tmp/redis.sock
rules = /etc/openvas/openvassd.rules
port_range = default
silent_dependencies = no
save_knowledge_base = no
kb_restore = no
only_test_hosts_whose_kb_we_dont_have = no
only_test_hosts_whose_kb_we_have = no
kb_dont_replay_scanners = no
kb_dont_replay_info_gathering = no
kb_dont_replay_attacks = no
kb_dont_replay_denials = no
kb_max_age = 864000
slice_network_addresses = no
config_file = /etc/openvas/openvassd.conf
Checking OpenVAS Scanner CA cert ...

OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cac$
Checking presence of redis ...
OK: redis-server is present in version v=2.8.21.

Checking if redis-server is configured properly to run with openVAS ...
OK: scanner (kb_location setting) is configured properly using the redis$
Checking if redis-server is running ...
ERROR: redis-server is not running or not listening on socket: /tmp/redi$
FIX: You should start the redis-server or configure it to listen on sock$

Then on the redis.log file I find:
Increased maximum number of open files to 4032 (it was originally set to 1024).
Opening socket: bind: Permission denied

Some problem with redis. OpenVAS runs, but when I try to scan I always get ERROR in the severity column.

Help is apreciated.

[marc97]

Can't get OpenVAS to startup on RH 7.2, tried all kinds of different things, I followed the instructions to the letter, but I keep hitting this:
openvassd: symbol lookup error: /lib64/libopenvas_base.so.8: undefined symbol: ssh_pki_key_ecdsa_name

I've tried both versions of libssh from the repo as well as earlier verisons of openvas8 but all with the same result

Please ignore the "rsync" issue, that's because I'm sitting behind a proxy and something I have a fix for.

Code: Select all

cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.2 (Maipo)
 
This is the output from running the setup procedure
 Openvas Setup, Version: 1.0
 
 
Step 1: Update NVT, CERT, and SCAP data
Please note this step could take some time.
Once completed, this will be updated automatically every 24 hours
 
Select download method
* wget (NVT download only)
* curl (NVT download only)
* rsync
 
  Note: If rsync requires a proxy, you should define that before this step.
Downloader [Default: rsync]
Updating NVTs....
openvassd: symbol lookup error: /lib64/libopenvas_base.so.8: undefined symbol: ssh_pki_key_ecdsa_name
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir:
[w] Could not determine feed version.
[i] rsync is not recommended for the initial sync. Falling back on http.
[i] Will use wget
[i] Using GNU wget: /bin/wget
[i] Configured NVT http feed: http://www.openvas.org/openvas-nvt-feed-current.tar.bz2
[i] Downloading to: /tmp/openvas-nvt-sync.iLPC3WUWH3/openvas-feed-2016-09-13-13008.tar.bz2
mkdir: cannot create directory ‘’: No such file or directory
[i] Checking dir: ok
[i] Checking MD5 checksum: /bin/md5sum: /md5sums: No such file or directory
not ok
Error: md5sums not correct. Your NVT collection might be broken now.
Please try this for details: cd "" ; /bin/md5sum -c "/md5sums" | less

[marc97]

Can't get OpenVAS to startup on RH 7.2, tried all kinds of different things, I followed the instructions to the letter, but I keep hitting this:
openvassd: symbol lookup error: /lib64/libopenvas_base.so.8: undefined symbol: ssh_pki_key_ecdsa_name

I've tried both versions of libssh from the repo as well as earlier verisons of openvas8 but all with the same result

Please ignore the "rsync" issue, that's because I'm sitting behind a proxy and something I have a fix for.

Code: Select all

cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.2 (Maipo)
 
This is the output from running the setup procedure
 Openvas Setup, Version: 1.0
 
 
Step 1: Update NVT, CERT, and SCAP data
Please note this step could take some time.
Once completed, this will be updated automatically every 24 hours
 
Select download method
* wget (NVT download only)
* curl (NVT download only)
* rsync
 
  Note: If rsync requires a proxy, you should define that before this step.
Downloader [Default: rsync]
Updating NVTs....
openvassd: symbol lookup error: /lib64/libopenvas_base.so.8: undefined symbol: ssh_pki_key_ecdsa_name
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir:
[w] Could not determine feed version.
[i] rsync is not recommended for the initial sync. Falling back on http.
[i] Will use wget
[i] Using GNU wget: /bin/wget
[i] Configured NVT http feed: http://www.openvas.org/openvas-nvt-feed-current.tar.bz2
[i] Downloading to: /tmp/openvas-nvt-sync.iLPC3WUWH3/openvas-feed-2016-09-13-13008.tar.bz2
mkdir: cannot create directory ‘’: No such file or directory
[i] Checking dir: ok
[i] Checking MD5 checksum: /bin/md5sum: /md5sums: No such file or directory
not ok
Error: md5sums not correct. Your NVT collection might be broken now.
Please try this for details: cd "" ; /bin/md5sum -c "/md5sums" | less

[nckk]

openvassd: symbol lookup error: /lib64/libopenvas_base.so.8: undefined symbol: ssh_pki_key_ecdsa_name

Hitting the exact same issue. Fresh RHEL 7.2 install, yum updated to latest of everything. Complete blocker.

[rschell6809]

i tried to do a yum update but got the following errors:
Error: Package: 1:atomic-gnutls3-gnutls-3.1.25-1.el6.art.x86_64 (@atomic)
Requires: libnettle.so.4()(64bit)
Removing: nettle-2.7.1-3.el6.art.x86_64 (@atomic)
libnettle.so.4()(64bit)
Updated By: nettle-3.2-2.el6.x86_64 (epel)
Not found
Error: Package: 1:atomic-gnutls3-gnutls-3.1.25-1.el6.art.x86_64 (@atomic)
Requires: libhogweed.so.2()(64bit)
Removing: nettle-2.7.1-3.el6.art.x86_64 (@atomic)
libhogweed.so.2()(64bit)
Updated By: nettle-3.2-2.el6.x86_64 (epel)
Not found
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest

Could i first update nettle and then openvas ?

[klund]

openvassd: symbol lookup error: /lib64/libopenvas_base.so.8: undefined symbol: ssh_pki_key_ecdsa_name

Hitting the exact same issue. Fresh RHEL 7.2 install, yum updated to latest of everything. Complete blocker.

Try at your own risk -- I did:
I had to find and download the "0.6.4" source (https://red.libssh.org/projects/libssh/files and close the 0.6.4 version) and compile it. Had to fiddle with the "cmake" and "make" putting the compiled libs in the /usr/lib directory and not /usr/lib64 directory. Finally just moved them manually and fixed the symbolic links.

Also had an issue with my linux box resolving www.openvas.org, when my desktop could, so I added it to /etc/hosts.

Hope this helps...

[ladorm]

Also are there any chances to install OpenVAS 7 from atomic repo?

Ok, I did it by myself:

Code: Select all

yum install wget tar
wget -q -O - http://www.atomicorp.com/installers/atomic | sh
yum upgrade
yum install openvas-libraries-7.0.9-18.el6.art.x86_64
yum install openvas
openvas-setup
openvas-check-setup --v7

I have the same problem, and this isnt working for me

When I run 'yum install openvas' it tries to install OV8 libraries and fails with:

Code: Select all

Error: Package: openvas-libraries-8.0.6-22.el6.art.x86_64 (atomic)
           Requires: libhiredis.so.0.10()(64bit)

Any help?