Any scan runs on the local host and local network using the local host IP have 
detected nothing!

What needs to be checked to correct the above?

Installed openvas-client as it was not installed as I thought previously 
(original launch of sudo gsad opened it)

Check the default files for each openvas service and everything seems to be 
fine, not sure why gsa should be running on 0.0.0.0 as listed below:

Step 7: Checking if OpenVAS services are up and running ... 
        OK: netstat found, extended checks of the OpenVAS services enabled.
        OK: OpenVAS Scanner is running and listening only on the local 
interface.
        OK: OpenVAS Scanner is listening on port 9391, which is the default 
port.
        OK: OpenVAS Manager is running and listening on all interfaces.
        OK: OpenVAS Manager is listening on port 9390, which is the default 
port.
        OK: OpenVAS Administrator is running and listening only on the local 
interface.
        OK: OpenVAS Administrator is listening on port 9393, which is the 
default port.
        WARNING: Greenbone Security Assistant is running and listening only on 
the local interface. This means that you will not be able to access the 
Greenbone Security Assistant from the outside using a web browser.
        SUGGEST: Ensure that Greenbone Security Assistant listens on all 
interfaces.
        OK: Greenbone Security Assistant is listening on port 9392, which is 
the default port.

Should anything be changed below?:
#
# The address the Greenbone Security Assistant will listen on.
#

GSA_ADDRESS=127.0.0.1

#
# The port the Greenbone Security Assistant will listen on.
#

GSA_PORT=9392

#After the recent update of the libmicrohttpd package, it's impossible to 
access GSA via HTTPS protocol (https://localhost:9392)
#force the usage of HTTP protocol (http://localhost:9392)
HTTP_ONLY=1

#
# The file to use as private key for HTTPS
#

#GSA_SSL_PRIVATE_KEY=

#
# The file to use as certificate for HTTPS
#

#GSA_SSL_CERTIFICATE=

#
# Should HTTP get redirected to HTTPS
# If $GSA_REDIRECT_PORT is not set it will redirect port 80.
#

#GSA_REDIRECT=443

# Redirect HTTP from this port to $GSA_PORT
# For this being effective $GSA_REDIRECT has to be set to 1.
#

#GSA_REDIRECT_PORT=80

#
# The address the OpenVAS Administrator is listening on.
#

ADMINISTRATOR_ADDRESS=127.0.0.1

#
# The port the OpenVAS Administrator is listening on.
#

ADMINISTRATOR_PORT=9393

#
# The address the OpenVAS Manager is listening on.
#

MANAGER_ADDRESS=0.0.0.0

#
# The port the OpenVAS Manager is listening on.
#

MANAGER_PORT=9390


From: shast...@hotmail.com
To: openvas-discuss@wald.intevation.org
CC: mco...@bacardi.com
Subject: RE: [Openvas-discuss] Openvas-gsa port binding issue
Date: Fri, 23 Dec 2011 00:25:38 +0000







It is on Ubuntu. Apart from killing the processes which run (that already bind 
the ports to the incorrect host), how can I preve
 before starting openvas scanner/manager/client.

I added the 3 openvas services to /etc/rc.local already but I don't think that 
script is executable so they should not run at bootup.

I have to run gsad now as this command 'sudo gsad --http-only listen=127.0.0.1 
-p 9392".
It works in the browser after removing conflicting services. However I want it 
to do this by default by just running 'sudo gsad' as happened after the first 
install.
Plus the client should launch also and it does not now, not sure how to correct 
this.

What is the best way to startup openvas? Like this:


Code:

test -e /var/lib/openvas/CA/cacert.pem || sudo openvas-mkcert -q

sudo openvas-nvt-sync

test -e /var/lib/openvas/users/om || sudo openvas-mkcert-client -n om -i

sudo /etc/init.d/openvas-manager stop

sudo /etc/init.d/openvas-scanner stop

sudo touch sudo touch /var/lib/openvas/mgr/tasks.db

sudo chmod 600 /var/lib/openvas/mgr/tasks.db

sudo openvassd

sudo openvasmd --migrate

sudo openvasmd --rebuild

sudo killall openvassd

sleep 15

sudo /etc/init.d/openvas-scanner start

sudo /etc/init.d/openvas-manager start

sudo /etc/init.d/openvas-administrator restart

test -e /var/lib/openvas/users/admin || sudo openvasad -c add_user -n admin -r 
Admin (remove this also)

sudo gsad


(Remove the below?)

Add the components to startup by adding them to the rc.local file




Code:

sudo nano /etc/rc.local
 



Add 


Code:

openvassd

openvasad

openvasmd

gsad
 

Subject: Re: [Openvas-discuss] Openvas-gsa port binding issue
From: mco...@bacardi.com
Date: Thu, 22 Dec 2011 18:16:08 -0500
To: shast...@hotmail.com






If you are running anything Debian based you have to change all the OpenVAS 
scripts in /etc/default to the addressable IPs applicable to your network...

Other architectures I can't say..  If this doesn't help someone will be along 
shortly I'm sure...

Cheers...

Matt

  From: Shane Duignan [shast...@hotmail.com]
  Sent: 12/22/2011 11:12 PM GMT
  To: <openvas-discuss@wald.intevation.org>
  Subject: [Openvas-discuss] Openvas-gsa port binding issue




openvas-check setup output (only issues are in step 7, everything else 
configured fine):

Step 7: Checking if OpenVAS services are up and running ... 
        OK: netstat found, extended checks of the OpenVAS services enabled.
        OK: OpenVAS Scanner is running and listening only on the local 
interface.
        OK: OpenVAS Scanner is listening on port 9391, which is the default 
port.
       
 WARNING: OpenVAS Manager is running and listening only on the local 
interface. This means that you will not be able to access the OpenVAS 
Manager from the outside using GSD or OpenVAS CLI.
        SUGGEST: Ensure that OpenVAS Manager listens on all interfaces.
        OK: OpenVAS Manager is listening on port 9390, which is the default 
port.
        OK: OpenVAS Administrator is running and listening only on the local 
interface.
        OK: OpenVAS Administrator is listening on port 9393, which is the 
default port.
        WARNING: Greenbone Security Assistant is listening on port 8080 9392 
443, which is NOT the default port!
        SUGGEST: Ensure Greenbone Security Assistant is listening on one of the 
following ports: 80, 443, 9392.
[: 555: 8080: unexpected operator

further checks show:

netstat -an | grep '939'
tcp        0      0 127.0.0.1:9391          0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:9392            0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:9393          0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:9390          0.0.0.0:*               LISTEN     
tcp      539      0 127.0.0.1:9392          127.0.0.1:52908         CLOSE_WAIT 

tail -f /var/log/openvas/gsad.log
gsad main:WARNING:2011-12-22 09h41.10 utc:3588: Binding to port 443 failed, 
trying default port 9392 next.


So my question how to you get 'gsad' to run at the appropriate ports and end 
existing services?
As the first time I installed, 'sudo gsad' launched the client window and I was 
able to browse http://127.0.0.1:9392.
How can I get the client to launch also?

Plus how do you configure openvas-manager to run on the local and remote 
connection?

Thanks in advance.                                        

_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss               
                                                                  
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Reply via email to