I'm running openvas9 on ubuntu that I installed from packages based on instructions here https://launchpad.net/~mrazavi/+archive/ubuntu/openvas
I ran fast-and-full scan against a single host and I watched the status move slowly towards 100% and at last marked as Done. After a while, say when it was around 12%, I started a tcpdump to see what it was sending but didn't see any packets destined for the host I was testing. Oddly, I can see ssh and other connections from this computer to the scanned host, but openvas just seems not to be doing anything! At the end of the scan, I click on the task and see there is one report. I click on the 1 and it tells me; The report is empty. *The filter does not match any of 1 results.* It's the same if I go to the Reports, there's no report! Now I know it must have started sending data because the host knew it was being port scanned but after a while, openvas just seemed to send nothing at all. I got a message from bitdefender blocking the port scan. So it must have done something early on. So this is odd. It seemed to start to scan but then I had no evidence of it scanning, and at the end, I see no evidence of a report. And no error message either. So it seems like it didn't work... In the openvasmd log: event task:MESSAGE:2017-06-21 22h22.44 UTC:12146: Status of task Immediate scan of IP 10.89.1.1 (57016984-1f4a-497b-a2d2-794934868fbc) has changed to Done and the openvassd.messages [Wed Jun 21 17:03:56 2017][8974] openvassd 5.1.1 started [Wed Jun 21 17:13:10 2017][9320] Client not present [Wed Jun 21 17:14:18 2017][8974] Reloading the scanner. [Wed Jun 21 17:17:25 2017][8974] Finished reloading the scanner. [Wed Jun 21 17:18:13 2017][10635] Client closed the communication [Wed Jun 21 17:39:21 2017][8974] Received the Terminated signal [Wed Jun 21 17:40:04 2017][11949] openvassd 5.1.1 started [Wed Jun 21 17:41:07 2017][12044] Client closed the communication [Wed Jun 21 17:55:46 2017][12145] Starts a new scan. Target(s) : 10.89.1.1, with max_hosts = 30 and max_checks = 10 [Wed Jun 21 17:55:46 2017][12145] exclude_hosts: Skipped 0 host(s). [Wed Jun 21 17:55:46 2017][12145] Testing 10.89.1.1 (10.89.1.1) [12158] [Wed Jun 21 22:22:42 2017][12158] Finished testing 10.89.1.1. Time : 16015.78 secs [Wed Jun 21 22:22:42 2017][12145] Test complete [Wed Jun 21 22:22:42 2017][12145] Total time to scan all hosts : 16026 seconds It did take 4 hours to complete, is this normal for a fast-and-full scan? Suggestions? Was it a mistake to try openvas 9?
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
