[prev in list] [next in list] [prev in thread] [next in thread]
List: openvas-cvs
Subject: [Openvas-commits] r984 - trunk/doc/openvas-compendium
From: scm-commit () wald ! intevation ! org
Date: 2008-06-30 9:08:59
Message-ID: 20080630090859.3F283406C1 () pyrosoma ! intevation ! org
[Download RAW message or body]
Author: mwiegand
Date: 2008-06-30 11:08:58 +0200 (Mon, 30 Jun 2008)
New Revision: 984
Modified:
trunk/doc/openvas-compendium/openvas-compendium.tex
Log:
Improved readability, improved hyperlatex support, updated client description, \
replaced "Nessus" with "OpenVAS" where appropriate.
Modified: trunk/doc/openvas-compendium/openvas-compendium.tex
===================================================================
--- trunk/doc/openvas-compendium/openvas-compendium.tex 2008-06-27 22:42:46 UTC (rev \
983)
+++ trunk/doc/openvas-compendium/openvas-compendium.tex 2008-06-30 09:08:58 UTC (rev \
984) @@ -51,6 +51,8 @@
\newcommand{\compendiumversion}{0.0.2-svn}
\newcommand{\compendiumdate}{20080618}
\newcommand{\compendiumauthor}[1]{\begin{small}(by {#1})\end{small}}
+\newcommand{\hyperurl}[1]{\htmlonly{\xml{p}\small
+\xlink{{#1}}{{#1}}\xml{br}}\texonly{\small{#1}}}
% for a consistent appearance of key names
\newcommand{\openvasd}{openvasd}
@@ -100,7 +102,7 @@
Creative Commons License Attribution-ShareAlike 3.0 Unported
-\url{http://creativecommons.org/licenses/by-sa/3.0/deed.en}
+\hyperurl{http://creativecommons.org/licenses/by-sa/3.0/deed.en}
Special Thanks to:\\
XXX YYY for ZZZ (2008).\\
@@ -119,11 +121,12 @@
\subsection{About the OpenVAS Project}
OpenVAS stands for Open Vulnerability Assessment System and is a network
-security scanner with associated tools like a graphical user fontend. The core
+security scanner with associated tools like a graphical user front-end. The core
is a server component with a set of network vulnerability tests (NVTs) to detect
security problems in remote systems and applications.
-OpenVAS products are Free Software under GNU GPL and a fork of Nessus.
+OpenVAS products are Free Software under GNU GPL and a fork of the Nessus
+security scanner.
\subsection{About the OpenVAS Software}
@@ -154,37 +157,39 @@
on OpenVAS, you should compare your targets with the coverage
of the currently available OpenVAS vulnerability tests.
-One the one hand, the OpenVAS Server (actually its module
-``openvas-plugins'') delivers a base set of tests.
-The update cycle of this packages is quite long compared to
+Please be aware that the OpenVAS server (actually its module
+``openvas-plugins'') delivers only a base set of tests.
+The update cycle of this base set is quite long compared to
the occurrence of new vulnerabilities and respective tests.
New or changed tests are delivered via so-called ``feed services''.
-If you evaluate the coverage of tests, you should stress more on the
-quality of the feed services than on the snapshot set of tests
-delivered by openvas-plugins. A feed service usually defines some
-targets they cover with up-to-date tests. The contents
-of openvas-plugins is usually outdated.
+If you want to test your network against the latest threats, a successful
+outcome will depend on the quality of your feed service. Although the set of
+tests provided by ``openvas-plugins'' will detect a large range of older,
+well-known vulnerabilities, it will most probably be outdated by the time you
+use it and will not be able to detect the most recent vulnerabilities. In order
+to stay up-to-date with the latest security threats, you will need a feed
+service that provides you with the most recent tests for these threats.
The OpenVAS project maintains a feed of its own:
http://www.openvas.org/openvas-nvt-feed.html
-Now you should answer these questions to yourself and draw
-your conclusions:
+To evaluate your need for an up-to-date feed service, you should think about
+the following questions:
\begin{itemize}
-\item To what extent cover the available feeds and their maintained
- families my audit target?
-\item In case your plan a permanent auditing solution and not just a single
- shot: How sustainable are the feeds organized?
+\item To what extent do the available feeds and their maintained
+ families cover my audit target?
