关于openvas的酸甜苦辣

经历好多次的挫折,找出相互关系。一步步理清其中的设置。现在不能解决的问题,openvas大概历程是,建立扫描服务器,配置端口和密钥,管理设置扫描器和输出管理器gsa和cli。设置任务,开始扫描漏洞

问题1:openvas --rebuild --progress    重建失败,求答案

root@lover:~# openvasmd --rebuild --progress
Rebuilding NVT cache... failed.



openvas主要的构件:

主要组件 openvassd

root@lover:~# openvassd -h
Usage:
  openvassd [OPTION...] - Scanner of the Open Vulnerability Assessment System

Help Options:
  -h, --help                       Show help options

Application Options:
  -V, --version                    Display version information
  -f, --foreground                 Do not run in daemon mode but stay in foreground
  -a, --listen=

           Listen on

  -p, --port=              Use port number
  -c, --config-file=     Configuration file
  -s, --cfg-specs                  Print configuration settings
  -y, --sysconfdir                 Print system configuration directory (set at compile time)
  -C, --only-cache                 Exit once the NVT cache has been initialized or updated
  --gnutls-priorities=     GnuTLS priorities string
  --dh-params=             Diffie-Hellman parameters file


设置扫描器和用户界面openvasmd

root@lover:~# openvasmd -h
Usage:
  openvasmd [OPTION...] - Manager of the Open Vulnerability Assessment System

Help Options:
  -h, --help                                   Show help options

Application Options:
  --backup                                     Backup the database.
  -d, --database=                   Use as database for SQLite/Postgres.
  --disable-cmds=                    Disable comma-separated .
  --disable-encrypted-credentials              Do not encrypt or decrypt credentials.
  --disable-password-policy                    Do not restrict passwords to the policy.
  --disable-scheduling                         Disable task scheduling.
  --create-user=                     Create admin user and exit.
  --delete-user=                     Delete user and exit.
  --get-users                                  List users and exit.
  --create-scanner=                   Create global scanner and exit.
  --modify-scanner=              Modify scanner and exit.
  --scanner-name=                        Name for --modify-scanner.
  --scanner-host=                Scanner host for --create-scanner, --rebuild and --update. Default is 127.0.0.1.
  --scanner-port=                Scanner port for --create-scanner, --rebuild and --update. Default is 9391.
  --scanner-type=                Scanner type for --create-scanner. Either 'OpenVAS' or 'OSP'.
  --scanner-ca-pub=            Scanner CA Certificate path for --[create|modify]-scanner.
  --scanner-key-pub=       Scanner Certificate path for --[create|modify]-scanner.
  --scanner-key-priv=     Scanner private key path for --[create|modify]-scanner.
  --verify-scanner=              Verify scanner and exit.
  --delete-scanner=              Delete scanner and exit.
  --get-scanners                               List scanners and exit.
  -f, --foreground                             Run in foreground.
  -a, --listen=

                       Listen on
.
  --listen2=
                          Listen also on
.
  --max-ips-per-target=                Maximum number of IPs per target.
  --max-email-attachment-size=         Maximum size of alert email attachments, in bytes.
  --max-email-include-size=            Maximum size of inlined content in alert emails, in bytes.
  -m, --migrate                                Migrate the database and exit.
  --create-credentials-encryption-key          Create a key to encrypt credentials.
  --encrypt-all-credentials                    (Re-)Encrypt all credentials.
  --new-password=                    Modify user's password and exit.
  --optimize=                            Run an optimization: vacuum, analyze, cleanup-config-prefs, remove-open-port-results, cleanup-port-names, rebuild-report-cache or update-report-cache.
  -p, --port=                          Use port number .
  --port2=                             Use port number for address 2.
  --progress                                   Display progress during --rebuild and --update.
  --rebuild                                    Rebuild the NVT cache and exit.
  --role=                                Role for --create-user and --get-users.
  -u, --update                                 Update the NVT cache and exit.
  --user=                            User for --new-password.
  --gnutls-priorities=      Sets the GnuTLS priorities for the Manager socket.
  --dh-params=                           Diffie-Hellman parameters file
  -v, --verbose                                Print tracing messages.
  --version                                    Print version and exit.


           命令行窗口      opencli   -omp

root@lover:~# omp --help
用法:
  omp [选项...] - OpenVAS OMP Command Line Interface

帮助选项:
  -?, --help                       显示帮助选项

应用程序选项:
  -h, --host=                Connect to manager on host
  -p, --port=              Use port number
  -V, --version                    Print version.
  -v, --verbose                    Verbose messages (WARNING: may reveal passwords).
  --use-certs                      Use client certificates to authenticate.
  --client-cert=        Client certificate. Default: /usr/local/var/lib/openvas/CA/clientcert.pem
  --client-key=          Client key. Default: /usr/local/var/lib/openvas/private/CA/clientkey.pem
  --client-ca-cert=     Client CA certificate. Default: /usr/local/var/lib/openvas/CA/cacert.pem
  -u, --username=        OMP username
  -w, --password=        OMP password
  --config-file=      Configuration file for connection parameters.
  -P, --prompt                     Prompt to exit.
  -O, --get-omp-version            Print OMP version.
  -n, --name=                Name for create-task.
  -C, --create-task                Create a task.
  -m, --comment=             Comment for create-task.
  -c, --config=            Config for create-task.
  -t, --target=            Target for create-task.
  -E, --delete-report              Delete one or more reports.
  -D, --delete-task                Delete one or more tasks.
  -R, --get-report                 Get report of one task.
  -F, --get-report-formats         Get report formats. (OMP 2.0 only)
  -f, --format=            Format for get-report.
  --filter=                Filter string for get-report
  -G, --get-tasks                  Get status of one, many or all tasks.
  -g, --get-configs                Get configs.
  -T, --get-targets                Get targets.
  -i, --pretty-print               In combination with -X, pretty print the response.
  -S, --start-task                 Start one or more tasks.
  -M, --modify-task                Modify a task.
  --ping                           Ping OMP server
  --timeout=               Wait seconds for OMP ping response
  --file                           Add text in stdin as file on task.
  -X, --xml=              XML command (e.g. "").  "-" to read from stdin.
  --send-file=               Replace SENDFILE in xml with base64 of file.
  --details                        Enable detailed view.


你可能感兴趣的:(学习心得)