Hi, actually we need a single place where to specify the source IP and then use it everywhere. Else you can create pretty inconsistent situations. We will work out some better solution for OpenVAS-7.
But we need to disable the source ip from the nmap wrapper to avoid trouble. Best Jan On Donnerstag, 17. Oktober 2013, Hani Benhabiles wrote: > On 2013-10-09 19:17, Yves Réveillon - eurower.fr wrote: > > I'm using OpenVAS on a OpenVZ host. > > > > So, i have : > > > > venet0 inet addr:127.0.0.1 > > venet0:0 inet addr:PUBLIC_IP > > > > I cannot set the PUBLIC_IP on the venet0 ! > > > > So the scanner is launching with : > > > > openvassd --listen=127.0.0.1 -S PUBLIC_IP > > > > But when I start the scan, I have a message : > > The remote host (ANOTHER_PUBLIC_IP) is dead > > > > And this is what tcpdump says : > > > > 21:48:25.248488 IP 127.0.0.1.49701 > ANOTHER_PUBLIC_IP.ftp: Flags > > [.], > > ack 4171032861, win 2048, length 0 > > 21:48:25.248515 IP 127.0.0.1.49701 > ANOTHER_PUBLIC_IP.telnet: Flags > > [.], ack 4171032861, win 1024, length 0 > > 21:48:25.248522 IP 127.0.0.1.49701 > ANOTHER_PUBLIC_IP.smtp: Flags > > [.], > > ack 4171032861, win 4096, length 0 > > 21:48:25.248525 IP 127.0.0.1.49701 > ANOTHER_PUBLIC_IP.domain: Flags > > [.], ack 4171032861, win 1024, length 0 > > 21:48:25.248528 IP 127.0.0.1.49701 > ANOTHER_PUBLIC_IP.http: Flags > > [.], > > ack 4171032861, win 2048, length 0 > > > > So, the IP source is ... localhost and not the PUBLIC_IP of the -S > > flag. > > > > What's the problem ? > > > > Thanks ... > > > > Thanks for reporting this. That generated traffic is from Nmap I > believe. I have pushed an update to "Nmap (NASL wrapper)" nvt in > revision 18076 which adds "Source IP :" nvt preference. Could you test > setting the interface IP in that preference too and report back ? > > On a related note, nmap 5.21 is too old. There were some bug fixes > related to matching routes to interfaces, IIRC. Maybe confirm with a > manual nmap scan ? -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