+\item In case you are planning a permanent auditing solution and not just a
+single shot: How sustainable are is the feed service organized?
\end{itemize}
\subsection{Select Location and Type of Scan-Server}
-When planning the installation of a OpenVAS server, then
-for the location of the server machine you should basically
-look at the aimed targets:
+If you are planning to use the OpenVAS security scanner in your network, the
+best location for the machine running the server module depends on the targets
+you want to evaluate:
\begin{itemize}
\item Target is a public server:
@@ -193,14 +198,15 @@
as various attacks do: from a remote network.
If you are only interested in these tests,
you may use a arbitrary location of your OpenVAS
- server outside of the targetted network.
+ server outside of the targeted network.
- However, you should clarify with the system
- administration of the target, that OpenVAS will
- run against these machines.
- Port scanning and frequent access/probing might
- else be regarded an attack and will be reacted
- upon legally or technically.
+ However, you are advised to contact the
+ administration of the target systems beforehand and inform them that you
+ are planning on running OpenVAS against their machines.
+ Because OpenVAS will actively look for vulnerabilities on the target
+ system, a scan will under certain circumstances look like a real attack on
+ the target system and might be acted upon legally and/or technically by
+ the administration of the system in question.
\end{itemize}
\clearpage
@@ -260,7 +266,7 @@
\subsubsection{Gentoo}
\label{sec:gentoo-server}
-The ebuilds are in the gentoo portage. To get the most recent packages simply
+The ebuilds are in the Gentoo portage. To get the most recent packages simply
run:
\begin{verbatim}
@@ -318,7 +324,7 @@
\end{itemize}
where N.N.N stands for the version of OpenVAS-Client and M for the package
-release number
+release number.
For installation follow these steps as user "root" (insert the most
current version numbers):
@@ -334,7 +340,7 @@
\end{verbatim}
Note that you need to restart openvasd after each reboot and
-after each NVT synchronisation.
+after each NVT synchronization.
The corresponding source RPM files are
named openvas-MODULE-N.N.N-M.suse102.openvas.src.rpm (where MODULE is
@@ -375,7 +381,7 @@
\end{verbatim}
Note that you need to restart openvasd after each reboot and
-after each NVT synchronisation.
+after each NVT synchronization.
Also note that you may need to open the OpenVAS port to allow OpenVAS-Client to
connect from other machines. This could be done by switching off the firewall
@@ -472,9 +478,9 @@
OpenVAS-Client is an official Debian package for the distribution "unstable"
("Sid) and "testing" ("Lenny"). You can find more information about the Debian
packages on the OpenVAS-Client package page
-for Sid (at \url{http://packages.debian.org/sid/openvas-client}) and the
+for Sid (at \hyperurl{http://packages.debian.org/sid/openvas-client}) and the
OpenVAS-Client package
-page for Lenny (at \url{http://packages.debian.org/lenny/openvas-client}).
+page for Lenny (at \hyperurl{http://packages.debian.org/lenny/openvas-client}).
This means you can simply install OpenVAS-Client on Debian Sid or Debian
Lenny with the following command:
@@ -495,7 +501,7 @@
deb http://apt.intevation.de/ etch openvas
\end{verbatim}
- Then, update your package list and install OpenVAS-Client:
+Then, update your package list and install OpenVAS-Client:
\begin{verbatim}
# apt-get update
@@ -508,7 +514,7 @@
("Intrepid Ibex") which is scheduled for release in October 2008. You can find
more information about the Ubuntu
package on the OpenVAS Client package page for Intrepid Ibex (at
-\url{http://packages.ubuntu.com/intrepid/openvas-client}).
+\hyperurl{http://packages.ubuntu.com/intrepid/openvas-client}).
This means you can simply install OpenVAS-Client on Ubuntu 8.10 with the
following command:
@@ -594,9 +600,9 @@
\section{Using OpenVAS-Client}
\compendiumauthor{Jan-Oliver Wagner}
-This section is intended to explain all general elements of OpenVAS-Client
-and how to use it in a standard way. A later chapter will then address
-more specific features suitable for advanced users.
+This section is intended to explain the basic components of OpenVAS-Client
+and how to use them for day-to-day use. A later chapter addresses more specific
+features that might be of interest for advanced users.
