I did set the target as 'consider alive', but it still didn't scan the host on the other side of the tunnel.
On Tue, Nov 24, 2015 at 12:14 PM, Eero Volotinen <[email protected]> wrote: > as I said before, you need to set target alive test to 'consider alive' > (this is feature of openvas 8) or modify scan config to remove ping alive > test. > > Eero > > 2015-11-24 19:52 GMT+02:00 Tianyi Yang <[email protected]>: > >> I ran nmap in the terminal using all kinds of discovery methods that I >> know, e.g. SYN ping, ACK ping, UDP ping and ICMP ping, the probed host was >> shown as dead for each of these. >> >> However, when simply run "ping host-ip" (which is basically ICMP probe), >> it worked fine. >> >> So I am wondering if bad configuration of nmap caused all the problems? >> Thanks a lot! >> >> TY >> >> On Tue, Nov 24, 2015 at 11:42 AM, Eero Volotinen <[email protected]> >> wrote: >> >>> You should use following nmap settings with root account (on openvas >>> machine) >>> >>> nmap -P0 -p- ip.address >>> >>> that mean -P0 = consider host alive, -p- = full tcp scan .. >>> >>> and same with vpn connection. if results are different on nmap scan then >>> problem is not on openvas machine. Then it's related to your network >>> configuration, firewall settings or routing. >>> >>> Eero >>> >>> 2015-11-24 19:26 GMT+02:00 Tianyi Yang <[email protected]>: >>> >>>> Thank you for the good suggestions! >>>> >>>> 1. I tested setting target as consider alive, full tcp scan and full >>>> and fast and tried again to scan over VPN, the results are exactly the same >>>> as before and no improvement. >>>> >>>> 2. I tried probing the target host with nmap over VPN, it showed "0 >>>> hosts up". So nmap showed the same unwanted results as openvas. Any >>>> suggestions on how to make changes? Thanks a lot! >>>> >>>> TY >>>> >>>> On Tue, Nov 24, 2015 at 3:57 AM, Eero Volotinen <[email protected]> >>>> wrote: >>>> >>>>> It's really hard to guess all your settings and configurations. >>>>> >>>>> please set target to consider alive, full tcp scan and full and fast >>>>> and try again. you should also try scan same target using nmap and compare >>>>> results. >>>>> >>>>> -- >>>>> Eero >>>>> >>>>> 2015-11-23 19:59 GMT+02:00 Tianyi Yang <[email protected]>: >>>>> >>>>>> Hi everyone, >>>>>> >>>>>> I was scanning a same device over VPN and through direct connect with >>>>>> exactly the same configurations, and found the results are essentially >>>>>> different. >>>>>> >>>>>> The results over VPN only catch 5 Logs in the following, i.e. >>>>>> 3com switch2hub (general/tcp) (Log) >>>>>> OS fingerprinting (general/tcp) (Log) >>>>>> ICMP Timestamp Detection (general/tcp) (Log) >>>>>> Traceroute (general/tcp) (Log) >>>>>> CPE Inventory (general/tcp) (Log) >>>>>> >>>>>> However, in the results when connect directly between the scanned >>>>>> device and the scanner host, 2 High and 11 Logs are found. In addition to >>>>>> those listed above, there are: >>>>>> Multiple NetGear ProSafe Switches Information Disclosure >>>>>> Vulnerability (80/tcp) (High) >>>>>> Report default community names of the SNMP Agent (161 tcp) (High) >>>>>> HTTP Server type and version (80/tcp) (Log) >>>>>> Services (80/tcp) (Log) >>>>>> Web mirroring (80/tcp) (Log) >>>>>> Directory Scanner (80/tcp) (Log) >>>>>> wapiti (NASL wrapper) (80/tcp) (Log) >>>>>> An SNMP Agent is running (161/udp) (Log) >>>>>> >>>>>> We see that the job over VPN has only results in locations >>>>>> "general/tcp". And I further found that the VPN results were independent >>>>>> of >>>>>> the port list, which means even if we specifies an EMPTY port list, the >>>>>> outcome is exactly the same. And I read the logs on the scanned device >>>>>> site >>>>>> and found only ports, e.g. TCP 22 and UDP 69 were probed. However, the >>>>>> requested ports like TCP 80 and UDP 161 were never probed over VPN. >>>>>> >>>>>> Does anyone have insights what's wrong with my scan >>>>>> jobs/setup/configs over VPN? I appreciate it! >>>>>> >>>>>> TY >>>>>> >>>>>> _______________________________________________ >>>>>> Openvas-discuss mailing list >>>>>> [email protected] >>>>>> >>>>>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >>>>>> >>>>> >>>>> >>>> >>> >> >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
