The OpenVAS developers are happy to announce the release of openvas-libraries
3.1.2. This release fixes a build issue that was discovered after the release
of openvas-libraries 3.1.1.
Many thanks to everyone who has contributed to this release:
Michael Wiegand.
Main changes compared to 3.1.1:
* A bug in the WMI interface stub which caused the build to fail when
configured without WMI has been fixed.
The source tarball for this release is available for download from the OpenVAS
website at http://www.openvas.org/. Binary packages for major GNU/Linux
distributions by third parties are expected in the following weeks.
Thursday, August 5, 2010
Command line client 1.0.0 released
OpenVAS CLI 1.0: Full command line client for OpenVAS Manager 1.0 now available
The OpenVAS CLI package contains the command line tool "omp" which allows to send any
command of the OpenVAS Management Protocol (OMP) in original form and some of
the commands as short cuts. This allows to create batch processes for remote
control of OpenVAS.
OpenVAS CLI is Free Software (Open Source), licensed
under GNU General Public License Version 2 or any later version.
The OpenVAS development team offers support for any efforts to create binary
packages for the various Linux distributions in order have this new tool
readily available for users as soon as possible. Please use our openvas-distro
mailing list for this purpose.
The OpenVAS CLI package contains the command line tool "omp" which allows to send any
command of the OpenVAS Management Protocol (OMP) in original form and some of
the commands as short cuts. This allows to create batch processes for remote
control of OpenVAS.
OpenVAS CLI is Free Software (Open Source), licensed
under GNU General Public License Version 2 or any later version.
The OpenVAS development team offers support for any efforts to create binary
packages for the various Linux distributions in order have this new tool
readily available for users as soon as possible. Please use our openvas-distro
mailing list for this purpose.
Web-Client GSA 1.0.0 released
Greenbone Security Assistant (GSA) 1.0: Full web-client for OpenVAS Manager 1.0 now available
GSA 1.0 represents almost 2 years of intensive work. The mission of GSA is to be
a web client to the OpenVAS Manager 1.0 via the OpenVAS Management Protocol (OMP).
GSA offers a complete implementation of OMP in order to access all features
to organize and manage OpenVAS vulnerability scans. Additionally, GSA
optionally acts as a client for the upcoming openvas-administrator using the
OpenVAS Administration Protocol (OAP) which allows e.g. management of scan users.
Central features of Greenbone Security Assistant are:
* Full OMP 1.0 client. The XML-based OMP responses are transformed into
web pages via XSLT.
* No additional web-server required. The GSA daemon (gsad) uses microhttpd
to implement a HTTP service on its own.
* Plain HTML. Neither cookies, JavaScript nor other dynamic elements are used.
GSA works stateless and uses HTTP Basic Auth.
Greenbone Security Assistant is Free Software (Open Source), licensed
under GNU General Public License Version 2 or any later version.
The OpenVAS development team offers support for any efforts to create binary
packages for the various Linux distributions in order have this new server
readily available for users as soon as possible. Please use our openvas-distro
mailing list for this purpose.
GSA 1.0 represents almost 2 years of intensive work. The mission of GSA is to be
a web client to the OpenVAS Manager 1.0 via the OpenVAS Management Protocol (OMP).
GSA offers a complete implementation of OMP in order to access all features
to organize and manage OpenVAS vulnerability scans. Additionally, GSA
optionally acts as a client for the upcoming openvas-administrator using the
OpenVAS Administration Protocol (OAP) which allows e.g. management of scan users.
Central features of Greenbone Security Assistant are:
* Full OMP 1.0 client. The XML-based OMP responses are transformed into
web pages via XSLT.
* No additional web-server required. The GSA daemon (gsad) uses microhttpd
to implement a HTTP service on its own.
* Plain HTML. Neither cookies, JavaScript nor other dynamic elements are used.
GSA works stateless and uses HTTP Basic Auth.
Greenbone Security Assistant is Free Software (Open Source), licensed
under GNU General Public License Version 2 or any later version.
The OpenVAS development team offers support for any efforts to create binary
packages for the various Linux distributions in order have this new server
readily available for users as soon as possible. Please use our openvas-distro
mailing list for this purpose.