\subsection{The Main Window}
@@ -613,7 +619,7 @@
When you first start of OpenVAS-Client, you will see only one entry
in the list: Global Settings. These settings are defaults coming with
OpenVAS-Client. They are not covering a specific selection of plugins
-since a connection to a Nessus Server is required for that. You can
+since a connection to an OpenVAS server is required for that. You can
establish a connection with a server and specify the global defaults
for a plugin selection. You should then save your preferred defaults
via menu item {}``Save Global Settings'' of menu {}``File''.
@@ -638,7 +644,7 @@
\paragraph{New}
-Adds a new task entitled {}``unnamed''.
+Adds a new task with the title {}``unnamed''.
\paragraph{Rename}
@@ -650,7 +656,7 @@
\paragraph{Remove}
This means the removal of all associated scopes and thus the removal
-action prompts for an additional confirmation.
+action prompts for a confirmation.
\subsubsection{Scopes}
@@ -667,7 +673,7 @@
The scope is associated with a full set of options for the security
scan. Creating a new scope, the general preferences are copied. The
scan options are explained in detail in a later chapter. However,
-for each scope a connection to a Nessus Server can be established.
+for each scope a connection to an OpenVAS server can be established.
Has this been done, the actual selection of the plugins being a part
of the options can be performed (a plug icon right-hand of the title
indicates the active connection). The reason is that each Nessus Server
@@ -676,7 +682,7 @@
Next, a scope may contain a number of reports. Whenever a scope is
successfully executed, the resulting report is added in its list of
-reports. Also, importing a report from a file or from a Nessus Server
+reports. Also, importing a report from a file or from an OpenVAS server
will add the report to the currently selected scope.
Please note that changes to a scope are always and only stored when
@@ -712,7 +718,7 @@
\paragraph{Remove}
This means the removal of all associated reports and thus the removal
-action prompts for an additional confirmation.
+action prompts for a confirmation.
\paragraph{Move to task}
@@ -745,9 +751,9 @@
host, port and severity.
Managed within OpenVAS-Client, additionally a comment and, if available,
-the scan options leading to the report, are stored. These additional
-information are not contained in the plain Nessus report files and
-thus get lost when being exported. This also means that imported reports
+the scan options leading to the report, are stored. This additional
+information is not contained in the plain Nessus report files and
+thus gets lost when being exported. This also means that imported reports
have no comments or scan options associated.
Possible operations for reports are:
@@ -791,100 +797,84 @@
\subsection{Authentication}
-OpenVAS-Client needs to connect to a Nessus Server in order to retrieve
+OpenVAS-Client needs to connect to an OpenVAS server in order to retrieve
the available plugins and to actually execute a security scan.
OpenVAS-Client can handle multiple connections to different servers.
Each scope has a connection of its own. Additionally, the Global Settings
-can be connected to a Nessus Server to define default plugin selections
+can be connected to an OpenVAS server to define default plugin selections
and plugin parameters. Note that only explicitly saved Global Settings
-are taken as defaults for new Scopes.
+are used as defaults for new Scopes.
%\begin{center}\includegraphics[scale=0.9]{images/authentication-dlg-en}\par
%\end{center}
The connection status is indicated with a icon in the tasks/scopes/reports
treelist next to the title of the global settings or a scope. Only
-scopes are connected with Nessus Server.
+scopes are connected with the OpenVAS server.
More information on the connection status is shown in the statusbar
at the bottom of the main window. There, the actual connection information
is displayed, i.e.. {}``Connection: username@host.test.example''.
-At bottom right there is an icon indicating whether the connection
-is encrypted or not, just like most web browsers indicate this.
+At bottom right there is an icon indicating the connection status.
-The connection dialog allows to specify the following data for establishing
-a connection to a Nessus Server:
+The connection dialog allows to specify the following settings for establishing
+a connection to an OpenVAS server:
\paragraph{Host}
-The domain name or IP of the server where a Nessus Server is running.
+The domain name or IP address of the server where an OpenVAS server is running.
\paragraph{Port}
-The port where the Nessus Server waits for connections. Older Nessus
+The port where the OpenVAS Server waits for connections. Older Nessus
Servers used 3001, but the official port now is 1241. With the default
-button you can always return to this default quickly.
+button you can reset this option to its default.
\paragraph{Login}
-Your username at the selected host. To use a Nessus Server you have
-to have an account for the Nessus Server. The administrator of the
-server should create one for you.
