what is the Vulnerability Scanner tool in freebsd14.1 ?

[fff2024g]

dear all :
I want a vulnerability scanner tool in FreeBSD 14.1, could you advise some tools for me? Thanks.
i just want to find a tools in freebsd14.1 ,and use it scan my client computer Vulnerability through Lan network or internet network . thanks.

 

[SirDice]

Don't know how good it is but it should get you started: security/openvas

 

[fff2024g]

Don't know how good it is but it should get you started: security/openvas

Dear sirdice:
thanks for your help .

 

[fff2024g]

dear all :
i have installed openvas with "pkg install openvas" ..........i just find 3 command
openvas openvas-nasl openvas-nasl-lint

then, i am going to https://www.greenbone.net/en/ . no user manual for openvas command.

anyone can show me some link or step to use openvas to scan Vulnerability in freebsd14.1 ..thanks.

 

[RypPn]

security/rkhunter

 

[fff2024g]

security/rkhunter

dear ryppn:
thanks. do you know some tools for remote scan Vulnerability in freebsd14.1 ? i just want to find a tools in freebsd14.1 ,and use it scan my client computer Vulnerability . thanks.

 

[SirDice]

i have installed openvas with "pkg install openvas" ..........i just find 3 command

Had never used it but this is only a part of the scanner, I should have told you to install security/gvm. Then carefully read the pkg-message, if you missed it; pkg info -D gvm.

You might get an error on one of the commands, it seems it's missing a dependency devel/py-shtab, just pkg install py311-shtab

root@fbsd-test:~ # su -m gvm -c "greenbone-nvt-sync"
Traceback (most recent call last):
  File "/usr/local/bin/greenbone-nvt-sync", line 5, in <module>
    from greenbone.feed.sync.main import main
  File "/usr/local/lib/python3.11/site-packages/greenbone/feed/sync/main.py", line 22, in <module>
    from greenbone.feed.sync.parser import CliParser
  File "/usr/local/lib/python3.11/site-packages/greenbone/feed/sync/parser.py", line 10, in <module>
    import shtab
ModuleNotFoundError: No module named 'shtab'

After that the command should work:

root@fbsd-test:~ # su -m gvm -c "greenbone-nvt-sync"
Trying to acquire lock on /var/lib/openvas/feed-update.lock
Acquired lock on /var/lib/openvas/feed-update.lock
⠼ Downloading Notus files from rsync://feed.community.greenbone.net/community/vulnerability-feed/22.04/vt-data/notus/ to
/var/lib/notus
{... downloading might take a while ...}

Haven't finished the rest of the instructions yet.

 

[RypPn]

dear ryppn:
thanks. do you know some tools for remote scan Vulnerability in freebsd14.1 ? i just want to find a tools in freebsd14.1 ,and use it scan my client computer Vulnerability . thanks.

The question should really be, what are your behaviours that make you vulnerable?

 

[mer]

Don't forget about the security checks that get run from periodic. They give a quick overview of any CVEs against installed software and simple things like login failures and refused connections.

 

[fff2024g]

Had never used it but this is only a part of the scanner, I should have told you to install security/gvm. Then carefully read the pkg-message, if you missed it; pkg info -D gvm.

You might get an error on one of the commands, it seems it's missing a dependency devel/py-shtab, just pkg install py311-shtab

root@fbsd-test:~ # su -m gvm -c "greenbone-nvt-sync"
Traceback (most recent call last):
  File "/usr/local/bin/greenbone-nvt-sync", line 5, in <module>
    from greenbone.feed.sync.main import main
  File "/usr/local/lib/python3.11/site-packages/greenbone/feed/sync/main.py", line 22, in <module>
    from greenbone.feed.sync.parser import CliParser
  File "/usr/local/lib/python3.11/site-packages/greenbone/feed/sync/parser.py", line 10, in <module>
    import shtab
ModuleNotFoundError: No module named 'shtab'

After that the command should work:

root@fbsd-test:~ # su -m gvm -c "greenbone-nvt-sync"
Trying to acquire lock on /var/lib/openvas/feed-update.lock
Acquired lock on /var/lib/openvas/feed-update.lock
⠼ Downloading Notus files from rsync://feed.community.greenbone.net/community/vulnerability-feed/22.04/vt-data/notus/ to
/var/lib/notus
{... downloading might take a while ...}

Haven't finished the rest of the instructions yet.

