关于openvas的酸甜苦辣
2016-04-26 23:58
519 查看
经历好多次的挫折,找出相互关系。一步步理清其中的设置。现在不能解决的问题,openvas大概历程是,建立扫描服务器,配置端口和密钥,管理设置扫描器和输出管理器gsa和cli。设置任务,开始扫描漏洞
问题1:openvas --rebuild --progress 重建失败,求答案
root@lover:~# openvasmd --rebuild --progress
Rebuilding NVT cache... failed.
openvas主要的构件:
主要组件 openvassd
root@lover:~# openvassd -h
Usage:
openvassd [OPTION...] - Scanner of the Open Vulnerability Assessment System
Help Options:
-h, --help Show help options
Application Options:
-V, --version Display version information
-f, --foreground Do not run in daemon mode but stay in foreground
-a, --listen=<address> Listen on <address>
-p, --port=<number> Use port number <number>
-c, --config-file=<filename> Configuration file
-s, --cfg-specs Print configuration settings
-y, --sysconfdir Print system configuration directory (set at compile time)
-C, --only-cache Exit once the NVT cache has been initialized or updated
--gnutls-priorities=<string> GnuTLS priorities string
--dh-params=<string> Diffie-Hellman parameters file
设置扫描器和用户界面openvasmd
root@lover:~# openvasmd -h
Usage:
openvasmd [OPTION...] - Manager of the Open Vulnerability Assessment System
Help Options:
-h, --help Show help options
Application Options:
--backup Backup the database.
-d, --database=<file/name> Use <file/name> as database for SQLite/Postgres.
--disable-cmds=<commands> Disable comma-separated <commands>.
--disable-encrypted-credentials Do not encrypt or decrypt credentials.
--disable-password-policy Do not restrict passwords to the policy.
--disable-scheduling Disable task scheduling.
--create-user=<username> Create admin user <username> and exit.
--delete-user=<username> Delete user <username> and exit.
--get-users List users and exit.
--create-scanner=<scanner> Create global scanner <scanner> and exit.
--modify-scanner=<scanner-uuid> Modify scanner <scanner-uuid> and exit.
--scanner-name=<name> Name for --modify-scanner.
--scanner-host=<scanner-host> Scanner host for --create-scanner, --rebuild and --update. Default is 127.0.0.1.
--scanner-port=<scanner-port> Scanner port for --create-scanner, --rebuild and --update. Default is 9391.
--scanner-type=<scanner-type> Scanner type for --create-scanner. Either 'OpenVAS' or 'OSP'.
--scanner-ca-pub=<scanner-ca-pub> Scanner CA Certificate path for --[create|modify]-scanner.
--scanner-key-pub=<scanner-key-public> Scanner Certificate path for --[create|modify]-scanner.
--scanner-key-priv=<scanner-key-private> Scanner private key path for --[create|modify]-scanner.
--verify-scanner=<scanner-uuid> Verify scanner <scanner-uuid> and exit.
--delete-scanner=<scanner-uuid> Delete scanner <scanner-uuid> and exit.
--get-scanners List scanners and exit.
-f, --foreground Run in foreground.
-a, --listen=<address> Listen on <address>.
--listen2=<address> Listen also on <address>.
--max-ips-per-target=<number> Maximum number of IPs per target.
--max-email-attachment-size=<number> Maximum size of alert email attachments, in bytes.
--max-email-include-size=<number> Maximum size of inlined content in alert emails, in bytes.
-m, --migrate Migrate the database and exit.
--create-credentials-encryption-key Create a key to encrypt credentials.
--encrypt-all-credentials (Re-)Encrypt all credentials.
--new-password=<password> Modify user's password and exit.
--optimize=<name> Run an optimization: vacuum, analyze, cleanup-config-prefs, remove-open-port-results, cleanup-port-names, rebuild-report-cache or update-report-cache.
-p, --port=<number> Use port number <number>.
--port2=<number> Use port number <number> for address 2.
--progress Display progress during --rebuild and --update.
--rebuild Rebuild the NVT cache and exit.
--role=<role> Role for --create-user and --get-users.
-u, --update Update the NVT cache and exit.
--user=<username> User for --new-password.
--gnutls-priorities=<priorities-string> Sets the GnuTLS priorities for the Manager socket.
--dh-params=<file> Diffie-Hellman parameters file
-v, --verbose Print tracing messages.
--version Print version and exit.
命令行窗口 opencli -omp
root@lover:~# omp --help
用法:
omp [选项...] - OpenVAS OMP Command Line Interface
帮助选项:
-?, --help 显示帮助选项
应用程序选项:
-h, --host=<host> Connect to manager on host <host>
-p, --port=<number> Use port number <number>
-V, --version Print version.