+Your username on the selected OpenVAS server. To use an OpenVAS server you have
+to have an account on the OpenVAS server. Please contact the administrator of
+the server if you need an account.
\paragraph{Password}
-The password for your Nessus Server account. Don't use the same one
-you have for your other user accounts and especially if you ever use
-unencrypted connections.
+The password for your account on the OpenVAS server.
-\paragraph{SSL Options}
+\paragraph{Authentication by Certificate:}
+If you use this method you have to have a key/certificate pair created
+for you. This is usually done by the administrator of OpenVAS server
+using the corresponding scripts. The administrator will give you the
+two files you need to specify (User Certificate File and User Key
+File). The administrator may create a key without a password or with
+a password. If you have a password for the User Key File you must
+enter the password in the corresponding textentry.
-\subparagraph{Use SSL encryption:}
-For the authentication there are two basic methods, via login/password
-combination or via certificate (with or without password). In any
-case you should switch on SSL encryption to not have the password
-transferred as cleartext. However, if you are in an environment where
-you don't get SSL to work, switching it off is the work around to
-run Nessus at last.
-
-
\subparagraph{Trusted CA:}
This certificate defines a certificate authority (CA) you trust. With
-this certificate you will check that you are connecting to a trusted
-Nessus Server. This is checked if you have the Paranoia Level set
-to 2 or 3, it is not checked with a Paranoia Level of 1. Note, that
+this certificate you will be able to check that you are connecting to a trusted
+OpenVAS server. This is checked if you have the ``Paranoia Level'' set
+to 2 or 3 and is is not checked with a ``Paranoia Level'' of 1. Note that
you can set the Paranoia Level by hand in the nessusrc files or when
-first connecting to a Nessus Server where you are asked explicitly.
+first connecting to an OpenVAS server where you are asked explicitly.
-The default path for the Trusted CA is the filename used by the Nessus
-Server itself. Thus, if you are running Nessus Client on the same
+The default path for the Trusted CA is the filename used by the OpenVAS server
+itself. Thus, if you are running OpenVAS-Client on the same
machine or have the same volume mounted, you can just use the default.
-If you are running Nessus Client from a more remote machine, you
-need to have a copy of the CA certificate and place it to some arbitrary
-place in your home directory.
+If you are running OpenVAS-Client from a remote machine, you need to have a copy
+of the CA certificate and set the location of the certificate file
+manually.
-\subparagraph{Authentication by Certificate:}
-
-If you use this method you have to have a key/certificate pair created
-for you. This is usually done by the administrator of Nessus Server
-using the corresponding scripts. The administrator will give you the
-two files you need to specify (User Certificate File and User Key
-File). The administrator may create a key without a password or with
-a password. If you have a password for the User Key File you must
-enter the password in the corresponding textentry.
-
-
\subsection{Scan Options}
This section explains the most important configuration options for
@@ -900,34 +890,34 @@
\paragraph{Port range}
-Ports that will be scanned by Nessus Server. You can enter single
+Ports that will be scanned by the OpenVAS server. You can enter single
ports, such as {}``1-8000'' or more complex sets, such as
{}``21,23,25,1024-2048,6000''.
Put {}``-1'' for no portscan, or put {}``default'' to scan the
-default ports in the Nessus services file.
+default ports in the OpenVAS services file.
\paragraph{Consider unscanned ports as closed}
-To save scanning time, you may ask Nessus Server to declare TCP ports
+To save scanning time, you may ask the OpenVAS server to declare TCP ports
it did not scan as closed. This will result in an incomplete audit
-but it will reduce scanning time and prevent Nessus Server from sending
+but it will reduce scanning time and prevent the OpenVAS server from sending
packets to ports you did not specify. If this option is disabled,
-then Nessus Server will consider ports whose state it does not know
+the OpenVAS server will consider ports whose state it does not know
as open.
\paragraph{Number of hosts to test at the same time}
-Maximal number of hosts that the Nessus Server will test at the same
-time. Be aware that the Nessus Server will spawn max\_hosts max\_checks
+Maximal number of hosts that the OpenVAS server will test at the same
+time. Be aware that the OpenVAS server will spawn max\_hosts max\_checks
processes!
