目录
- .githubUpdate CODEOWNERS3年前
- configUse better defaults for for ospd-openvas settings3年前
- docsMinor tweaks for the ospd-openvas manpage:4年前
- ospd_openvasFix timeout preference handling3年前
- testssatisfy linter3年前
- .coveragercAdd Circleci and Coverage conf file.6年前
- .gitignoreAdd gitignore file5年前
- .mergify.ymlAdd mergify config file3年前
- .pylintrcAdjust pylintrc3年前
- CHANGELOG.mdFix changelog conflicts3年前
- COPYINGUpdate license to AGPL-3.0+4年前
- MANIFEST.inAdd example.csv to MANIFEST.in4年前
- README.mdRemove Scrutinizer badge3年前
- poetry.lockBump black from 21.6b0 to 21.7b03年前
- poetry.tomlAdd config for using poetry4年前
- pyproject.tomlDowngrade required version for psutil to 5.5.13年前
- setup.pySet version to 21.10.0.dev1 and update requirements4年前
邀请码
ospd-openvas
This is an OSP server implementation to allow GVM to remotely control OpenVAS, see https://github.com/greenbone/openvas.
Once running, you need to configure OpenVAS for the Greenbone Vulnerability Manager, for example via the web interface Greenbone Security Assistant. Then you can create scan tasks to use OpenVAS.
Installation
Requirements
Python 3.7 and later is supported.
Beyond the ospd base library,
ospd-openvashas dependencies on the following Python packages:redispsutilpackagingThere are no special installation aspects for this module beyond the general installation guide for ospd-based scanners.
Please follow the general installation guide for ospd-based scanners:
https://github.com/greenbone/ospd/blob/master/doc/INSTALL-ospd-scanner.md
Mandatory configuration
The
ospd-openvasstartup parameter--lock-file-diror thelock_file_dirconfig parameter of theospd.confconfig file needs to point to the same location / path of thegvmddaemon and theopenvascommand line tool (Default:<install-prefix>/var/run). Examples for both are shipped within theconfigsub-folder of this project.Please see the
Detailssection of the GVM release notes for more details.Optional configuration
Please note that although you can run
openvas(launched from anospd-openvasprocess) as a user without elevated privileges, it is recommended that you startopenvasasrootsince a number of Network Vulnerability Tests (NVTs) require root privileges to perform certain operations like packet forgery. If you runopenvasas a user without permission to perform these operations, your scan results are likely to be incomplete.As
openvaswill be launched from anospd-openvasprocess with sudo, the next configuration is required in the sudoers file:add this line to allow the user running
ospd-openvas, to launchopenvaswith root permissionsIf you set an install prefix, you have to update the path in the sudoers file too:
Usage
There are no special usage aspects for this module beyond the generic usage guide.
Please follow the general usage guide for ospd-based scanners:
https://github.com/greenbone/ospd/blob/master/doc/USAGE-ospd-scanner.md
Support
For any question on the usage of ospd-openvas please use the Greenbone Community Portal. If you found a problem with the software, please create an issue on GitHub. If you are a Greenbone customer you may alternatively or additionally forward your issue to the Greenbone Support Portal.
Maintainer
This project is maintained by Greenbone Networks GmbH.
Contributing
Your contributions are highly appreciated. Please create a pull request on GitHub. Bigger changes need to be discussed with the development team via the issues section at GitHub first.
For development you should use poetry to keep you python packages separated in different environments. First install poetry via pip
Afterwards run
in the checkout directory of ospd-openvas (the directory containing the
pyproject.tomlfile) to install all dependencies including the packages only required for development.The ospd-openvas repository uses autohooks to apply linting and auto formatting via git hooks. Please ensure the git hooks are active.
License
Copyright (C) 2018-2021 Greenbone Networks GmbH
Licensed under the GNU Affero General Public License v3.0 or later.