Miroirs/slackbuilds_ponce
1
0
Fork 0
mirror of https://github.com/Ponce/slackbuilds synced 2024-10-13 08:43:42 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
slackbuilds_ponce/network/openvas-server/openvasd.conf
Marco Bonetti f0090973fe network/openvas-server: Added to 12.2 repository
2010-05-12 23:32:38 +02:00

163 lines
4.8 KiB
Text
Raw Blame History

# OpenVAS Security Scanner, Slackware default configuration file
#
# Empty lines and those starting with '#' are ignored.
# Directory where plug-ins are to be found
plugins_folder = /usr/lib/openvas/plugins
# E-mail address of the admin
email = root
# Maximum number of hosts
max_hosts = 255
# Number of plugins that will run against each host,
# i.e. simultaneous tests
# Total number of processes will be max_checks x max_hosts
max_checks = 15
# File used to log activity. Set it to 'syslog' if you want to use syslogd.
logfile = /var/log/openvas/openvasd.messages
# Log every detail of the attack in openvasd.messages
# If disabled only the beginning and end are logged, and
# not the time each plugin takes to execute
log_whole_attack = yes
# Log the name of the plugins that are loaded by the server
log_plugins_name_at_load = no
# Dump file for debugging output, use `-' for stdout
dumpfile = /var/lib/openvas/openvasd.dump
# File that contains rules database that apply to all users
rules = /etc/openvas/openvasd.rules
# Users database file
users = /etc/openvas/openvasd.users
# Path where it will find information for all users
per_user_base = /var/lib/openvas/users
# Cache folder
cache_folder = /var/cache/openvas
# CGI paths to check for (cgi-bin:/cgi-aws:/ can do)
cgi_path = /cgi-bin
# Optimize the test
optimize_test = yes
# Read timeout (in seconds) for the sockets of the tests
# Increase this value if running on a slow network link (dialup)
checks_read_timeout = 15
# Delay (in seconds) to pass for between two tests against the same port
# (to be inetd friendly)
delay_between_tests = 1
# Do not run simultaneous ports for these tests. Default value:
# non_simul_ports = 139, 445
# Remote file that the plugins will try to read:
test_file = /etc/passwd
# Range of the ports that nmap will scan
port_range = 1-15000
# Ping hosts before scanning them?
ping_hosts = yes
# Only test the IPs that can be reversely looked up?
reverse_lookup = no
# Host expansion:
# dns: performs and AXFR on the remote name server
# and test the host obtained
# nfs: test hosts that have the right to mount the
# filesystems exported by the remote host
# ip: scan the entire subnet
host_expansion = dns;ip
subnet_class = C
# Use the MAC address as host identifier (useful in
# local LANs with dynamic addresses, e.g. DHCP)
# use_mac_addr = yes
# Slice the network IPs into portions and rotate them
# between scanning each slice. Instead of the (default)
# behaviour of scanning a network incrementally.
# slice_network_addresses = yes
scan_level = normal
outside_firewall = no
# Enable plugins that are depended on
# auto_enable_dependencies = yes
# Enable safe checks (this overrides the client's configuration)
# safe_checks = yes
# Allow users to upload plugins to the server
# Note: This effectively gives administrative permissions
# to OpenVAS users and, when using local checks, could grant
# them execute permissions in remote systems, so use with care!
plugin_upload = no
# Filename suffixes that are allowed when uploading
# plugin_upload_suffixes = .nasl, .inc
# Language to use in plugins.
# Current valid options are 'english' and 'french'
language = english
# Public key client server encryption (crypto options)
peks_username = openvasd
peks_keylen = 1024
peks_keyfile = /etc/openvas/openvasd.private-keys
peks_usrkeys = /etc/openvas/openvasd.user-keys
peks_pwdfail = 5
track_iothreads = yes
cookie_logpipe = /etc/openvas/openvasd.logpipe
cookie_logpipe_suptmo = 2
# Define SSL version, use NONE to disable SSL
# ssl_version = 3
# Full path and filename of a trusted certificate authority
# see /usr/share/doc/openvas/README_SSL.gz
# trusted_ca =
# SSL Ciphers to use
# The following removes all SSLv3 ciphers except RC4.
# This has been implemented to workaround an OpenSSL 0.9.8
# bug, for more information please read
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338006
# and
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343487
# ssl_cipher_list = SSLv2:-LOW:-EXPORT:RC4+RSA
# NASL scripts cryptographic checks of some plugins (trusted
# scripts). OpenVAS will refuse to load and execute trusted
# scripts that are not signed. Use extreme caution when
# setting this to 'yes'
#nasl_no_signature_check = no
nasl_no_signature_check = yes
# Uncomment the following for IO thread debugging
#track_iothreads = yes
# Set this to 'yes' if you want each child to be nice(2)d
# be_nice = yes
# End of /etc/openvas/openvasd.conf file.
#
# Added by openvas-mkcert
#
cert_file=/var/lib/openvas/CA/servercert.pem
key_file=/var/lib/openvas/private/CA/serverkey.pem
ca_file=/var/lib/openvas/CA/cacert.pem
# If you decide to protect your private key with a password,
# uncomment and change next line
# pem_password=password
# If you want to force the use of a client certificate, uncomment next line
# force_pubkey_auth = yes
Reference in a new issue View git blame Copy permalink