\paragraph{Number of checks to perform at the same time}
Maximal number of security checks that will be launched at the same
-time against each host. Be aware that the Nessus Server will spawn
+time against each host. Be aware that the OpenVAS server will spawn
max\_hosts x max\_checks processes!
@@ -941,16 +931,16 @@
\paragraph{Do a reverse lookup of the IP before testing it}
-If this option is set, Nessus Server will do a reverse lookup on the
+If this option is set, the OpenVAS server will do a reverse lookup on the
IP addresses before it tests them. This may slow down the whole test.
-\paragraph{Optimise the test}
+\paragraph{Optimize the test}
-Security tests may ask the Nessus Server to be launched if and only
+Security tests may ask the OpenVAS server to be launched if and only
if some information gathered by other test exist in the knowledge
base, or if and only if a given port is open. This option speeds up
-the test, but may make Nessus Server miss some vulnerability. If you
+the test, but may cause the OpenVAS server miss some vulnerabilities. If you
are paranoid, disable this option.
@@ -958,10 +948,10 @@
Some security checks may harm the target server, by disabling the
remote service temporarily or until a reboot. If you enable this option,
-Nessus Server will rely on banners instead of actually performing
+the OpenVAS server will rely on banners instead of actually performing
a security check. You will obtain a less reliable report, but you
-will less likely disrupt the network users by doing a test. From a
-security point of view, we recommend you disable this option. From
+are less likely to disrupt functionality on the target system by doing a test.
+From a security point of view, we recommend you disable this option; from
a system administrator point of view, we recommend you enable it.
@@ -969,7 +959,7 @@
If you enable this option, the hosts on the local network will be
designated by their ethernet MAC address instead of their IP address.
-This is especially useful if you are using Nessus in a DHCP network.
+This is especially useful if you are using the OpenVAS server in a DHCP network.
If unsure, disable this option.
@@ -977,28 +967,28 @@
This is the list of available port scanners. Port scanners are a special
category of plugins and therefore presented separately from the other
-plugins. The list is only filled if a connection to a Nessus Server
-has been established. You can switch on one or more of the scanners.
+plugins. The list is only filled if a connection to an OpenVAS server
+has been established. You can activate one or more of the scanners.
Clicking on an entry shows the details for the respective scanner
plugin.
\subsubsection{Plugins}
-The plugins are stored on the Nessus Server. Thus, to make a selection
+The plugins are stored on the OpenVAS server. Thus, to make a selection
of the plugins to apply you need to connect to a server. Otherwise
this page will remain empty.
%\begin{center}\includegraphics[scale=0.9]{images/mainwindow-plugins-en}\par
%\end{center}
-The Plugins are separated into a number of families which can be as
-a whole activated or deactivated by checking the box right of family
+The Plugins are separated into a number of families which can be activated or
+deactivated as a whole by checking the box right of family
title. Also, a family can be expanded to show all of its member plugins
where you can refine the selection by activating or deactivating single
plugins using the checkbox to the right.
-The column {}``Warning'' contains warning sign for some plugins.
+The column {}``Warning'' contains a warning sign for some plugins.
The warning sign means that this plugin may harm the target host by
disabling the attacked service or by crashing the host. You should
be careful when you enable it since it may force you to reboot your
@@ -1034,26 +1024,26 @@
\subparagraph{Enable dependencies at runtime}
-If you enable this option, then Nessus Server will enable the plugins
-that are depended on by the set of plugins you selected.
+If you enable this option, the OpenVAS server will automatically enable the
+plugins needed by the set of plugins you selected.
\subparagraph{Silent dependencies}
-If you enable this option, then Nessus Server will not report data
+If you enable this option, the OpenVAS server will not report data
coming from the plugins that you did not specifically enable.
\subparagraph{Filter}
The filter dialog lets you select plugins with the characteristics
-you want. \textbf{Note}, that you will erase your previous selection
-immediately with applying a filter.
+you want. \textbf{Note} that you will erase your previous selection
+by applying a filter.
\paragraph{Plugin information dialog}
-Double-Clicking on a specific plugin title will raise a information
+Double-clicking on a specific plugin title will raise a information
dialog for the respective plugin.
The information shown are the ones specified within the corresponding
@@ -1064,21 +1054,21 @@
\subparagraph{Set plugin timeout}
-Allows to specify a timeout for the plugin.
+Allows you to specify a timeout for the plugin.
\subparagraph{Show dependencies}
-Another info dialog is raised listing up the dependencies for the
-plugin. Also it is provided a hint whether the dependencies are currently
+This lists the dependencies for the selected plugin. It also provides
+information on whether the dependencies are currently
enabled or disabled.
\subsubsection{Credentials}
Some of the plugins allow to enter credentials to test certain applications,
-for example Samba or Web-Sites (HTTP). These plugins work the very
-same way as the plugins listed in the {}``Plugin Preferences'' list.
+for example Samba or websites (HTTP). These plugins work the same way as the
+plugins listed in the {}``Plugin Preferences'' list.
For better handling they are collected under {}``Credentials''.
%\begin{center}\includegraphics[scale=0.9]{images/mainwindow-credentials-en}
@@ -1094,7 +1084,7 @@
%\begin{center}\includegraphics[scale=0.9]{images/mainwindow-pluginprefs-en}
%\par\end{center}
-Only a comparably small number of plugins offers a configuration.
+Only a comparably small number of plugins offer a configuration.
\subsubsection{Target Selection}
@@ -1105,15 +1095,13 @@
\paragraph{Target(s)}
-The first host(s) that will be attacked by Nessus Server. The options
+The first host(s) that will be attacked by the OpenVAS server. The options
below allow you to extend the test to a larger set of computer. You
may define several primary targets by separating them with a comma
(,). i.e. : {}``host1,host2''.
A special syntax is {}``file:/some/where/targetlist.txt'' which
-means that the actual target names are loaded from that list. See
-for the file syntax also below the description for the button {}``Read
-from file''.
+means that the actual target names are loaded from that list.
\paragraph{Read from file}
@@ -1125,9 +1113,9 @@
\paragraph{Perform a DNS Zone transfer}
-Nessus Server will perform an AXFR request (that is, a zone transfer)
+The OpenVAS server will perform an AXFR request (that is, a zone transfer)
to the target name server and will attempt to obtain the list of the
-hosts of the target domain. Then, it will test each host.
+hosts in the target domain. Then, it will test each host.
\subsection{Reports}
@@ -1136,7 +1124,7 @@
\subsubsection{Report Page of OpenVAS-Client}
The report page consists of 3 elements. On the left hand a tree list
-allows to browser via hosts, ports and severity to single reports.
+allows you to browser via hosts, ports and severity to single reports.
On top of this treelist is a selection for re-ordering the tree structure.
On the right hand the text area contains the actual report text. The
whole design is focused on supporting an explorative understanding
@@ -1151,7 +1139,7 @@
The scan results can be exported into a number of formats. Basically
it can be distinguished between 3 types of formats: Interchange-Formats,
Editable Documents and Read-only Documents. The last type currently
-is the PDF Report file. With a capable view it allows to browse back
+is the PDF Report file. With a capable viewer it allows to browse back
and forth through the document using the various inserted hyperlinks.
For further information see the section about the menu command
@@ -1167,8 +1155,8 @@
OpenVAS-Client allows to specify some individual preferences that
determine some ways how the client GUI works.
-\begin{center}\includegraphics[scale=0.9]{images/preferences-dlg-en}\par
-\end{center}
+%\begin{center}\includegraphics[scale=0.9]{images/preferences-dlg-en}\par
+%\end{center}
The following selection are available:
@@ -1185,7 +1173,7 @@
each time.
-\subsubsection{Connection to Nessus Server}
+\subsubsection{Connection to the OpenVAS server}
\paragraph{Automatically connect}
@@ -1210,7 +1198,7 @@
First, reconnecting the same scope might be much faster because MD5
check sums are used to find out about changed and new plugins. Only
the changes will be downloaded. Of course, connecting to a different
-Nessus server will usually force a new download of all plugins.
+OpenVAS server will usually force a new download of all plugins.
Second, all plugin information are available even when the server
has not been connected. Thus you can review which plugins are selected
@@ -1224,7 +1212,7 @@
for each scope. If this means a problem, you should disable this feature.
If you want to remove the caches, search for the files
{}``nessus\_plugin\_cache''
-in your Nessus directory ({}``\textasciitilde{}/.nessus''). Simply
+in your OpenVAS directory ({}``\textasciitilde{}/.openvas''). Simply
deleting them is sufficient.
