Hi, unfortunately I didn't get any response.
It should not be a configuration issue, because we found this problem on all our servers (production) AND on a fresh installation of OpenVAS 9 under Kali (out of the box). We made a workaround, whichs works for us, but might not help in other situations: We use the comment field for the interface description and start a script to bring the interface up before we start the scan and bring the interface down afterwards. Maybe someone at Greenbone can give us some more information about that problem... Christian Ebert Chief Security Analyst, CISM, T.I.S.P. Head of Penetration Testing QSC AG Mathias-Brüggen-Straße 55 50829 Köln T +49 221 669-8950 F +49 221 669-85950 M +49 163 6698950 [email protected] http://www.qsc.de Besuchen Sie unsere Blogs: Corporate Blog unter http://blog.qsc.de Themen-Blog zur Digitalisierung unter http://digitales-wirtschaftswunder.de Bitte finden Sie hier die handelsrechtlichen Pflichtangaben: http://www.qsc.de/pflichtangaben Am 19.06.2017 um 09:22 schrieb r.m6 <[email protected]>: Hi Christian, did you get any feedback in the meanwhile - or did you find a solution? Is there any official instance to report bugs to? I am wondering why this problem is not more visible in the community. It is extremely distracting if you try to use openVAS in daily business. Is there anybody in the community who does NOT see the described problem? This information would be very valuable too because it could give some hints if it is a general bug or if it only happens in some configuration. Many thanks in advance! > On 09.06.2017 10:33, Ebert, Christian wrote: > Hi everyone, > > we experienced exactly the same problem here. It happens in OpenVAS 8 > (Debian8, Debian 9) as well as in OpenVAS 9 (Kali rolling release). > > I did report that to this mailing list, but didn't get any response. > > Best regards > > Christian Ebert > Chief Security Analyst, CISM, T.I.S.P. > Head of Penetration Testing > > QSC AG > Mathias-Brüggen-Straße 55 > 50829 Köln > > T +49 221 669-8950 > F +49 221 669-85950 > M +49 163 6698950 > [email protected] > http://www.qsc.de > > Besuchen Sie unsere Blogs: > Corporate Blog unter http://blog.qsc.de > Themen-Blog zur Digitalisierung unter http://digitales-wirtschaftswunder.de > > > Bitte finden Sie hier die handelsrechtlichen Pflichtangaben: > http://www.qsc.de/pflichtangaben > > > Am 09.06.2017 um 08:46 schrieb r.m6 <[email protected]>: > > Dear openVAS Community, > > we are using an openVAS 8 installation (ubuntu 16.04 server) with > multiple scan interfaces (eth0, gre1, gre2) for vulnerability scanning. > > Some tasks are configured for "Network Source Interface" (in the Web UI > "Edit Task" dialog) eth0, some others for gre.... > > We have observed that if the field "Network Source Interface" is (by > accident) left blank when creating a new or editing an existing task, > openVAS resets ALL other existing tasks for all OTHER openVAS user > accounts on this openVAS instance to blank. This results in scanning > from eth0 (the default) for ALL existing tasks - which is extremely > annoying for scheduled tasks because the results are messed up, alerts > are sent (because of the changed scan score) and each user has to repair > each single task. > > Did anyone else observe this behavior or - preferred :) - has a solution > for this problem? > > Many thanks in advance! > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
