OpenVAS Change Request #56: NVT Feed Meta Data Improvements
Status: Voted +6. Done.
Provide more helpful meta information about NVTs and reduce some redundant information.
This change request intends the following modifications to any NVT present in the Feed:
Fix Version information: This has been neglected in the past though agreed already.
Add creation and last modification timestamps as meta information: Several users asked for this to better judge how old the test routine is. This is analog to for example the CVE information where both timestamps are always available.
Remove "Risk factor: xxx" text element from description part: Since all NVTs have a tag "risk_factor" for some time, the information in the text is redundant. The tag information is easier to handle for selection/classification operations than the description text.
In fact the "risk_factor" tag is a transformation from the CVSS and is itself redundant once any NVT is tagged with a CVSS. It is not determined when this will have happened though. Removing the risk factor from the text at least reduces redundancy.
OpenVAS tool chain can rely on presence of a version number for any NVT.
OpenVAS tool chain can rely on presence of creation and last modification timestamps.
More tags will appear in the meta data of NVTs, so automatically generated dialogs for the NVT meta information might grow in size.
The memory footprint might grow with the additional tags. The shortened description texts might balance this a little bit, but likely not entirely.
Old processing chains that rely on the presence of the risk factor inside the description text will fail. No such processing chains are known, though.
Design and Implementation
Version tag: The SVN "Revision" tag is used for the version. Therefore the script files need to be prepared for this for SVN and the script_version() command in the NVTs must be present and contain the correct "Revision" SVN tag. Henri Doreau already started to fix various scripts. This activity can be continued in conjunction with the other changes.
Creation time stamp and last modification time stamp: This information can be pulled from SVN. A couple of thousand NVTs are older than the SVN history. So these will all get the time stamp of starting the SVN repository. For some it might possible to derive at least the year from copyright or CVEs, but this not systematically and reliably possible. Perhaps it is better to stick with the rule that the OpenVAS NVT feed started at a specific date. Thomas Reinke offered some information from his own repository about the creation timestamps. However, it is to be decided whether to undertake the effort to merge the timestamp or whether to simply use what SVN offers (consistently).
For new scripts, the creation date can be generated using the
LC_ALL=C date +"%F %T %z (%a, %d %b %Y)"
The last modification date and the last revision number can be set
automatically by SVN. The following fields must be provided as is:
With the SVN keywords "Revision" and "Date" set for new scripts:
svn propset svn:keywords 'Revision Date' <filename>
Removal of "Risk factor" from description: This should be possible mostly automatically by text pattern matching. It should be taken care that unneeded newlines are then also removed.
- 2011-11-10 Henri Doreau <henri.doreau at greenbone dot net>:
- 2011-11-03 Henri Doreau <henri.doreau at greenbone dot net>:
Added implementation details.
- 2011-10-31 Henri Doreau <henri.doreau at greenbone dot net>:
- 2011-10-25 Jan-Oliver Wagner <jan-oliver.wagner at greenbone dot net>: