Developers guide
Chapter 7
Copyright © 2008-2013 Inverse inc.
Optional components 50
It is important to get the correct scan config ID and NBE report format ID to populate the parameters in
the PacketFence configuration file. The easiest way to get these IDs is by downloading both of the scan
configuration and report format from the OpenVAS web gui and retrieve the IDs in the filenames.
For example report-format-f5c2a364-47d2-4700-b21d-0a7693daddab.xml gives report format ID
f5c2a364-47d2-4700-b21d-0a7693daddab.
Configuration
In order for the compliance checks to correctly work with PacketFence (communication and generate
violations inside PacketFence), you must configure two sections:
pf.conf
Adjust the settings in the scan section like the following: Don’t hesitate to refer to the
documentation.conf file for any help on these paramaters and which of them to configure.
Using Nessus:
[scan]
engine=nessus
host=127.0.0.1
nessus_clientpolicy=basic-policy
pass=nessusUserPassword
registration=enabled
user=nessusUsername
Of course the basic-policy must exist on the nessus server. If you want to use a different nessus policy
by category, you have to adjust settings like the following (if the policy doesn’t exist, PacketFence will
use the default policy defined by nessus_clientpolicy):
[nessus_category_policy]
guest=guest_policy
wifi=wifi_policy
A node who is register like a guest will be scanned by the guest_policy , etc …
Using OpenVAS:
[scan]
engine=openvas
host=127.0.0.1
openvas_configid=openvasScanConfigId
openvas_reportformatid=openvasNBEReportFormatId
pass=openvasUserPassword
registration=enabled
user=openvasUsername
violations.conf
You need to create a new violation section and have to specify: