Skip to main content

ospd based scanner for openvas

Project description

Greenbone Logo

ospd-openvas

GitHub releases PyPI code test coverage Build and test

This is an OSP server implementation to allow GVM to remotely control OpenVAS, see https://github.com/greenbone/openvas.

Once running, you need to configure OpenVAS for the Greenbone Vulnerability Manager, for example via the web interface Greenbone Security Assistant. Then you can create scan tasks to use OpenVAS.

Installation

Requirements

Python 3.7 and later is supported.

Beyond the ospd base library, ospd-openvas has dependencies on the following Python packages:

  • redis
  • psutil
  • packaging

There are no special installation aspects for this module beyond the general installation guide for ospd-based scanners.

Please follow the general installation guide for ospd-based scanners:

https://github.com/greenbone/ospd/blob/stable/doc/INSTALL-ospd-scanner.md

Mandatory configuration

The ospd-openvas startup parameter --lock-file-dir or the lock_file_dir config parameter of the ospd.conf config file needs to point to the same location / path of the gvmd daemon and the openvas command line tool (Default: <install-prefix>/var/run). Examples for both are shipped within the config sub-folder of this project.

Please see the Details section of the GVM release notes for more details.

Optional configuration

Please note that although you can run openvas (launched from an ospd-openvas process) as a user without elevated privileges, it is recommended that you start openvas as root since a number of Network Vulnerability Tests (NVTs) require root privileges to perform certain operations like packet forgery. If you run openvas as a user without permission to perform these operations, your scan results are likely to be incomplete.

As openvas will be launched from an ospd-openvas process with sudo, the next configuration is required in the sudoers file:

sudo visudo

add this line to allow the user running ospd-openvas, to launch openvas with root permissions

<user> ALL = NOPASSWD: <install prefix>/sbin/openvas

If you set an install prefix, you have to update the path in the sudoers file too:

Defaults        secure_path=<existing paths...>:<install prefix>/sbin

Usage

There are no special usage aspects for this module beyond the generic usage guide.

Please follow the general usage guide for ospd-based scanners:

https://github.com/greenbone/ospd/blob/stable/doc/USAGE-ospd-scanner.md

Support

For any question on the usage of ospd-openvas please use the Greenbone Community Portal. If you found a problem with the software, please create an issue on GitHub. If you are a Greenbone customer you may alternatively or additionally forward your issue to the Greenbone Support Portal.

Maintainer

This project is maintained by Greenbone Networks GmbH.

Contributing

Your contributions are highly appreciated. Please create a pull request on GitHub. Bigger changes need to be discussed with the development team via the issues section at GitHub first.

For development you should use poetry to keep you python packages separated in different environments. First install poetry via pip

python3 -m pip install --user poetry

Afterwards run

poetry install

in the checkout directory of ospd-openvas (the directory containing the pyproject.toml file) to install all dependencies including the packages only required for development.

The ospd-openvas repository uses autohooks to apply linting and auto formatting via git hooks. Please ensure the git hooks are active.

poetry install
poetry run autohooks activate --force

License

Copyright (C) 2018-2021 Greenbone Networks GmbH

Licensed under the GNU Affero General Public License v3.0 or later.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ospd-openvas-21.4.4.tar.gz (148.0 kB view details)

Uploaded Source

Built Distribution

ospd_openvas-21.4.4-py3-none-any.whl (107.8 kB view details)

Uploaded Python 3

File details

Details for the file ospd-openvas-21.4.4.tar.gz.

File metadata

  • Download URL: ospd-openvas-21.4.4.tar.gz
  • Upload date:
  • Size: 148.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/32.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.8 tqdm/4.62.3 importlib-metadata/4.11.1 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.8.12

File hashes

Hashes for ospd-openvas-21.4.4.tar.gz
Algorithm Hash digest
SHA256 228ed0e90278c142fee9a4cde1809785a275cdf29cda400e18a4453878fc1c11
MD5 d388574bf319c75578c92ca3b4e73493
BLAKE2b-256 498c57c17829550d7d30bfd1f96c46836661a652bfa1514213a92996cd5d3a5a

See more details on using hashes here.

Provenance

File details

Details for the file ospd_openvas-21.4.4-py3-none-any.whl.

File metadata

  • Download URL: ospd_openvas-21.4.4-py3-none-any.whl
  • Upload date:
  • Size: 107.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/32.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.8 tqdm/4.62.3 importlib-metadata/4.11.1 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.8.12

File hashes

Hashes for ospd_openvas-21.4.4-py3-none-any.whl
Algorithm Hash digest
SHA256 e2a0dcef1c00b346214be0916f5a8c894328a360c608bb733c0ed9eae0e21db4
MD5 0c8dab08430934a7aea358eccc623bde
BLAKE2b-256 2b3c2497357a43f2002405db7ab845439f4b3f7ef7a65bc535ad7c4aba2a7ee6

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page