About

Try out OpenVAS

Information/Howtos

Books

German:

User Support

Mailing Lists

Developer Support

Download

OpenVAS 3.1

Classic Setup

Full Setup

OpenVAS 3.0

OpenVAS 2.0

Server components

Client

Documents

OpenVAS Compendium

More

NVT Lookup by OID

(replace 61039 by any other old-style ID)

OpenVAS Frequently Asked Questions

This page is meant to help you. If you have a question that does not appear here, please ask us via e-mail or IRC. If you have a question (and hopefully an answer) that you think should appear here, please let us know.

The Questions

My client is complaining about bad protocol, bad nessus protocol or about the specified protocol and does not connect.
Is there a Windows Client?
How are local tests conducted on nodes?
How can I make sure I won't write duplicate NASL tests?
Why does OpenVAS complain that certain plugins are missing when they seem to be available?
I am not getting all the results I expect.
I am getting inconsistent results for the same host or hosts
Where is the code/API documentation?
What port number should OpenVAS run on?
What dependancies do I need for compiling OpenVAS?

The Answers

My client is complaining about bad protocol, bad nessus protocol, or about the specified protocol and does not connect.

For example: 

Unable to establish a connection to the remote host using the specified protocol version!

Your client (or server) is too old. Make sure the major version numbers of the client and server match. For example, OpenVAS-Client and OpenVAS-server should both be version 2.x.

This message may vary depending on the combination of the client and server that is running. Some OS distributions ship incompatible client and server combinations.

Is there a Windows client?

Yes and no. A Windows client exists for version 1.x, but not yet for 2.x. The 2.x Windows client is in progress.

How are local tests conducted on nodes?

There are various mechanisms.

For Linux systems SSH is used to connect and perform local tests and the SLAD mechanism can be used to perform more extensive testing (e.g. password auditing). SSH functions are defined in the ssh_func.inc file. SLAD functions are defined in the slad_ssh.inc file.

For Windows platforms the SMB protocol is used and implemented by the smb_nt.inc file.

How can I make sure I won't write duplicate NASL tests?

The authoratitve source for registering NASL tests is the openvas-plugins/cve_current.txt file. Tests are indexed by CVE or BID. Check for the CVE/BID of the vulnerability you are writing a test for.

Why does OpenVAS complain that certain plugins are missing when they seem to be available?

Licensing issues.

I am not getting all the results I expect.

Many tests (both local and remote) require access credentials. Make sure they are filled out.

Why am I getting so few vulnerabilities in my reports?

See Above.

I am getting inconsistent results for the same host or hosts

 Update your NVT set. Older NVTs (which come in older tarballs or in some Linux distributions) have resource contention bugs which have been fixed.

Where is the code/API documentation?

http://openvas.org/src-doc.html has all of the code documentation (produced via doxygen).

What port number should OpenVAS run on?

9390/tcp is the officially assigned network port for OpenVAS. 2.x and later versions of the software automatically run on that port, older versions may have other defaults.

What dependancies do I need for compiling OpenVAS?

The complete list is quite long, but the main packages to be aware of are: