Just read the comments from file. Eeeo
10.8.2016 9.50 ip. "Mark Pleis" <[email protected]> kirjoitti: > I am new to the world of OpenVAS and I am having two issues getting it up > and running. I have been googling for the past 3 days and documentation > seems to be sparse. I am asking these together because I fel they could be > related some how. > > 1. I can't get the manager to work on all interfaces, I have changed the > config setting in the > /etc/default folder for the services and no luck I have restarted the > services and the VM. > 2. I am not able to scan. when I setup a scan on the local console for > an out side machine or the local hst i get no results. > I tried using nmap on this machine and it did work > > Details > --------------- > Kali Linux rolling image running on VMware 5.5 > OpenVAS ver 8 > only 1 NIC eth0 and of cource lo > I have add below all the config files and the openvas-check-setup > results. I know this has to be simple and I am missing > something, but I just can't find it. > > Thanks in advance. > Mark > > -------------------------------- > config files below > ---------------------------------- > > > > > > ------------------------------------------------------------ > --------------------------- > # cat openvas-manager > ------------------------------------------------------------ > --------------------------- > # NOTE: This file is not used if you are using systemd. The options are > # hardcoded in the openvas-manager.service file. If you want to change > # them you should override the service file by creating a file > # /etc/systemd/system/openvas-manager.service.d/local.conf like this: > # [Service] > # ExecStart= > # ExecStart=/usr/sbin/openvasmd <your desired options> > > # The file the OpenVAS Manager will use as database. > DATABASE_FILE=/var/lib/openvas/mgr/tasks.db > > # The address the OpenVAS Manager will listen on. > MANAGER_ADDRESS=0.0.0.0 > > # The port the OpenVAS Manager will listen on. > MANAGER_PORT=9390 > > > ------------------------------------------------------------ > -------------------------- > # cat openvas-scanner > ------------------------------------------------------------ > -------------------------- > # NOTE: This file is not used if you are using systemd. The options are > # hardcoded in the openvas-scanner.service file. If you want to change > # them you should override the service file by creating a file > # /etc/systemd/system/openvas-scanner.service.d/local.conf like this: > # [Service] > # ExecStart= > # ExecStart=/usr/sbin/openvassd <your desired options> > > # The address the OpenVAS Scanner is listening on. > SCANNER_ADDRESS=0.0.0.0 > > # The port the OpenVAS Scanner is listening on. > SCANNER_PORT=9391 > ------------------------------------------------------------ > ------------------------------- > # cat greenbone-security-assistant > ------------------------------------------------------------ > -------------------------------- > # NOTE: This file is not used if you are using systemd. The options are > # hardcoded in the greenbone-security-assistant.service file. If you want > to change > # them you should override the service file by creating a file > # /etc/systemd/system/greenbone-security-assistant.service.d/local.conf > like this: > # [Service] > # ExecStart= > # ExecStart=/usr/sbin/gsad --foreground <your desired options> > > # The address the Greenbone Security Assistant will listen on. > GSA_ADDRESS=0.0.0.0 > > # The port the Greenbone Security Assistant will listen on. > GSA_PORT=9392 > > # The file to use as private key for HTTPS > #GSA_SSL_PRIVATE_KEY= > > # The file to use as certificate for HTTPS > #GSA_SSL_CERTIFICATE= > > # Should HTTP get redirected to HTTPS > # If $GSA_REDIRECT_PORT is not set it will redirect port 80. > #GSA_REDIRECT=1 > > # Redirect HTTP from this port to $GSA_PORT > # For this being effective $GSA_REDIRECT has to be set to 1. > #GSA_REDIRECT_PORT=9394 > > # The address the OpenVAS Manager is listening on. > MANAGER_ADDRESS=127.0.0.1 > > # The port the OpenVAS Manager is listening on. > MANAGER_PORT=9390 > > > ------------------------------------------------------------ > ----------------------------------- > # openvas-check-setup > ------------------------------------------------------------ > ----------------------------------- > > openvas-check-setup 2.3.3 > Test completeness and readiness of OpenVAS-8 > (add '--v6' or '--v7' or '--v9' > if you want to check for another OpenVAS version) > > Please report us any non-detected problems and > help us to improve this check routine: > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > > Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the > problem. > > Use the parameter --server to skip checks for client tools > like GSD and OpenVAS-CLI. > > Step 1: Checking OpenVAS Scanner ... > OK: OpenVAS Scanner is present in version 5.0.5. > OK: OpenVAS Scanner CA Certificate is present as > /var/lib/openvas/CA/cacert.pem. > OK: OpenVAS Scanner server certificate is valid and present as > /var/lib/openvas/CA/servercert.pem. > OK: redis-server is present in version v=3.2.3. > OK: scanner (kb_location setting) is configured properly using the > redis-server socket: /var/lib/redis/redis.sock > OK: redis-server is running and listening on socket: > /var/lib/redis/redis.sock. > OK: redis-server configuration is OK and redis-server is running. > OK: NVT collection in /var/lib/openvas/plugins contains 48413 NVTs. > WARNING: Signature checking of NVTs is not enabled in OpenVAS > Scanner. > SUGGEST: Enable signature checking (see http://www.openvas.org/ > trusted-nvts.html). > OK: The NVT cache in /var/cache/openvas contains 48413 files for > 48413 NVTs. > Step 2: Checking OpenVAS Manager ... > OK: OpenVAS Manager is present in version 6.0.8. > OK: OpenVAS Manager client certificate is valid and present as > /var/lib/openvas/CA/clientcert.pem. > OK: OpenVAS Manager client certificate is present as > /var/lib/openvas/CA/clientcert.pem. > OK: OpenVAS Manager database found in > /var/lib/openvas/mgr/tasks.db. > OK: Access rights for the OpenVAS Manager database are correct. > OK: sqlite3 found, extended checks of the OpenVAS Manager > installation enabled. > OK: OpenVAS Manager database is at revision 146. > OK: OpenVAS Manager expects database at revision 146. > OK: Database schema is up to date. > OK: OpenVAS Manager database contains information about 48413 NVTs. > OK: At least one user exists. > OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/ > scap.db. > OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/ > cert.db. > OK: xsltproc found. > Step 3: Checking user configuration ... > WARNING: Your password policy is empty. > SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a > password policy. > Step 4: Checking Greenbone Security Assistant (GSA) ... > OK: Greenbone Security Assistant is present in version 6.0.10. > Step 5: Checking OpenVAS CLI ... > OK: OpenVAS CLI version 1.4.4. > Step 6: Checking Greenbone Security Desktop (GSD) ... > SKIP: Skipping check for Greenbone Security Desktop. > Step 7: Checking if OpenVAS services are up and running ... > OK: netstat found, extended checks of the OpenVAS services enabled. > OK: OpenVAS Scanner is running and listening only on the local > interface. > OK: OpenVAS Scanner is listening on port 9391, which is the > default port. > WARNING: OpenVAS Manager is running and listening only on the > local interface. > This means that you will not be able to access the OpenVAS Manager > from the > outside using GSD or OpenVAS CLI. > SUGGEST: Ensure that OpenVAS Manager listens on all interfaces > unless you want > a local service only. > OK: OpenVAS Manager is listening on port 9390, which is the > default port. > OK: Greenbone Security Assistant is listening on port 9392, which > is the default port. > Step 8: Checking nmap installation ... > WARNING: Your version of nmap is not fully supported: 7.25BETA1 > SUGGEST: You should install nmap 5.51 if you plan to use the nmap > NSE NVTs. > Step 10: Checking presence of optional tools ... > OK: pdflatex found. > OK: PDF generation successful. The PDF report format is likely to > work. > OK: ssh-keygen found, LSC credential generation for GNU/Linux > targets is likely to work. > OK: rpm found, LSC credential package generation for RPM based > targets is likely to work. > OK: alien found, LSC credential package generation for DEB based > targets is likely to work. > OK: nsis found, LSC credential package generation for Microsoft > Windows targets is likely to work. > > It seems like your OpenVAS-8 installation is OK. > > If you think it is not OK, please report your observation > and help us to improve this check routine: > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss > Please attach the log-file (/tmp/openvas-check-setup.log) to help us > analyze the problem. > ------------------------------------------------------------ > ----------------------------------------------- > netstat -antp > ------------------------------------------------------------ > ------------------------------------------------ > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address Foreign Address State > PID/Program name > tcp 0 0 0.0.0.0:22 0.0.0.0:* > LISTEN 1410/sshd > tcp 0 0 127.0.0.1:9390 0.0.0.0:* > LISTEN 2962/openvasmd > tcp 0 0 127.0.0.1:9391 0.0.0.0:* > LISTEN 2930/openvassd: Wai > tcp 0 0 0.0.0.0:111 0.0.0.0:* > LISTEN 477/rpcbind > tcp 0 0 127.0.0.1:80 0.0.0.0:* > LISTEN 2972/gsad > tcp 0 0 127.0.0.1:9392 0.0.0.0:* > LISTEN 2968/gsad > tcp 0 464 172.16.12.73:22 172.18.146.60:55852 > ESTABLISHED 1412/sshd: mpleis [ > tcp6 0 0 :::22 :::* LISTEN > 1410/sshd > tcp6 0 0 :::111 :::* LISTEN > 477/rpcbind > # > > ------------------------------ > > CONFIDENTIALITY NOTICE: > > This E-mail (including the attachments) is covered by the Electronic > Communications Privacy Act, 18 U.S.C.ยงยง 2510-2521, is confidential and may > be legally privileged. If you are not the intended recipient, you are > hereby notified that any retention, dissemination, distribution, or copying > of this communication is strictly prohibited. Please reply to the sender > that you have received the message in error, then delete it. Thank You. > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