Thursday, July 29, 2010
gsa-desktop 0.1.0 released
Those of you watching the SVN commits and the OpenVAS website closely will
already have noticed it: Our newest OpenVAS module just had it's first
release.
The newest member of the OpenVAS family is called gsa-desktop and is a Qt
based OMP client with the ultimate goal of providing an alternative to the
Gtk based OpenVAS-Client while offering the full potential of OMP.
We invite you to try out gsa-desktop and are looking forward to your feedback.
Please keep in mind that gsa-desktop is still in an early stage and does not
yet cover all the functionality provided by OMP. Please read the INSTALL and
README files provided and feel free to ask on the OpenVAS mailing lists if
you have questions.
already have noticed it: Our newest OpenVAS module just had it's first
release.
The newest member of the OpenVAS family is called gsa-desktop and is a Qt
based OMP client with the ultimate goal of providing an alternative to the
Gtk based OpenVAS-Client while offering the full potential of OMP.
We invite you to try out gsa-desktop and are looking forward to your feedback.
Please keep in mind that gsa-desktop is still in an early stage and does not
yet cover all the functionality provided by OMP. Please read the INSTALL and
README files provided and feel free to ask on the OpenVAS mailing lists if
you have questions.
OpenVAS Manager 1.0 released
Substantial Technology Adance: Vulnerability Management with OpenVAS Manager 1.0
OpenVAS Manager 1.0 represents almost 2 years of intensive work. The mission of
OpenVAS Manager is to offer powerful and comfortable vulnerability management on
top of the actual vulnerability scanner, OpenVAS Scanner 3.1.
The OpenVAS Manager is a layer between the OpenVAS Scanner and various client
applications. The upcoming clients cover web, desktop and command line
technology and will replace the classic OpenVAS Client.
Central features of OpenVAS Manager are:
* New XML-based protocol OMP (OpenVAS Management Protocol) which client tools
use to control scans, results, etc.
* SQL database where configurations, scan results etc. are stored. Thus, clients
do not need to keep local storage anymore.
* Full control of scan processes. This includes multiple concurrent scans as
well as stopping, pausing, resuming and not at least the scheduling of scans.
* Management of scan notes, false positives and result escalators (notification
on finished scans).
OpenVAS Manager is Free Software (Open Source), licensed under GNU General
Public License Version 2 or any later version.
The first compatible client application to be released will be the web client
GSA (Greenbone Security Assistant), approximately next week.
Beta- and alpha versions of various clients are already available for download.
The OpenVAS development team offers support for any efforts to create binary
packages for the various Linux distributions in order have this new server
readily available for users as soon as possible. Please use our openvas-distro
mailing list for this purpose.
OpenVAS Manager 1.0 represents almost 2 years of intensive work. The mission of
OpenVAS Manager is to offer powerful and comfortable vulnerability management on
top of the actual vulnerability scanner, OpenVAS Scanner 3.1.
The OpenVAS Manager is a layer between the OpenVAS Scanner and various client
applications. The upcoming clients cover web, desktop and command line
technology and will replace the classic OpenVAS Client.
Central features of OpenVAS Manager are:
* New XML-based protocol OMP (OpenVAS Management Protocol) which client tools
use to control scans, results, etc.
* SQL database where configurations, scan results etc. are stored. Thus, clients
do not need to keep local storage anymore.
* Full control of scan processes. This includes multiple concurrent scans as
well as stopping, pausing, resuming and not at least the scheduling of scans.
* Management of scan notes, false positives and result escalators (notification
on finished scans).
OpenVAS Manager is Free Software (Open Source), licensed under GNU General
Public License Version 2 or any later version.
The first compatible client application to be released will be the web client
GSA (Greenbone Security Assistant), approximately next week.
Beta- and alpha versions of various clients are already available for download.
The OpenVAS development team offers support for any efforts to create binary
packages for the various Linux distributions in order have this new server
readily available for users as soon as possible. Please use our openvas-distro
mailing list for this purpose.