@@ -1238,7 +1226,7 @@
Again, the downside is that several Megabytes of cache per report will
be generated. Disable this option if this means a problem. If you
want to remove the caches, search for the files {}``nessus\_plugin\_cache''
-in your Nessus directory ({}``\textasciitilde{}/.nessus''). Simply
+in your Nessus directory ({}``\textasciitilde{}/.openvas''). Simply
deleting them is sufficient.
@@ -1249,7 +1237,7 @@
nor the plugin preferences. So, in fact this option could remove the
second effect of the above described option {}``Cache plugin information
when connecting'' for the benefit of avoiding to load possibly huge
-caches once clicking on a scope entry.
+caches once clicking on a scope entry.
\subsubsection{Report}
@@ -1270,12 +1258,12 @@
\subsubsection{External Links in HTML/PDF}
These settings determine the URLs for linking more information on
-Nessus Plugin, CVE/CAN and BugTraq ID in Reports of format HTML or
-PDF. The defaults as shown in the screenshots are recommended since
-there up-to-date information are to be found. The defaults are reactivated
-when field is left empty.
+OpenVAS NVTs, CVE/CAN and BugTraq IDs in HTML or PDF reports. The defaults as
+shown in the screenshots are recommended since these are the definitive
+sources for up-to-date information. The defaults are
+restored when the fields are left empty.
-In case you want to package a Nessus report with e.g. CVE/CAN details
+In case you want to package an OpenVAS report with e.g. CVE/CAN details
for offline-reading, you may enter an appropriate definition like
``mitre/\%s/\%s/\%s.html''
in case you have a directory structure relative to the report file
@@ -1283,8 +1271,8 @@
is the year and nnnn is the number of the record. Then you could package
all files together.
-Note, that the strings defined here are filled into the html link
-parameter ``href'' as it is. The tool ``htmldoc'' is issued to produce
+Note, that the strings defined here are inserted into the html link
+parameter ``href'' as they are. The tool ``htmldoc'' is used to produce
a pdf out of this html report. Depending on the version and features
the created links in the PDF file may be created differently.
@@ -1304,7 +1292,7 @@
\subsubsection{Prerequisites}
-If you do not have a running OpenVAS Server yet, you need to compile and install
+If you do not have a running OpenVAS server yet, you need to compile and install
at least these packages (minimum versions given):
\begin{itemize}
\item openvas-libraries 1.0.0
@@ -1332,7 +1320,7 @@
$ openssl pkcs8 -topk8 -v2 des3 -in ~/.ssh/id_rsa_sshovas -out sshovas_rsa.p8
\end{verbatim}
-Note: The comment (here: "OpenVAS-Local-Security-Checks-Key") should not
+Note: The comment (here: "OpenVAS-Local-Security-Checks-Key") must not
contain spaces.
Currently, you need a rsa pkcs8 key for OpenVAS local security checks.
@@ -1463,7 +1451,7 @@
\compendiumauthor{Jan-Oliver Wagner}
\subsubsection{How to use Security Local Auditing Daemon (SLAD) with OpenVAS}
-Homepage: \url{http://www.dn-systems.org/slad.shtml}
+Homepage: \hyperurl{http://www.dn-systems.org/slad.shtml}
This description is a quick guide how you get first results with SLAD via
OpenVAS. For real production mode you should make yourself familiar with the
@@ -1473,7 +1461,7 @@
\begin{enumerate}
\item Download SLADinstaller from
-\url{http://www.dn-systems.org/boss/slad2/sladinstaller-1.1.tar.gz}
+\hyperurl{http://www.dn-systems.org/boss/slad2/sladinstaller-1.1.tar.gz}
\item You may want to apply this patch:
\begin{verbatim}
@@ -1855,11 +1843,11 @@
Nothing in this license impairs or restricts the author's moral rights.\\
To view the full licensing agreement, visit
\begin{center}
- \normalsize\url{http://creativecommons.org/licenses/by-sa/3.0/}
+ \normalsize\hyperurl{http://creativecommons.org/licenses/by-sa/3.0/}
\end{center}
or mail to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, \
California, 94105, USA. \end{latexonly}
-\W \url{http://creativecommons.org/licenses/by-sa/3.0/}
+\W \hyperurl{http://creativecommons.org/licenses/by-sa/3.0/}
\end{document}
_______________________________________________
Openvas-commits mailing list
Openvas-commits@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic