openvas-manager Package Description

The OpenVAS-Manager is a layer between OpenVAS-Scanner and various client applications such as OpenVAS-Client or Greenbone Security Assistant. Among other features, it adds server-side storage of scan results and it makes it unnecessary for scan clients to keep connection until a scan finishes.

openvas-manager Homepage | Kali openvas-manager Repo

  • Author: OpenVAS
  • License: GPLv2

Tools included in the openvas-manager package

greenbone-certdata-sync – Sync CERT data
[email protected]:~# greenbone-certdata-sync --help
/usr/sbin/greenbone-certdata-sync: Sync CERT data
 --describe display current feed info
 --feedversion  display version of this feed
 --help     display this help
 --identify display information
 --refresh  update database without downloading new state
 --selftest perform self-test
 --version  display version

greenbone-scapdata-sync – Sync SCAP data

[email protected]:~# greenbone-scapdata-sync --help
/usr/sbin/greenbone-scapdata-sync: Sync SCAP data
 --describe        display current feed info
 --feedversion     display version of this feed
 --help            display this help
 --identify        display information
 --refresh         update database without downloading new state
 --refresh-private update database using only user data
 --selftest        perform self-test
 --version         display version
 --verbose         enable verbose log messages

openvasmd – Manager of the Open Vulnerability Assessment System

[email protected]:~# openvasmd --help
Usage:
  openvasmd [OPTION...] - Manager of the Open Vulnerability Assessment System

Help Options:
  -h, --help                              Show help options

Application Options:
  --backup                                Backup the database.
  -d, --database=<file>                   Use <file> as database.
  --disable-cmds=<commands>               Disable comma-separated <commands>.
  --disable-encrypted-credentials         Do not encrypt or decrypt credentials.
  --disable-password-policy               Do not restrict passwords to the policy.
  -f, --foreground                        Run in foreground.
  -a, --listen=<address>                  Listen on <address>.
  --listen2=<address>                     Listen also on <address>.
  -m, --migrate                           Migrate the database and exit.
  --create-credentials-encryption-key     Create a key to encrypt credentials.
  --encrypt-all-credentials               (Re-)Encrypt all credentials.
  --otp                                   Serve OTP too.
  -p, --port=<number>                     Use port number <number>.
  --port2=<number>                        Use port number <number> for address 2.
  --rebuild                               Rebuild the NVT cache and exit.
  -l, --slisten=<address>                 Scanner (openvassd) address.
  -s, --sport=<number>                    Scanner (openvassd) port number.
  -u, --update                            Update the NVT cache and exit.
  -v, --verbose                           Print progress messages.
  --version                               Print version and exit.

openvas-certdata-sync – Sync CERT advisory data

[email protected]:~# openvas-certdata-sync --help
/usr/sbin/openvas-certdata-sync: Sync CERT advisory data
OpenVAS administrator functions:
 --refresh      refresh database without downloading feed data
 --selftest     perform self-test
 --identify     display information
 --version      display version
 --describe     display current CERT feed info
 --feedversion   display current CERT feed version

Environment variables:
CERT_DIR             where to place CERT advisories
OV_CERT_RSYNC_FEED   URL of rsync feed
TMPDIR               temporary directory used to download the files
PRIVATE_SUBDIR       subdirectory to exclude from deletion by rsync

openvas-scapdata-sync – Sync SCAP data using different protocols

[email protected]:~# openvas-scapdata-sync --help
/usr/sbin/openvas-scapdata-sync: Sync SCAP data using different protocols
 --rsync        sync with rsync (default)
 --refresh      update database without downloading feed data
 --refresh-private  update database only using private data
 --check        just checksum check
OpenVAS administrator functions:
 --selftest perform self-test
 --identify display information
 --version  display version
 --describe display current scap feed info
 --feedversion   display current scap feed version
 --dst-dir <dir>    SCAP destination directory
Options:
 --verbose       enable verbose log messages

Environment variables:
SCAP_DIR        where to extract plugins (absolute path)
OV_RSYNC_FEED   URL of rsync feed
OV_HTTP_FEED    URL of http feed
TMPDIR      temporary directory used to download the files
PRIVATE_SUBDIR  subdirectory to exclude from deletion by rsync
Note that you can use standard ones as well (e.g. http_proxy) for wget/curl

openvasmd Usage Example

Start the daemon on localhost (-a 127.0.0.1), port 9390 (-p 9390) and connect to the scanner daemon on localhost (-l 127.0.0.1), port 9391 (-s 9391):

[email protected]:~# openvasmd -a 127.0.0.1 -p 9390 -l 127.0.0.1 -s 9391

openvas-certdata-sync Usage Example

[email protected]:~# openvas-certdata-sync
[i] This script synchronizes a CERT advisory directory with the OpenVAS one.
[i] CERT dir: /var/lib/openvas/cert-data
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured CERT data rsync feed: rsync://feed.openvas.org:/cert-data

OpenVAS feed server - http://openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report problems to [email protected]

receiving incremental file list

openvas-scapdata-sync Usage Example

[email protected]:~# openvas-scapdata-sync
[i] This script synchronizes a SCAP data directory with the OpenVAS one.
[i] SCAP dir: /var/lib/openvas/scap-data
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured SCAP data rsync feed: rsync://feed.openvas.org:/scap-data
OpenVAS feed server - http://openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report problems to [email protected]

receiving incremental file list