Hi, I'm having problems with a certain host scan ending with the error status. In attempt to understand the cause of error I've set log_whole_attack and dumpfile options in openvassd.conf:
# Log file (or 'syslog') : logfile = /var/log/openvas/openvassd.log # Shall we log every details of the attack ? (disk intensive) log_whole_attack = yes # Log the name of the plugins that are loaded by the server ? log_plugins_name_at_load = no # Dump file for debugging output, use `-' for stdout dumpfile = /var/log/openvas/openvassd.dump Despite that /var/log/openvas/openvassd.log looks like this for the whole scan (both successful and faulty one): [Tue Nov 8 15:23:38 2016][13391] Testing somesite.com (X.X.X.X) [13614] [Tue Nov 8 18:46:56 2016][16370] open_sock_tcp: X.X.X.X:445 time-out. [Tue Nov 8 18:47:57 2016][17617] open_sock_tcp: X.X.X.X:23 time-out. [Tue Nov 8 18:48:10 2016][17865] open_sock_tcp: X.X.X.X:23 time-out. [Tue Nov 8 18:48:38 2016][18601] open_sock_tcp: X.X.X.X:445 time-out. [Tue Nov 8 18:48:48 2016][18601] open_sock_tcp: X.X.X.X:445 time-out. [Tue Nov 8 18:51:30 2016][22492] open_sock_tcp: X.X.X.X:5001 time-out. [Tue Nov 8 18:52:12 2016][23076] open_sock_tcp: X.X.X.X:23 time-out. [Tue Nov 8 18:53:13 2016][23936] open_sock_tcp: X.X.X.X:515 time-out. [Tue Nov 8 18:53:21 2016][24039] open_sock_tcp: X.X.X.X:10443 time-out. [Tue Nov 8 18:54:11 2016][24271] open_sock_tcp: X.X.X.X:1804 time-out. [Tue Nov 8 18:54:48 2016][24384] open_sock_tcp: X.X.X.X:7800 time-out. [Tue Nov 8 18:59:09 2016][13614] Finished testing X.X.X.X. Time : 12931.24 secs [Tue Nov 8 18:59:09 2016][13391] Test complete [Tue Nov 8 18:59:09 2016][13391] Total time to scan all hosts : 13000 seconds Dump file is empty. OpenVAS successfully creates it but writes nothing since then. Is that an intended behaivior? Any suggestions what can be done to enable verbose logging? Here is some information about my setup: # uname -a Linux ... 2.6.32-642.6.1.el6.x86_64 #1 SMP Wed Oct 5 00:36:12 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux # cat /etc/centos-release CentOS release 6.8 (Final) # yum list installed | grep openvas openvas.noarch 1.0-17.el6.art @atomic openvas-cli.x86_64 1.4.3-9.el6.art @atomic openvas-libraries.x86_64 8.0.7-24.el6.art @atomic openvas-manager.x86_64 6.0.8-35.el6.art @atomic openvas-scanner.x86_64 5.0.5-23.el6.art @atomic openvas-smb.x86_64 1.0.1-1.el6.art @atomic # openvas-check-setup --v8 --server openvas-check-setup 2.3.0 Test completeness and readiness of OpenVAS-8 (add '--v6' or '--v7' or '--9' if you want to check for another OpenVAS version) Please report us any non-detected problems and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem. Step 1: Checking OpenVAS Scanner ... OK: OpenVAS Scanner is present in version 5.0.5. OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem. OK: NVT collection in /var/lib/openvas/plugins contains 50010 NVTs. WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner. SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html). OK: The NVT cache in /var/cache/openvas contains 50021 files for 50010 NVTs. OK: redis-server is present in version v=3.2.0. OK: scanner (kb_location setting) is configured properly using the redis-server socket: /tmp/redis.sock OK: redis-server is running and listening on socket: /tmp/redis.sock. OK: redis-server configuration is OK and redis-server is running. Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 6.0.8. OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem. OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db. OK: Access rights for the OpenVAS Manager database are correct. OK: At least one user exists. OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled. OK: OpenVAS Manager database is at revision 146. OK: OpenVAS Manager expects database at revision 146. OK: Database schema is up to date. OK: OpenVAS Manager database contains information about 49747 NVTs. OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db. OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db. OK: xsltproc found. Step 3: Checking user configuration ... WARNING: Your password policy is empty. SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy. Step 4: Checking Greenbone Security Assistant (GSA) ... OK: Greenbone Security Assistant is present in version 6.0.10. Step 5: Checking OpenVAS CLI ... SKIP: Skipping check for OpenVAS CLI. Step 6: Checking Greenbone Security Desktop (GSD) ... SKIP: Skipping check for Greenbone Security Desktop. Step 7: Checking if OpenVAS services are up and running ... OK: netstat found, extended checks of the OpenVAS services enabled. OK: OpenVAS Scanner is running and listening on all interfaces. OK: OpenVAS Scanner is listening on port 9391, which is the default port. WARNING: OpenVAS Manager is running and listening only on the local interface. This means that you will not be able to access the OpenVAS Manager from the outside using GSD or OpenVAS CLI. SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless you want a local service only. OK: OpenVAS Manager is listening on port 9390, which is the default port. OK: Greenbone Security Assistant is listening on port 9392, which is the default port. Step 8: Checking nmap installation ... WARNING: Your version of nmap is not fully supported: 7.30 SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs. Step 10: Checking presence of optional tools ... OK: pdflatex found. OK: PDF generation successful. The PDF report format is likely to work. OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work. OK: rpm found, LSC credential package generation for RPM based targets is likely to work. WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work. SUGGEST: Install alien. OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work. OK: SELinux is disabled. It seems like your OpenVAS-8 installation is OK.
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
