关于openvas的酸甜苦辣

经历好多次的挫折，找出相互关系。一步步理清其中的设置。现在不能解决的问题，openvas大概历程是，建立扫描服务器，配置端口和密钥，管理设置扫描器和输出管理器gsa和cli。设置任务，开始扫描漏洞

问题1：openvas --rebuild --progress 重建失败，求答案

root@lover:~# openvasmd --rebuild --progress

Rebuilding NVT cache... failed.

openvas主要的构件：

主要组件 openvassd

root@lover:~# openvassd -h

Usage:

openvassd [OPTION...] - Scanner of the Open Vulnerability Assessment System

Help Options:

-h, --help Show help options

Application Options:

-V, --version Display version information

-f, --foreground Do not run in daemon mode but stay in foreground

-a, --listen=<address> Listen on <address>

-p, --port=<number> Use port number <number>

-c, --config-file=<filename> Configuration file

-s, --cfg-specs Print configuration settings

-y, --sysconfdir Print system configuration directory (set at compile time)

-C, --only-cache Exit once the NVT cache has been initialized or updated

--gnutls-priorities=<string> GnuTLS priorities string

--dh-params=<string> Diffie-Hellman parameters file

设置扫描器和用户界面openvasmd

root@lover:~# openvasmd -h

Usage:

openvasmd [OPTION...] - Manager of the Open Vulnerability Assessment System

Help Options:

-h, --help Show help options

Application Options:

--backup Backup the database.

-d, --database=<file/name> Use <file/name> as database for SQLite/Postgres.

--disable-cmds=<commands> Disable comma-separated <commands>.

--disable-encrypted-credentials Do not encrypt or decrypt credentials.

--disable-password-policy Do not restrict passwords to the policy.

--disable-scheduling Disable task scheduling.

--create-user=<username> Create admin user <username> and exit.

--delete-user=<username> Delete user <username> and exit.

--get-users List users and exit.

--create-scanner=<scanner> Create global scanner <scanner> and exit.

--modify-scanner=<scanner-uuid> Modify scanner <scanner-uuid> and exit.

--scanner-name=<name> Name for --modify-scanner.

--scanner-host=<scanner-host> Scanner host for --create-scanner, --rebuild and --update. Default is 127.0.0.1.

--scanner-port=<scanner-port> Scanner port for --create-scanner, --rebuild and --update. Default is 9391.

--scanner-type=<scanner-type> Scanner type for --create-scanner. Either 'OpenVAS' or 'OSP'.

--scanner-ca-pub=<scanner-ca-pub> Scanner CA Certificate path for --[create|modify]-scanner.

--scanner-key-pub=<scanner-key-public> Scanner Certificate path for --[create|modify]-scanner.

--scanner-key-priv=<scanner-key-private> Scanner private key path for --[create|modify]-scanner.

--verify-scanner=<scanner-uuid> Verify scanner <scanner-uuid> and exit.

--delete-scanner=<scanner-uuid> Delete scanner <scanner-uuid> and exit.

--get-scanners List scanners and exit.

-f, --foreground Run in foreground.

-a, --listen=<address> Listen on <address>.

--listen2=<address> Listen also on <address>.

--max-ips-per-target=<number> Maximum number of IPs per target.

--max-email-attachment-size=<number> Maximum size of alert email attachments, in bytes.

--max-email-include-size=<number> Maximum size of inlined content in alert emails, in bytes.

-m, --migrate Migrate the database and exit.

--create-credentials-encryption-key Create a key to encrypt credentials.

--encrypt-all-credentials (Re-)Encrypt all credentials.

--new-password=<password> Modify user's password and exit.

--optimize=<name> Run an optimization: vacuum, analyze, cleanup-config-prefs, remove-open-port-results, cleanup-port-names, rebuild-report-cache or update-report-cache.

-p, --port=<number> Use port number <number>.

--port2=<number> Use port number <number> for address 2.

--progress Display progress during --rebuild and --update.

--rebuild Rebuild the NVT cache and exit.

--role=<role> Role for --create-user and --get-users.

-u, --update Update the NVT cache and exit.

--user=<username> User for --new-password.

--gnutls-priorities=<priorities-string> Sets the GnuTLS priorities for the Manager socket.

--dh-params=<file> Diffie-Hellman parameters file

-v, --verbose Print tracing messages.

--version Print version and exit.

命令行窗口 opencli -omp

root@lover:~# omp --help

用法：

omp [选项...] - OpenVAS OMP Command Line Interface

帮助选项：

-?, --help 显示帮助选项

应用程序选项：

-h, --host=<host> Connect to manager on host <host>

-p, --port=<number> Use port number <number>

-V, --version Print version.

-v, --verbose Verbose messages (WARNING: may reveal passwords).

--use-certs Use client certificates to authenticate.

--client-cert=<cert-file> Client certificate. Default: /usr/local/var/lib/openvas/CA/clientcert.pem

--client-key=<key-file> Client key. Default: /usr/local/var/lib/openvas/private/CA/clientkey.pem

--client-ca-cert=<cert-file> Client CA certificate. Default: /usr/local/var/lib/openvas/CA/cacert.pem

-u, --username=<username> OMP username

-w, --password=<password> OMP password

--config-file=<config-file> Configuration file for connection parameters.

-P, --prompt Prompt to exit.

-O, --get-omp-version Print OMP version.

-n, --name=<name> Name for create-task.

-C, --create-task Create a task.

-m, --comment=<name> Comment for create-task.

-c, --config=<config> Config for create-task.

-t, --target=<target> Target for create-task.

-E, --delete-report Delete one or more reports.

-D, --delete-task Delete one or more tasks.

-R, --get-report Get report of one task.

-F, --get-report-formats Get report formats. (OMP 2.0 only)

-f, --format=<format> Format for get-report.

--filter=<string> Filter string for get-report

-G, --get-tasks Get status of one, many or all tasks.

-g, --get-configs Get configs.

-T, --get-targets Get targets.

-i, --pretty-print In combination with -X, pretty print the response.

-S, --start-task Start one or more tasks.

-M, --modify-task Modify a task.

--ping Ping OMP server

--timeout=<number> Wait <number> seconds for OMP ping response

--file Add text in stdin as file on task.

-X, --xml=<command> XML command (e.g. "<help/>"). "-" to read from stdin.

--send-file=<file> Replace SENDFILE in xml with base64 of file.

--details Enable detailed view.