Hey Well, in order to scan satellite offices and to have a reliable 'always on' instance of openvas we thought we put openvas on a cheap virtual server. The provider user OpenVZ which is a container-based virtualization. So in order to protect the other virtual containers from "snooping" as you call it, they might very well have raw socket access disabled.
This thread on the nmap mailing lists sounds pretty much like what I am experiencing: http://seclists.org/nmap-dev/2012/q2/200 Cheers Alex On Sat, Aug 3, 2013 at 10:05 AM, William Scott Lockwood III < [email protected]> wrote: > On Aug 3, 2013 6:17 AM, "Alexander Rau" <[email protected]> wrote: > > > > Thanks > > > > I think I nailed the issue down to nmap having issues with the virtual > network adapter. nmap doesn't see the virtual adapter and nmap scans fail. > > > > root@cv1:~# nmap --iflist > > > > Starting Nmap 6.00 ( http://nmap.org ) at 2013-08-03 07:11 EDT > > INTERFACES: NONE FOUND(!) > > ROUTES: NONE FOUND(!) > > > > > > root@cv1:~# nmap scanme.nmap.org > > > > Starting Nmap 6.00 ( http://nmap.org ) at 2013-08-03 07:12 EDT > > route_dst_netlink: can't find interface "venet0" > > > > I haven't found a solution yet. Looks like I might have to abandon this > provider. > > > > Thanks > > > > Alex > > > > > > > > On Fri, Aug 2, 2013 at 2:45 PM, Paula Gonzalez Muñoz <[email protected]> > wrote: > >> > >> Check that the ips are the same and check with your ISP of they allow > SSH and similar kind of traffic. > >> > >> Paula @ móvil > >> > >> El 02/08/2013 20:08, "Alexander Rau" <[email protected]> escribió: > >>> > >>> Has anyone experienced openvas showing no results? I switched hosting > providers and suddenly hosts that had vulnerabilities before have none and > scans go very fast. > >>> > >>> ISP filtering? Virtual Host? > >>> > >>> Thoughts? > >>> > >>> Thanks > >>> > >>> AR > > I have seen this on systems where access to raw sockets was disabled. In a > jailed setup, raw socket access would allow you to snoop the traffic of > other jails. For this reason, it's usually disabled. > > Can you tell us a little more about your setup? >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