Dear sirDice :
thanks for your help , surprise for me . keep going study.

 

[fff2024g]

The question should really be, what are your behaviours that make you vulnerable?

Dear ryppn:
thanks for your reply , i not sure the vulnerable. so i want to find the tools . now i got it from sirdice advise. thanks.

 

[fff2024g]

dear all :
i have meet a new question about configure Greenbone Vulnerability Manager version 23.5.2 system for scanner. when i start gmvd service ,, erros is below . any one can help me solve it ? thanks.

md main:MESSAGE:2024-09-14 08h19.39 utc :2894: Greenbone Vulnerability Manager version 23.5.2 (DB revision 255)
md manage:WARNING:2024-09-14 08h19.39 utc :2895: sql_exec_internal: PQexec failed: ERROR: relation "public.meta" does not exist
LINE 1: SELECT value FROM public.meta WHERE name = 'database_version...
^
(7)
md manage:WARNING:2024-09-14 08h19.39 utc :2895: sql_exec_internal: SQL: SELECT value FROM public.meta WHERE name = 'database_version';
md manage:WARNING:2024-09-14 08h19.39 utc :2895: sql_x: sql_exec_internal failed
md manage:MESSAGE:2024-09-14 08h19.39 utc :2895: No SCAP database found
md manage:MESSAGE:2024-09-14 08h19.39 utc :2895: No CERT database found
libgvm util:WARNING:2024-09-14 08h19.39 utc :2895: Setting GnuPG dir failed: Invalid crypto engine <GPGME>
md crypt:CRITICAL:2024-09-14 08h19.39 utc :2895: lsc_crypt_new: can't continue w/o a gpgme context

postgresql version is 15.7
Greenbone Vulnerability Manager version 23.5.2

 

[cmoerz]

any "meta" table in your postgresql database? did the scripts that populate the database run properly? It looks like you might have an empty database?

 

[fff2024g]

any "meta" table in your postgresql database? did the scripts that populate the database run properly? It looks like you might have an empty database?

dear cmoerz:
thanks. the i don't know what is meta table in my gvmd database. below is my database .

psql (15.7)
Type "help" for help.

gvmd=# \l
List of databases
Name | Owner | Encoding | Collate | Ctype | ICU Locale | Locale Provider | Access privileges
-----------+----------+----------+---------+-------------+------------+-----------------+-----------------------
gvmd | gvm | UTF8 | C | en_US.UTF-8 | | libc |
postgres | postgres | UTF8 | C | en_US.UTF-8 | | libc |
template0 | postgres | UTF8 | C | en_US.UTF-8 | | libc | =c/postgres +
| | | | | | | postgres=CTc/postgres
template1 | postgres | UTF8 | C | en_US.UTF-8 | | libc | =c/postgres +
| | | | | | | postgres=CTc/postgres
(4 rows)

gvmd=# \dn
List of schemas
Name | Owner
--------+-------------------
public | pg_database_owner
(1 row)

i can't find the public.meta . just public table in there. thanks.

 

[cmoerz]

Are you sure that you successfully populated the gvmd database? Is that database consistent with the other configuration?
Previously, this was done via

su -m gvm
gvmd -m

I recommend checking the port's messages, as SirDice previously suggested: pkg info -D gvm.

 

[fff2024g]

Are you sure that you successfully populated the gvmd database? Is that database consistent with the other configuration?
Previously, this was done via

su -m gvm
gvmd -m

I recommend checking the port's messages, as SirDice previously suggested: pkg info -D gvm.

Dear cmoerz :
thanks for your reply. all of step following manual of "pkg info -D gvm ". but that is not work. can you try a freebsd14.1 vm to test gvm ? thanks.