openvas-check-setup 2.2.3 Mode: server Date: Wed, 06 Nov 2013 17:21:08 +0100 Checking for old OpenVAS Scanner <= 2.0 ... ./openvas-check-setup: line 171: openvasd: command not found Checking presence of OpenVAS Scanner ... OpenVAS Scanner 4.0+beta2 Nessus origin: (C) 2004 Renaud Deraison Most new code since OpenVAS: (C) 2013 Greenbone Networks GmbH License GPLv2: GNU GPL version 2 This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Checking OpenVAS Scanner version ... OK: OpenVAS Scanner is present in version 4.0+beta2. plugins_folder = /var/lib/openvas/plugins cache_folder = /var/cache/openvas include_folders = /var/lib/openvas/plugins max_hosts = 30 max_checks = 10 be_nice = no logfile = /var/log/openvas/openvassd.messages log_whole_attack = no log_plugins_name_at_load = no dumpfile = /var/log/openvas/openvassd.dump rules = /etc/openvas/openvassd.rules cgi_path = /cgi-bin:/scripts optimize_test = yes checks_read_timeout = 5 network_scan = no non_simult_ports = 139, 445 plugins_timeout = 320 safe_checks = yes auto_enable_dependencies = yes use_mac_addr = no nasl_no_signature_check = yes drop_privileges = no unscanned_closed = yes vhosts = vhosts_ip = report_host_details = yes cert_file = /var/lib/openvas/CA/servercert.pem key_file = /var/lib/openvas/private/CA/serverkey.pem ca_file = /var/lib/openvas/CA/cacert.pem reverse_lookup = no config_file = /etc/openvas/openvassd.conf Checking OpenVAS Scanner CA cert ... OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem. Checking NVT collection ... OK: NVT collection in /var/lib/openvas/plugins contains 32762 NVTs. Checking status of signature checking in OpenVAS Scanner ... WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner. SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html). OK: The NVT cache in /var/cache/openvas contains 32762 files for 32762 NVTs. Checking presence of OpenVAS Manager ... OpenVAS Manager 5.0+beta2 Manager DB revision 99 Copyright (C) 2010-2013 Greenbone Networks GmbH License GPLv2+: GNU GPL version 2 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. OK: OpenVAS Manager is present in version 5.0+beta2. Checking OpenVAS Manager client certificate ... OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem. Checking OpenVAS Manager database ... OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db. Checking access rights of OpenVAS Manager database ... OK: Access rights for the OpenVAS Manager database are correct. Checking sqlite3 presence ... OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled. Checking OpenVAS Manager database revision ... OK: OpenVAS Manager database is at revision 99. Checking database revision expected by OpenVAS Manager ... OK: OpenVAS Manager expects database at revision 99. OK: Database schema is up to date. Checking OpenVAS Manager database (NVT data) ... OK: OpenVAS Manager database contains information about 32762 NVTs. Checking OpenVAS SCAP database ... OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db. Checking OpenVAS CERT database ... OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db. Checking xsltproc presence ... OK: xsltproc found. Checking status of password policy ... WARNING: Your password policy is empty. SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy. Checking presence of Greenbone Security Assistant ... Greenbone Security Assistant 5.0+beta2 Copyright (C) 2010-2013 Greenbone Networks GmbH License GPLv2+: GNU GPL version 2 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. OK: Greenbone Security Assistant is present in version 5.0+beta2. SKIP: Skipping check for OpenVAS CLI. SKIP: Skipping check for Greenbone Security Desktop. Checking netstat presence ... OK: netstat found, extended checks of the OpenVAS services enabled. Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2790/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 5311/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3868/master tcp 0 0 127.0.0.1:9390 0.0.0.0:* LISTEN 21581/openvasmd tcp 0 0 127.0.0.1:9391 0.0.0.0:* LISTEN 16679/openvassd: wa tcp 0 0 127.0.0.1:9392 0.0.0.0:* LISTEN 17218/gsad OK: OpenVAS Scanner is running and listening only on the local interface. OK: OpenVAS Scanner is listening on port 9391, which is the default port. WARNING: OpenVAS Manager is running and listening only on the local interface. This means that you will not be able to access the OpenVAS Manager from the outside using GSD or OpenVAS CLI. SUGGEST: Ensure that OpenVAS Manager listens on all interfaces. OK: OpenVAS Manager is listening on port 9390, which is the default port. WARNING: Greenbone Security Assistant is running and listening only on the local interface. This means that you will not be able to access the Greenbone Security Assistant from the outside using a web browser. SUGGEST: Ensure that Greenbone Security Assistant listens on all interfaces. OK: Greenbone Security Assistant is listening on port 9392, which is the default port. Checking presence of nmap ... WARNING: Your version of nmap is not fully supported: 6.40 SUGGEST: You should install nmap 5.51. Checking presence of pdflatex ... WARNING: Could not find pdflatex binary, the PDF report format will not work. SUGGEST: Install pdflatex. Checking presence of ssh-keygen ... OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work. Checking presence of rpm ... OK: rpm found, LSC credential package generation for RPM based targets is likely to work. Checking presence of alien ... WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work. SUGGEST: Install alien. Checking presence of nsis ... WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work. SUGGEST: Install nsis. Checking for SELinux ...