How about reinstalling latest kali and openvas? erh. sound like typical kali problem, it just won't work :)
-- Eero 2015-12-14 11:27 GMT+02:00 adamhj <[email protected]>: > Hello, > > I run a distupgrade to kali 2.0 days before and now found that openvas can > not work correctly > > I can log into the web console and create scan tasks, but no task will > start. Clicking start on tasks reports: > [QUOTE]Operation: Start Task > Status code: 503 > Status message: Service temporarily down[/QUOTE] > > checked the openvasmd log and found this: > ------------------------------ > lib serv:WARNING:2015-12-11 05h16.22 UTC:4668: Failed to shake hands with > peer: The TLS connection was non-properly terminated. > lib serv:WARNING:2015-12-11 05h16.22 UTC:4668: Failed to shutdown server > socket > event task:MESSAGE:2015-12-11 05h16.22 UTC:4668: Task > db60c538-ad1e-4f6f-9cd1-3e80b9926d46 could not be started by admin > ------------------------------ > > tried openvas initial setup and got no luck > > tried delete openvas CA&server&client cert manually and re-generate them > with openvas-mkcert/openvas-mkcert-client and the problem is still their > > tried run openvas-setup line by line manually and found that *openvasmd > --rebuild --progress* will fail: > ------------------------------ > Rebuilding NVT cache... failed. > ------------------------------ > > the error in log file looks the same: > ------------------------------ > lib serv:WARNING:2015-12-11 05h21.23 utc:4701: Failed to shake hands with > peer: The TLS connection was non-properly terminated. > lib serv:WARNING:2015-12-11 05h21.23 utc:4701: Failed to shutdown server > socket > ------------------------------ > > openvas-check-setup runs without error: > ------------------------------ > root@kali:~# openvas-check-setup --v8 > openvas-check-setup 2.3.0 > Test completeness and readiness of OpenVAS-8 > (add '--v6' or '--v7' or '--9' > if you want to check for another OpenVAS version) > > Please report us any non-detected problems and > help us to improve this check routine: > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > > Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the > problem. > > Use the parameter --server to skip checks for client tools > like GSD and OpenVAS-CLI. > > Step 1: Checking OpenVAS Scanner ... > OK: OpenVAS Scanner is present in version 5.0.1. > OK: OpenVAS Scanner CA Certificate is present as > /var/lib/openvas/CA/cacert.pem. > OK: OpenVAS Scanner server certificate is valid and present as > /var/lib/openvas/CA/servercert.pem. > OK: NVT collection in /var/lib/openvas/plugins contains 44735 NVTs. > WARNING: Signature checking of NVTs is not enabled in OpenVAS > Scanner. > SUGGEST: Enable signature checking (see > http://www.openvas.org/trusted-nvts.html). > OK: The NVT cache in /var/cache/openvas contains 71963 files for > 44735 NVTs. > OK: redis-server is present in version v=2.8.17. > OK: scanner (kb_location setting) is configured properly using the > redis-server socket: /var/lib/redis/redis.sock > OK: redis-server is running and listening on socket: > /var/lib/redis/redis.sock. > OK: redis-server configuration is OK and redis-server is running. > Step 2: Checking OpenVAS Manager ... > OK: OpenVAS Manager is present in version 6.0.1. > OK: OpenVAS Manager client certificate is valid and present as > /var/lib/openvas/CA/clientcert.pem. > OK: OpenVAS Manager database found in > /var/lib/openvas/mgr/tasks.db. > OK: Access rights for the OpenVAS Manager database are correct. > OK: At least one user exists. > OK: sqlite3 found, extended checks of the OpenVAS Manager > installation enabled. > OK: OpenVAS Manager database is at revision 146. > OK: OpenVAS Manager expects database at revision 146. > OK: Database schema is up to date. > OK: OpenVAS Manager database contains information about 39009 NVTs. > OK: OpenVAS SCAP database found in > /var/lib/openvas/scap-data/scap.db. > OK: OpenVAS CERT database found in > /var/lib/openvas/cert-data/cert.db. > OK: xsltproc found. > Step 3: Checking user configuration ... > WARNING: Your password policy is empty. > SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a > password policy. > Step 4: Checking Greenbone Security Assistant (GSA) ... > OK: Greenbone Security Assistant is present in version 6.0.1. > Step 5: Checking OpenVAS CLI ... > OK: OpenVAS CLI version 1.4.0. > Step 6: Checking Greenbone Security Desktop (GSD) ... > SKIP: Skipping check for Greenbone Security Desktop. > Step 7: Checking if OpenVAS services are up and running ... > OK: netstat found, extended checks of the OpenVAS services enabled. > OK: OpenVAS Scanner is running and listening only on the local > interface. > OK: OpenVAS Scanner is listening on port 9391, which is the > default port. > WARNING: OpenVAS Manager is running and listening only on the > local interface. > This means that you will not be able to access the OpenVAS Manager > from the > outside using GSD or OpenVAS CLI. > SUGGEST: Ensure that OpenVAS Manager listens on all interfaces > unless you want > a local service only. > OK: OpenVAS Manager is listening on port 9390, which is the > default port. > WARNING: Greenbone Security Assistant is running and listening > only on the local interface. > This means that you will not be able to access the Greenbone > Security Assistant from the > outside using a web browser. > SUGGEST: Ensure that Greenbone Security Assistant listens on all > interfaces. > OK: Greenbone Security Assistant is listening on port 9392, which > is the default port. > Step 8: Checking nmap installation ... > WARNING: Your version of nmap is not fully supported: 7.00 > SUGGEST: You should install nmap 5.51 if you plan to use the nmap > NSE NVTs. > Step 10: Checking presence of optional tools ... > OK: pdflatex found. > OK: PDF generation successful. The PDF report format is likely to > work. > OK: ssh-keygen found, LSC credential generation for GNU/Linux > targets is likely to work. > WARNING: Could not find rpm binary, LSC credential package > generation for RPM and DEB based targets will not work. > SUGGEST: Install rpm. > WARNING: Could not find makensis binary, LSC credential package > generation for Microsoft Windows targets will not work. > SUGGEST: Install nsis. > > It seems like your OpenVAS-8 installation is OK. > > If you think it is not OK, please report your observation > and help us to improve this check routine: > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > Please attach the log-file (/tmp/openvas-check-setup.log) to help us > analyze the problem. > ------------------------------ > > Now I don't have any idea to deal with this problem. > May anyone give me some advice? > > Regards, > Adam.H > > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