-v, --verbose Verbose messages (WARNING: may reveal passwords).
--use-certs Use client certificates to authenticate.
--client-cert=<cert-file> Client certificate. Default: /usr/local/var/lib/openvas/CA/clientcert.pem
--client-key=<key-file> Client key. Default: /usr/local/var/lib/openvas/private/CA/clientkey.pem
--client-ca-cert=<cert-file> Client CA certificate. Default: /usr/local/var/lib/openvas/CA/cacert.pem
-u, --username=<username> OMP username
-w, --password=<password> OMP password
--config-file=<config-file> Configuration file for connection parameters.
-P, --prompt Prompt to exit.
-O, --get-omp-version Print OMP version.
-n, --name=<name> Name for create-task.
-C, --create-task Create a task.
-m, --comment=<name> Comment for create-task.
-c, --config=<config> Config for create-task.
-t, --target=<target> Target for create-task.
-E, --delete-report Delete one or more reports.
-D, --delete-task Delete one or more tasks.
-R, --get-report Get report of one task.
-F, --get-report-formats Get report formats. (OMP 2.0 only)
-f, --format=<format> Format for get-report.
--filter=<string> Filter string for get-report
-G, --get-tasks Get status of one, many or all tasks.
-g, --get-configs Get configs.
-T, --get-targets Get targets.
-i, --pretty-print In combination with -X, pretty print the response.
-S, --start-task Start one or more tasks.
-M, --modify-task Modify a task.
--ping Ping OMP server
--timeout=<number> Wait <number> seconds for OMP ping response
--file Add text in stdin as file on task.
-X, --xml=<command> XML command (e.g. "<help/>"). "-" to read from stdin.
--send-file=<file> Replace SENDFILE in xml with base64 of file.
--details Enable detailed view.
问题1:openvas --rebuild --progress 重建失败,求答案
root@lover:~# openvasmd --rebuild --progress
Rebuilding NVT cache... failed.
openvas主要的构件:
主要组件 openvassd
root@lover:~# openvassd -h
Usage:
openvassd [OPTION...] - Scanner of the Open Vulnerability Assessment System
Help Options:
-h, --help Show help options
Application Options:
-V, --version Display version information
-f, --foreground Do not run in daemon mode but stay in foreground
-a, --listen=<address> Listen on <address>
-p, --port=<number> Use port number <number>
-c, --config-file=<filename> Configuration file
-s, --cfg-specs Print configuration settings
-y, --sysconfdir Print system configuration directory (set at compile time)
-C, --only-cache Exit once the NVT cache has been initialized or updated
--gnutls-priorities=<string> GnuTLS priorities string
--dh-params=<string> Diffie-Hellman parameters file
设置扫描器和用户界面openvasmd
root@lover:~# openvasmd -h
Usage:
openvasmd [OPTION...] - Manager of the Open Vulnerability Assessment System
Help Options:
-h, --help Show help options
Application Options:
--backup Backup the database.
-d, --database=<file/name> Use <file/name> as database for SQLite/Postgres.
--disable-cmds=<commands> Disable comma-separated <commands>.
--disable-encrypted-credentials Do not encrypt or decrypt credentials.
--disable-password-policy Do not restrict passwords to the policy.
--disable-scheduling Disable task scheduling.
--create-user=<username> Create admin user <username> and exit.
--delete-user=<username> Delete user <username> and exit.
--get-users List users and exit.
--create-scanner=<scanner> Create global scanner <scanner> and exit.
--modify-scanner=<scanner-uuid> Modify scanner <scanner-uuid> and exit.
--scanner-name=<name> Name for --modify-scanner.
--scanner-host=<scanner-host> Scanner host for --create-scanner, --rebuild and --update. Default is 127.0.0.1.
--scanner-port=<scanner-port> Scanner port for --create-scanner, --rebuild and --update. Default is 9391.
--scanner-type=<scanner-type> Scanner type for --create-scanner. Either 'OpenVAS' or 'OSP'.
--scanner-ca-pub=<scanner-ca-pub> Scanner CA Certificate path for --[create|modify]-scanner.
--scanner-key-pub=<scanner-key-public> Scanner Certificate path for --[create|modify]-scanner.
--scanner-key-priv=<scanner-key-private> Scanner private key path for --[create|modify]-scanner.
--verify-scanner=<scanner-uuid> Verify scanner <scanner-uuid> and exit.
--delete-scanner=<scanner-uuid> Delete scanner <scanner-uuid> and exit.