OpenVAS libraries and scanner 3.1.0 release
OpenVAS libraries
The OpenVAS developers are happy to announce the release of openvas-libraries
3.1.0. This release adds a number of new features, for example support for
NTLMSSP, for LDAP authentication, for preference file uploads to memory, for
logging messages to syslog and for scanning virtual web hosts.
Many thanks to everyone who has contributed to this release:
Tim Brown, Geoff Galitz, Stephan Kleine, Goran Licina, Michael Meyer, Matthew
Mundell, Raimund Renkert, Preeti Subramanian, Jan-Oliver Wagner, Michael
Wiegand and Felix Wolfsteller.
Main changes compared to 3.0.5:
* Code cleanup: Code from openvas-administrator and openvas-manager which
could be more appropriately placed in openvas-libraries has been moved here.
* Initial support for LDAP authentication has been added.
* IPv6 support has been improved.
* Support for building parts of openvas-libraries on Windows has been added.
* Support for reading preference file uploads from memory instead of from disk
has been added.
* Support for NTLMSSP has been added.
* Authentication mechanism extended to support LDAP and ADS.
* An issue which caused SSH logins with RSA keys on remote systems to fail
under certain circumstances has been fixed.
* Support for logging to syslog has been added.
* Support for scanning virtual web hosts has been added.
The source tarball for this release is available for download from the OpenVAS
website at http://www.openvas.org/. Binary packages for major GNU/Linux
distributions by third parties are expected in the following weeks.
OpenVAS scanner
The OpenVAS developers are happy to announce the release of openvas-scanner
3.1.0. This release adds a number of new features, for example support for
soft pausing of scans, for retrieving the version of an installed NVT
collection, for automatically installing generated client certificates, for
storing uploaded preference files in memory, for dropping privileges for NASL
and NES NVTs and for scanning virtual web hosts. It also contains updated
feed synchronization scripts and removes legacy support for passwords stored
in plaintext (see OpenVAS change request #31,
http://www.openvas.org/openvas-cr-31.html).
Many thanks to everyone who has contributed to this release:
Geoff Galitz, Michael Meyer, Matthew Mundell, Jan-Oliver Wagner, Michael
Wiegand and Felix Wolfsteller.
Main changes compared to 3.0.2:
* Support for storing scanner passwords in plaintext has been removed.
* Support for dropping privileges in NASL and NES NVTs had been added.
* Support for scanning virtual web hosts has been added.
* The handling of NVTs with an invalid timestamp has been improved.
* A bug in the openvas-nvt-sync script which prevented synchronization via
http under certain circumstances has been fixed.
* Support for retrieving the version of the NVT collection has been added to
the openvas-nvt-sync and greenbone-nvt-sync scripts.
* Support for soft pausing of scans has been added.
* Support for automatically installing generated certificate file has been
added to the openvas-mkcert-client script.
* The obsolete C based NVT "ssl_cipher" has been removed from the
openvas-scanner module. It has been replaced by the NASL
implementation "secpod_ssl_ciphers.nasl".
* Support for storing an uploaded preference file in memory instead of on disk
has been added.
The source tarball for this release is available for download from the OpenVAS
website at http://www.openvas.org/. Binary packages for major GNU/Linux
distributions by third parties are expected in the following weeks.
The OpenVAS developers are happy to announce the release of openvas-libraries
3.1.0. This release adds a number of new features, for example support for
NTLMSSP, for LDAP authentication, for preference file uploads to memory, for
logging messages to syslog and for scanning virtual web hosts.
Many thanks to everyone who has contributed to this release:
Tim Brown, Geoff Galitz, Stephan Kleine, Goran Licina, Michael Meyer, Matthew
Mundell, Raimund Renkert, Preeti Subramanian, Jan-Oliver Wagner, Michael
Wiegand and Felix Wolfsteller.
Main changes compared to 3.0.5:
* Code cleanup: Code from openvas-administrator and openvas-manager which
could be more appropriately placed in openvas-libraries has been moved here.
* Initial support for LDAP authentication has been added.
* IPv6 support has been improved.
* Support for building parts of openvas-libraries on Windows has been added.
