I'm running a newly installed and configured openVAS 5 on CentOS 6 machine. I made sure I'm running nmap 5.51.
My "openvas-check-setup returns: openvas-check-setup 2.2.0 Test completeness and readiness of OpenVAS-5 Please report us any non-detected problems and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem. Use the parameter --server to skip checks for client toolslike GSD and OpenVAS-CLI. Step 1: Checking OpenVAS Scanner ... OK: OpenVAS Scanner is present in version 3.3.1. OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem. OK: NVT collection in /var/lib/openvas/plugins contains 30428 NVTs. WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner. SUGGEST: Enable signature checking see http://www.openvas.org/trusted-nvts.html). Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 3.0.5. OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem. OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db. OK: Access rights for the OpenVAS Manager database are correct. OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled. OK: OpenVAS Manager database is at revision 56. OK: OpenVAS Manager expects database at revision 56. OK: Database schema is up to date. OK: OpenVAS Manager database contains information about 29686 NVTs. OK: xsltproc found. Step 3: Checking OpenVAS Administrator ... OK: OpenVAS Administrator is present in version 1.2.1. OK: At least one user exists. OK: At least one admin user exists. Step 4: Checking Greenbone Security Assistant (GSA) ... OK: Greenbone Security Assistant is present in version 3.0.3. Step 5: Checking OpenVAS CLI ... OK: OpenVAS CLI version 1.1.5. Step 6: Checking Greenbone Security Desktop (GSD) ... OK: Greenbone Security Desktop is present in Version 1.2.2. Step 7: Checking if OpenVAS services are up and running ... OK: netstat found, extended checks of the OpenVAS services enabled. OK: OpenVAS Scanner is running and listening on all interfaces. OK: OpenVAS Scanner is listening on port 9391, which is the default port. OK: OpenVAS Manager is running and listening on all interfaces. OK: OpenVAS Manager is listening on port 9390, which is the default port. OK: OpenVAS Administrator is running and listening only on the local interface. OK: OpenVAS Administrator is listening on port 9393, which is the default port. OK: Greenbone Security Assistant is running and listening on all interfaces. OK: Greenbone Security Assistant is listening on port 9392, which is the default port. Step 8: Checking nmap installation ... OK: nmap is present in version 5.51. Step 9: Checking presence of optional tools ... OK: pdflatex found. OK: PDF generation successful. The PDF report format is likely to work. OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work. OK: rpm found, LSC credential package generation for RPM based targets is likely to work. WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work. SUGGEST: Install alien. OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work. It seems like your OpenVAS-5 installation is OK. If you think it is not OK, please report your observation and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem. An Nmap scan against my target (from my nmap server) reports: [admin@openVAS1 Desktop]$ nmap -p 1-65535 -T5 x.x.x.x Starting Nmap 5.51 ( http://nmap.org ) at 2013-04-18 12:34 PDT Nmap scan report for test3.test3.com (x.x.x.x) Host is up (0.024s latency). Not shown: 65531 closed ports PORT STATE SERVICE 22/tcp open ssh 23/tcp open telnet 1506/tcp open unknown 1513/tcp open fujitsu-dtc But an openVas scan does not report ports 1506 0r 1509 (copiec from the GSAD webUI): Port summary for x.x.x.x Service (Port) Threat general/icmp Low general/CPE-T Log general/HOST-T Log general/tcp Log snmp (161/udp) Log tftp (69/udp) False Positive ... general/tcp Log (CVSS: 0.0) NVT: Checks for open tcp ports (OID: 1.3.6.1.4.1.25623.1.0.900239) Open TCP ports: [None found] A scan from a collegue's openVAS machine reports those ports AND vulnerabilities releated to them, my machine does not. I have compared the NMAP sections of the scan configs and they are the same Any ideas why my openVAS does not report those ports??
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