--get-scanners List scanners and exit.
-f, --foreground Run in foreground.
-a, --listen=<address> Listen on <address>.
--listen2=<address> Listen also on <address>.
--max-ips-per-target=<number> Maximum number of IPs per target.
--max-email-attachment-size=<number> Maximum size of alert email attachments, in bytes.
--max-email-include-size=<number> Maximum size of inlined content in alert emails, in bytes.
-m, --migrate Migrate the database and exit.
--create-credentials-encryption-key Create a key to encrypt credentials.
--encrypt-all-credentials (Re-)Encrypt all credentials.
--new-password=<password> Modify user's password and exit.
--optimize=<name> Run an optimization: vacuum, analyze, cleanup-config-prefs, remove-open-port-results, cleanup-port-names, rebuild-report-cache or update-report-cache.
-p, --port=<number> Use port number <number>.
--port2=<number> Use port number <number> for address 2.
--progress Display progress during --rebuild and --update.
--rebuild Rebuild the NVT cache and exit.
--role=<role> Role for --create-user and --get-users.
-u, --update Update the NVT cache and exit.
--user=<username> User for --new-password.
--gnutls-priorities=<priorities-string> Sets the GnuTLS priorities for the Manager socket.
--dh-params=<file> Diffie-Hellman parameters file
-v, --verbose Print tracing messages.
--version Print version and exit.
命令行窗口 opencli -omp
root@lover:~# omp --help
用法:
omp [选项...] - OpenVAS OMP Command Line Interface
帮助选项:
-?, --help 显示帮助选项
应用程序选项:
-h, --host=<host> Connect to manager on host <host>
-p, --port=<number> Use port number <number>
-V, --version Print version.
-v, --verbose Verbose messages (WARNING: may reveal passwords).
--use-certs Use client certificates to authenticate.
--client-cert=<cert-file> Client certificate. Default: /usr/local/var/lib/openvas/CA/clientcert.pem
--client-key=<key-file> Client key. Default: /usr/local/var/lib/openvas/private/CA/clientkey.pem
--client-ca-cert=<cert-file> Client CA certificate. Default: /usr/local/var/lib/openvas/CA/cacert.pem
-u, --username=<username> OMP username
-w, --password=<password> OMP password
--config-file=<config-file> Configuration file for connection parameters.
-P, --prompt Prompt to exit.
-O, --get-omp-version Print OMP version.
-n, --name=<name> Name for create-task.
-C, --create-task Create a task.
-m, --comment=<name> Comment for create-task.
-c, --config=<config> Config for create-task.
-t, --target=<target> Target for create-task.
-E, --delete-report Delete one or more reports.
-D, --delete-task Delete one or more tasks.
-R, --get-report Get report of one task.
-F, --get-report-formats Get report formats. (OMP 2.0 only)
-f, --format=<format> Format for get-report.
--filter=<string> Filter string for get-report
-G, --get-tasks Get status of one, many or all tasks.
-g, --get-configs Get configs.
-T, --get-targets Get targets.
-i, --pretty-print In combination with -X, pretty print the response.
-S, --start-task Start one or more tasks.
-M, --modify-task Modify a task.
--ping Ping OMP server
--timeout=<number> Wait <number> seconds for OMP ping response
--file Add text in stdin as file on task.
-X, --xml=<command> XML command (e.g. "<help/>"). "-" to read from stdin.
--send-file=<file> Replace SENDFILE in xml with base64 of file.
--details Enable detailed view.
相关文章推荐
- java.lang.NoClassDefFoundError: org/apache/commons/collections/CursorableLinkedList
- 用Spring Cloud和Docker构建微服务
- 关于linux进程间的close-on-exec机制
- linux修改用户目录文件名
- 用什么技术架构来实现网站高负载
- rocketmq 的cluster模式下确保消息不丢失之消费进度维护
- VirtualBox下Kali linux 2016.1安装之后的简单设置
- linux配置jdk环境变量
- 个人记录必备网站
- 2.使用iptables监控上传流量
- 今天很开心,因为我的网站上线啦!
- linux下yum安装mysql步骤
- 002如何构建hadoop集群环境?
- OpenCV实践之路——行人检测
- 更改myeclipse工具的内存和tomcat的内存
- java.lang.NoSuchMethodError: org.apache.commons.pool.impl.GenericObjectPool.setMinIdle(I)V
- php-fpm, nginx ,fastcgi ,php-cgi 关系粗解
- linux下递归读取文件
- Shell学习日记
- 图文详解Ubuntu 16.04怎么看视频网站(安装某狗输入法和flash插件)