demandosigno

2019-08-15

# apt update
# apt upgrade
# apt autoremove
# apt install openvas

# openvas-setup

# openvas-check-setup 
openvas-check-setup 2.3.7
  Test completeness and readiness of OpenVAS-9
～（中略）～

Step 1: Checking OpenVAS Scanner ... 
        OK: OpenVAS Scanner is present in version 5.1.3.
        OK: redis-server is present in version v=5.0.5.
        OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock

～（中略）～

It seems like your OpenVAS-9 installation is OK.

If you think it is not OK, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

root@kali:~# openvas-check-setup
openvas-check-setup 2.3.7
  Test completeness and readiness of OpenVAS-9
  (add '--v6' or '--v7' or '--v8'
   if you want to check for another OpenVAS version)

  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

  Use the parameter --server to skip checks for client tools
  like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ... 
        OK: OpenVAS Scanner is present in version 5.1.3.
        OK: redis-server is present in version v=5.0.5.
        OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
        OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
        OK: redis-server configuration is OK and redis-server is running.
        OK: NVT collection in /var/lib/openvas/plugins contains 52474 NVTs.
        WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
        SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
        WARNING: The initial NVT cache has not yet been generated.
        SUGGEST: Start OpenVAS Scanner for the first time to generate the cache.
Step 2: Checking OpenVAS Manager ... 
        OK: OpenVAS Manager is present in version 7.0.3.
        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
        OK: Access rights for the OpenVAS Manager database are correct.
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
        OK: OpenVAS Manager database is at revision 184.
        OK: OpenVAS Manager expects database at revision 184.
        OK: Database schema is up to date.
        OK: OpenVAS Manager database contains information about 52474 NVTs.
        OK: At least one user exists.
        ERROR: No OpenVAS SCAP database found. (Tried: /var/lib/openvas/scap-data/scap.db)
        FIX: Run a SCAP synchronization script like greenbone-scapdata-sync.

 ERROR: Your OpenVAS-9 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

[>] Updating OpenVAS feeds
[*] [1/3] Updating: NVT
Greenbone community feed server - http://feed.community.greenbone.net/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the Greenbone community portal. 
See https://community.greenbone.net for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be temporarily blocked.

receiving incremental file list
plugin_feed_info.inc
            985 100%  961.91kB/s    0:00:00 (xfr#1, to-chk=0/1)

sent 43 bytes  received 1,097 bytes  253.33 bytes/sec
total size is 985  speedup is 0.86
[*] [2/3] Updating: Scap Data
Greenbone community feed server - http://feed.community.greenbone.net/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the Greenbone community portal. 
See https://community.greenbone.net for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be temporarily blocked.

receiving incremental file list
./
nvdcve-2.0-2012.xml
     45,261,751 100%  323.69kB/s    0:02:16 (xfr#1, to-chk=30/43)
nvdcve-2.0-2013.xml
     46,162,392 100%  115.99kB/s    0:06:28 (xfr#2, to-chk=29/43)
nvdcve-2.0-2014.xml
     46,301,815 100%  109.97kB/s    0:06:51 (xfr#3, to-chk=28/43)
nvdcve-2.0-2015.xml
     42,960,952 100%  121.00kB/s    0:05:46 (xfr#4, to-chk=27/43)
nvdcve-2.0-2016.xml
     60,794,481 100%  132.18kB/s    0:07:29 (xfr#5, to-chk=26/43)
nvdcve-2.0-2017.xml
    177,817,137 100%  143.55kB/s    0:20:09 (xfr#6, to-chk=25/43)
nvdcve-2.0-2018.xml
    273,484,853 100%  144.31kB/s    0:30:50 (xfr#7, to-chk=24/43)
nvdcve-2.0-2019.xml
    153,695,062 100%  244.13kB/s    0:10:14 (xfr#8, to-chk=23/43)
official-cpe-dictionary_v2.2.xml
    125,338,296 100%  213.99kB/s    0:09:31 (xfr#9, to-chk=22/43)
sha1sums
          2,034 100%    2.49kB/s    0:00:00 (xfr#10, to-chk=21/43)
sha256sums
          2,754 100%    3.35kB/s    0:00:00 (xfr#11, to-chk=20/43)
sha256sums.asc
            819 100%    0.99kB/s    0:00:00 (xfr#12, to-chk=19/43)
timestamp
             13 100%    0.02kB/s    0:00:00 (xfr#13, to-chk=18/43)
oval/
oval/5.10/
oval/5.10/org.mitre.oval/
oval/5.10/org.mitre.oval/c/oval.xml
        268,150 100%  143.72kB/s    0:00:01 (xfr#14, to-chk=9/43)
oval/5.10/org.mitre.oval/i/oval.xml
      9,480,204 100%  174.16kB/s    0:00:53 (xfr#15, to-chk=8/43)
oval/5.10/org.mitre.oval/m/oval.xml
        143,834 100%  197.56kB/s    0:00:00 (xfr#16, to-chk=7/43)
oval/5.10/org.mitre.oval/p/oval.xml
     90,911,155 100%  167.03kB/s    0:08:51 (xfr#17, to-chk=6/43)
oval/5.10/org.mitre.oval/v/
oval/5.10/org.mitre.oval/v/family/ios.xml
      2,012,118 100%   93.14kB/s    0:00:21 (xfr#18, to-chk=4/43)
oval/5.10/org.mitre.oval/v/family/macos.xml
        453,775 100%  112.27kB/s    0:00:03 (xfr#19, to-chk=3/43)
oval/5.10/org.mitre.oval/v/family/pixos.xml
         10,014 100%   12.33kB/s    0:00:00 (xfr#20, to-chk=2/43)
oval/5.10/org.mitre.oval/v/family/unix.xml
     31,372,831 100%  160.68kB/s    0:03:10 (xfr#21, to-chk=1/43)
oval/5.10/org.mitre.oval/v/family/windows.xml
     51,773,463 100%  112.16kB/s    0:07:30 (xfr#22, to-chk=0/43)

sent 35,549 bytes  received 1,130,665,252 bytes  156,379.34 bytes/sec
total size is 1,490,170,345  speedup is 1.32
part 0 Done
part 1 Done
part 0 Done
part 1 Done
part 0 Done
part 1 Done
part 2 Done
part 0 Done
part 1 Done
part 2 Done
part 3 Done
part 4 Done
part 0 Done
part 1 Done
part 2 Done
/usr/sbin/openvasmd
[*] [3/3] Updating: Cert Data
Greenbone community feed server - http://feed.community.greenbone.net/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the Greenbone community portal. 
See https://community.greenbone.net for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be temporarily blocked.

receiving incremental file list
timestamp
             13 100%   12.70kB/s    0:00:00 (xfr#1, to-chk=0/1)

sent 43 bytes  received 113 bytes  44.57 bytes/sec
total size is 13  speedup is 0.08
root@kali:~# 

root@kali:~# openvas-check-setup
openvas-check-setup 2.3.7
  Test completeness and readiness of OpenVAS-9
  (add '--v6' or '--v7' or '--v8'
   if you want to check for another OpenVAS version)

  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

  Use the parameter --server to skip checks for client tools
  like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ... 
        OK: OpenVAS Scanner is present in version 5.1.3.
        OK: redis-server is present in version v=5.0.5.
        OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
        OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
        OK: redis-server configuration is OK and redis-server is running.
        OK: NVT collection in /var/lib/openvas/plugins contains 52474 NVTs.
        WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
        SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
        WARNING: The initial NVT cache has not yet been generated.
        SUGGEST: Start OpenVAS Scanner for the first time to generate the cache.
Step 2: Checking OpenVAS Manager ... 
        OK: OpenVAS Manager is present in version 7.0.3.
        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
        OK: Access rights for the OpenVAS Manager database are correct.
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
        OK: OpenVAS Manager database is at revision 184.
        OK: OpenVAS Manager expects database at revision 184.
        OK: Database schema is up to date.
        OK: OpenVAS Manager database contains information about 52474 NVTs.
        OK: At least one user exists.
        OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
        OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
        OK: xsltproc found.
Step 3: Checking user configuration ... 
        WARNING: Your password policy is empty.
        SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy.
Step 4: Checking Greenbone Security Assistant (GSA) ... 
        OK: Greenbone Security Assistant is present in version 7.0.3.
        OK: Your OpenVAS certificate infrastructure passed validation.
Step 5: Checking OpenVAS CLI ... 
        OK: OpenVAS CLI version 1.4.5.
Step 6: Checking Greenbone Security Desktop (GSD) ... 
        SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running ... 
        OK: netstat found, extended checks of the OpenVAS services enabled.
        OK: OpenVAS Scanner is running and listening on a Unix domain socket.
        WARNING: OpenVAS Manager is running and listening only on the local interface.
        This means that you will not be able to access the OpenVAS Manager from the
        outside using GSD or OpenVAS CLI.
        SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless you want
        a local service only.
        OK: Greenbone Security Assistant is listening on port 9392, which is the default port.
Step 8: Checking nmap installation ...
        WARNING: Your version of nmap is not fully supported: 7.80
        SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.
Step 10: Checking presence of optional tools ...
        OK: pdflatex found.
        OK: PDF generation successful. The PDF report format is likely to work.
        OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
        WARNING: Could not find rpm binary, LSC credential package generation for RPM and DEB based targets will not work.
        SUGGEST: Install rpm.
        WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.
        SUGGEST: Install nsis.

It seems like your OpenVAS-9 installation is OK.

If you think it is not OK, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

root@kali:~# 

# openvas-stop