* Support for reading preference file uploads from memory instead of from disk
has been added.
* Support for NTLMSSP has been added.
* Authentication mechanism extended to support LDAP and ADS.
* An issue which caused SSH logins with RSA keys on remote systems to fail
under certain circumstances has been fixed.
* Support for logging to syslog has been added.
* Support for scanning virtual web hosts has been added.
The source tarball for this release is available for download from the OpenVAS
website at http://www.openvas.org/. Binary packages for major GNU/Linux
distributions by third parties are expected in the following weeks.
OpenVAS scanner
The OpenVAS developers are happy to announce the release of openvas-scanner
3.1.0. This release adds a number of new features, for example support for
soft pausing of scans, for retrieving the version of an installed NVT
collection, for automatically installing generated client certificates, for
storing uploaded preference files in memory, for dropping privileges for NASL
and NES NVTs and for scanning virtual web hosts. It also contains updated
feed synchronization scripts and removes legacy support for passwords stored
in plaintext (see OpenVAS change request #31,
http://www.openvas.org/openvas-cr-31.html).
Many thanks to everyone who has contributed to this release:
Geoff Galitz, Michael Meyer, Matthew Mundell, Jan-Oliver Wagner, Michael
Wiegand and Felix Wolfsteller.
Main changes compared to 3.0.2:
* Support for storing scanner passwords in plaintext has been removed.
* Support for dropping privileges in NASL and NES NVTs had been added.
* Support for scanning virtual web hosts has been added.
* The handling of NVTs with an invalid timestamp has been improved.
* A bug in the openvas-nvt-sync script which prevented synchronization via
http under certain circumstances has been fixed.
* Support for retrieving the version of the NVT collection has been added to
the openvas-nvt-sync and greenbone-nvt-sync scripts.
* Support for soft pausing of scans has been added.
* Support for automatically installing generated certificate file has been
added to the openvas-mkcert-client script.
* The obsolete C based NVT "ssl_cipher" has been removed from the
openvas-scanner module. It has been replaced by the NASL
implementation "secpod_ssl_ciphers.nasl".
* Support for storing an uploaded preference file in memory instead of on disk
has been added.
The source tarball for this release is available for download from the OpenVAS
website at http://www.openvas.org/. Binary packages for major GNU/Linux
distributions by third parties are expected in the following weeks.
Wednesday, June 30, 2010
New OpenVAS 3.1 Release Candidates(rc2) released
The OpenVAS developers are happy to announce the release of the second set of release candidates for the upcoming 3.1.0 release of both openvas-scanner and openvas-libraries.
Changes compared to the 3.0.x version include NTLMSSP support, improved IPv6 support, support for uploading preference file into memory and for soft pausing of scans. The latest set of release candidates adds support for LDAP and ADS authentication, scanning virtual web hosts, syslog logging and privilege dropping among other improvements and fixes. For more information please check the CHANGES file provided with each module.
Source tarballs for the two modules are available at
http://wald.intevation.org/frs/download.php/749/openvas-libraries-3.1.0.rc2.tar.gz
and
http://wald.intevation.org/frs/download.php/750/openvas-scanner-3.1.0.rc2.tar.gz
Binary packages for the major GNU/Linux distributions by third parties are expected in the following weeks.
Many thanks to everybody who has made this release possible.
Changes compared to the 3.0.x version include NTLMSSP support, improved IPv6 support, support for uploading preference file into memory and for soft pausing of scans. The latest set of release candidates adds support for LDAP and ADS authentication, scanning virtual web hosts, syslog logging and privilege dropping among other improvements and fixes. For more information please check the CHANGES file provided with each module.
Source tarballs for the two modules are available at
http://wald.intevation.org/frs/download.php/749/openvas-libraries-3.1.0.rc2.tar.gz
and
http://wald.intevation.org/frs/download.php/750/openvas-scanner-3.1.0.rc2.tar.gz
Binary packages for the major GNU/Linux distributions by third parties are expected in the following weeks.
Many thanks to everybody who has made this release possible.
Subscribe to:
Posts (Atom)