Am I to the point of having to reinstall the software? I’m not sure what happened as the verbose option of the update command adds no information.
md main:MESSAGE:2017-08-28 18h32.40 utc:5471: OpenVAS Manager version 7.0.2 (DB revision 184) md main: INFO:2017-08-28 18h32.40 utc:5471: rebuild_nvt_cache_retry: Reloading NVT cache md main: INFO:2017-08-28 18h32.40 utc:5472: update_or_rebuild_nvt_cache: Rebuilding NVT cache base gpgme:MESSAGE:2017-08-28 18h32.40 utc:5472: Setting GnuPG dir to '/var/lib/openvas/openvasmd/gnupg' base gpgme:MESSAGE:2017-08-28 18h32.40 utc:5472: Using OpenPGP engine version '2.0.22' md main: INFO:2017-08-28 18h32.41 utc:5472: Updating NVT cache. md main:WARNING:2017-08-28 18h48.19 utc:5472: openvas_scanner_read: Failed to read from scanner: Connection reset by peer From: [email protected] [mailto:[email protected]] On Behalf Of Eero Volotinen Sent: Monday, August 28, 2017 9:01 AM To: Trent Townsend <[email protected]> Cc: [email protected] Subject: Re: [Openvas-discuss] Scans stop at 1% try rebuilding nvt caches? Eero 2017-08-28 16:57 GMT+03:00 Trent Townsend <[email protected]<mailto:[email protected]>>: Eero, Let me backup just a moment. Now I can’t seem to get the scanner to start: [root@ggc-scan cron.d]# systemctl status openvas-scanner ● openvas-scanner.service - OpenVAS Scanner Loaded: loaded (/usr/lib/systemd/system/openvas-scanner.service; enabled; vendor preset: disabled) Active: activating (start) since Mon 2017-08-28 08:46:07 CDT; 52s ago Control: 4056 (openvassd) CGroup: /system.slice/openvas-scanner.service └─4056 /usr/sbin/openvassd Aug 28 08:46:07 ggc-scan systemd[1]: Starting OpenVAS Scanner... The openvassd.log file doesn’t show much except: [Mon Aug 28 13:11:52 2017][3090] Failed to initialize nvti cache. How can I determine what is going on with my scanner? I’d like to avoid rebuilding the entire system. Thank you very much in advance, Trent From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Eero Volotinen Sent: Monday, August 28, 2017 2:23 AM To: Trent Townsend <[email protected]<mailto:[email protected]>> Cc: [email protected]<mailto:[email protected]> Subject: Re: [Openvas-discuss] Scans stop at 1% check out that redis is configured and working. Eero 2017-08-28 5:14 GMT+03:00 Trent Townsend <[email protected]<mailto:[email protected]>>: I know this has been asked many times over the years but I am at a loss. I keep getting the scans “Stopped at 1%” message and I cannot find anywhere in the logs that would tell me why. I did get one scan to run today but I cannot repeat that success. How does one find what is causing this problem? Is it possible this is tied to memory or CPU? Thanks in advance. openvas-check-setup log below Trent ----------------------------------------------- openvas-check-setup 2.3.7 Test completeness and readiness of OpenVAS-9 Please report us any non-detected problems and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem. Use the parameter --server to skip checks for client tools like GSD and OpenVAS-CLI. Step 1: Checking OpenVAS Scanner ... OK: OpenVAS Scanner is present in version 5.1.1. OK: redis-server is present in version v=3.2.3. OK: scanner (kb_location setting) is configured properly using the redis-server socket: /tmp/redis.sock OK: redis-server is running and listening on socket: /tmp/redis.sock. OK: redis-server configuration is OK and redis-server is running. OK: NVT collection in /var/lib/openvas/plugins contains 54814 NVTs. WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner. SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html). OK: The NVT cache in /var/cache/openvas contains 54814 files for 54814 NVTs. Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 7.0.2. OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db. OK: Access rights for the OpenVAS Manager database are correct. OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled. OK: OpenVAS Manager database is at revision 184. OK: OpenVAS Manager expects database at revision 184. OK: Database schema is up to date. OK: OpenVAS Manager database contains information about 54814 NVTs. OK: At least one user exists. OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db. OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db. OK: xsltproc found. Step 3: Checking user configuration ... WARNING: Your password policy is empty. SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy. Step 4: Checking Greenbone Security Assistant (GSA) ... OK: Greenbone Security Assistant is present in version 7.0.2. OK: Your OpenVAS certificate infrastructure passed validation. Step 5: Checking OpenVAS CLI ... OK: OpenVAS CLI version 1.4.5. Step 6: Checking Greenbone Security Desktop (GSD) ... SKIP: Skipping check for Greenbone Security Desktop. Step 7: Checking if OpenVAS services are up and running ... OK: netstat found, extended checks of the OpenVAS services enabled. OK: OpenVAS Scanner is running and listening on a Unix domain socket. OK: OpenVAS Manager is running and listening on a Unix domain socket. OK: Greenbone Security Assistant is listening on port 80, which is the default port. Step 8: Checking nmap installation ... WARNING: Your version of nmap is not fully supported: 6.47 SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs. Step 10: Checking presence of optional tools ... OK: pdflatex found. WARNING: PDF generation failed, most likely due to missing LaTeX packages. The PDF report format will not work. SUGGEST: Install required LaTeX packages. OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work. OK: rpm found, LSC credential package generation for RPM based targets is likely to work. WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work. SUGGEST: Install alien. OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work. OK: SELinux is disabled. It seems like your OpenVAS-9 installation is OK. If you think it is not OK, please report your observation and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem. [root@ggc-scan openvas]# cat /tmp/openvas-check-setup.log openvas-check-setup 2.3.7 Mode: desktop Date: Sun, 27 Aug 2017 21:03:41 -0500 Checking for old OpenVAS Scanner <= 2.0 ... /bin/openvas-check-setup: line 172: openvasd: command not found Checking presence of OpenVAS Scanner ... OpenVAS Scanner 5.1.1 Most new code since 2005: (C) 2016 Greenbone Networks GmbH Nessus origin: (C) 2004 Renaud Deraison <[email protected]<mailto:[email protected]>> License GPLv2: GNU GPL version 2 This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Checking OpenVAS Scanner version ... OK: OpenVAS Scanner is present in version 5.1.1. plugins_folder = /var/lib/openvas/plugins cache_folder = /var/cache/openvas include_folders = /var/lib/openvas/plugins max_hosts = 30 max_checks = 10 be_nice = no logfile = /var/log/openvas/openvassd.log log_whole_attack = no log_plugins_name_at_load = no dumpfile = /var/log/openvas/openvassd.dump cgi_path = /cgi-bin:/scripts optimize_test = yes checks_read_timeout = 5 network_scan = no non_simult_ports = 139, 445 plugins_timeout = 320 scanner_plugins_timeout = 36000 safe_checks = yes auto_enable_dependencies = yes use_mac_addr = no nasl_no_signature_check = yes drop_privileges = no unscanned_closed = yes unscanned_closed_udp = yes vhosts = vhosts_ip = report_host_details = yes kb_location = /tmp/redis.sock timeout_retry = 3 rules = /etc/openvas/openvassd.rules port_range = default silent_dependencies = no save_knowledge_base = no kb_restore = no only_test_hosts_whose_kb_we_dont_have = no only_test_hosts_whose_kb_we_have = no kb_dont_replay_scanners = no kb_dont_replay_info_gathering = no kb_dont_replay_attacks = no kb_dont_replay_denials = no kb_max_age = 864000 slice_network_addresses = no cert_file = /var/lib/openvas/CA/servercert.pem key_file = /var/lib/openvas/private/CA/serverkey.pem ca_file = /var/lib/openvas/CA/cacert.pem config_file = /etc/openvas/openvassd.conf Checking presence of redis ... OK: redis-server is present in version v=3.2.3. Checking if redis-server is configured properly to run with openVAS ... OK: scanner (kb_location setting) is configured properly using the redis-server socket: /tmp/redis.sock Checking if redis-server is running ... OK: redis-server is running and listening on socket: /tmp/redis.sock. OK: redis-server configuration is OK and redis-server is running. Checking NVT collection ... OK: NVT collection in /var/lib/openvas/plugins contains 54814 NVTs. Checking status of signature checking in OpenVAS Scanner ... WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner. SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html). OK: The NVT cache in /var/cache/openvas contains 54814 files for 54814 NVTs. Checking presence of OpenVAS Manager ... OpenVAS Manager 7.0.2 Manager DB revision 184 Copyright (C) 2010-2016 Greenbone Networks GmbH License GPLv2+: GNU GPL version 2 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. OK: OpenVAS Manager is present in version 7.0.2. Checking OpenVAS Manager database ... OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db. Checking access rights of OpenVAS Manager database ... OK: Access rights for the OpenVAS Manager database are correct. Checking sqlite3 presence ... OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled. Checking OpenVAS Manager database revision ... OK: OpenVAS Manager database is at revision 184. Checking database revision expected by OpenVAS Manager ... OK: OpenVAS Manager expects database at revision 184. OK: Database schema is up to date. Checking OpenVAS Manager database (NVT data) ... OK: OpenVAS Manager database contains information about 54814 NVTs. Checking if users exist ... OK: At least one user exists. Checking OpenVAS SCAP database ... OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db. Checking OpenVAS CERT database ... OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db. Checking xsltproc presence ... OK: xsltproc found. Checking status of password policy ... WARNING: Your password policy is empty. SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy. Checking presence of Greenbone Security Assistant ... Greenbone Security Assistant 7.0.2 Copyright (C) 2010-2016 Greenbone Networks GmbH License GPLv2+: GNU GPL version 2 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. OK: Greenbone Security Assistant is present in version 7.0.2. Verifying certificate infrastructure ... OK: Directory for keys (/var/lib/openvas/private/CA) exists. OK: Directory for certificates (/var/lib/openvas/CA) exists. OK: CA key found in /var/lib/openvas/private/CA/cakey.pem OK: CA certificate found in /var/lib/openvas/CA/cacert.pem OK: CA certificate verified. OK: Certificate /var/lib/openvas/CA/servercert.pem verified. OK: Certificate /var/lib/openvas/CA/clientcert.pem verified. OK: Your OpenVAS certificate infrastructure passed validation. OK: Your OpenVAS certificate infrastructure passed validation. Checking presence of OpenVAS CLI ... OMP Command Line Interface 1.4.5 Copyright (C) 2010-2016 Greenbone Networks GmbH License GPLv2+: GNU GPL version 2 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. OK: OpenVAS CLI version 1.4.5. SKIP: Skipping check for Greenbone Security Desktop. Checking netstat presence ... OK: netstat found, extended checks of the OpenVAS services enabled. Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:6379<http://127.0.0.1:6379> 0.0.0.0:* LISTEN 1060/redis-server 1 tcp 0 0 127.0.0.1:9390<http://127.0.0.1:9390> 0.0.0.0:* LISTEN 2544/openvasmd tcp 0 0 0.0.0.0:9392<http://0.0.0.0:9392> 0.0.0.0:* LISTEN 2227/gsad tcp 0 0 0.0.0.0:80<http://0.0.0.0:80> 0.0.0.0:* LISTEN 2229/gsad tcp 0 0 0.0.0.0:22<http://0.0.0.0:22> 0.0.0.0:* LISTEN 1059/sshd tcp 0 0 127.0.0.1:25<http://127.0.0.1:25> 0.0.0.0:* LISTEN 1877/master tcp6 0 0 :::22 :::* LISTEN 1059/sshd tcp6 0 0 ::1:25 :::* LISTEN 1877/master OK: OpenVAS Scanner is running and listening on a Unix domain socket. OK: OpenVAS Manager is running and listening on a Unix domain socket. OK: Greenbone Security Assistant is listening on port 80, which is the default port. Checking presence of nmap ... WARNING: Your version of nmap is not fully supported: 6.47 SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs. Checking presence of pdflatex ... OK: pdflatex found. Checking presence of LaTeX packages required for PDF report generation ... WARNING: PDF generation failed, most likely due to missing LaTeX packages. The PDF report format will not work. SUGGEST: Install required LaTeX packages. This is pdfTeX, Version 3.1415926-2.5-1.40.14 (TeX Live 2013) (format=pdflatex 2017.8.24) 27 AUG 2017 21:04 entering extended mode restricted \write18 enabled. %&-line parsing enabled. **/tmp/openvas-check-setup-tmp.wAAVQxBD9W/test.tex (/tmp/openvas-check-setup-tmp.wAAVQxBD9W/test.tex LaTeX2e <2011/06/27> Babel <v3.8m> and hyphenation patterns for english, dumylang, nohyphenation, lo aded. (/usr/share/texlive/texmf-dist/tex/latex/base/article.cls Document Class: article 2007/10/19 v1.4h Standard LaTeX document class (/usr/share/texlive/texmf-dist/tex/latex/base/size10.clo File: size10.clo 2007/10/19 v1.4h Standard LaTeX file (size option) ) \c@part=\count79 \c@section=\count80 \c@subsection=\count81 \c@subsubsection=\count82 \c@paragraph=\count83 \c@subparagraph=\count84 \c@figure=\count85 \c@table=\count86 \abovecaptionskip=\skip41 \belowcaptionskip=\skip42 \bibindent=\dimen102 ) (/usr/share/texlive/texmf-dist/tex/latex/tools/tabularx.sty Package: tabularx 1999/01/07 v2.07 `tabularx' package (DPC) (/usr/share/texlive/texmf-dist/tex/latex/tools/array.sty Package: array 2008/09/09 v2.4c Tabular extension package (FMi) \col@sep=\dimen103 \extrarowheight=\dimen104 \NC@list=\toks14 \extratabsurround=\skip43 \backup@length=\skip44 ) \TX@col@width=\dimen105 \TX@old@table=\dimen106 \TX@old@col=\dimen107 \TX@target=\dimen108 \TX@delta=\dimen109 \TX@cols=\count87 \TX@ftn=\toks15 ) (/usr/share/texlive/texmf-dist/tex/latex/geometry/geometry.sty Package: geometry 2010/09/12 v5.6 Page Geometry (/usr/share/texlive/texmf-dist/tex/latex/graphics/keyval.sty Package: keyval 1999/03/16 v1.13 key=value parser (DPC) \KV@toks@=\toks16 ) (/usr/share/texlive/texmf-dist/tex/generic/oberdiek/ifpdf.sty Package: ifpdf 2011/01/30 v2.3 Provides the ifpdf switch (HO) Package ifpdf Info: pdfTeX in PDF mode is detected. ) (/usr/share/texlive/texmf-dist/tex/generic/oberdiek/ifvtex.sty Package: ifvtex 2010/03/01 v1.5 Detect VTeX and its facilities (HO) Package ifvtex Info: VTeX not detected. ) (/usr/share/texlive/texmf-dist/tex/generic/ifxetex/ifxetex.sty Package: ifxetex 2010/09/12 v0.6 Provides ifxetex conditional ) \Gm@cnth=\count88 \Gm@cntv=\count89 \c@Gm@tempcnt=\count90 \Gm@bindingoffset=\dimen110 \Gm@wd@mp=\dimen111 \Gm@odd@mp=\dimen112 \Gm@even@mp=\dimen113 \Gm@layoutwidth=\dimen114 \Gm@layoutheight=\dimen115 \Gm@layouthoffset=\dimen116 \Gm@layoutvoffset=\dimen117 \Gm@dimlist=\toks17 ) ! LaTeX Error: File `comment.sty' not found. Type X to quit or <RETURN> to proceed, or enter new name. (Default extension: sty) Enter file name: ! Emergency stop. <read *> l.8 \usepackage {longtable}^^M *** (cannot \read from terminal in nonstop modes) Here is how much of TeX's memory you used: 815 strings out of 495063 11112 string characters out of 3182201 60410 words of memory out of 3000000 4062 multiletter control sequences out of 15000+200000 3640 words of font info for 14 fonts, out of 3000000 for 9000 14 hyphenation exceptions out of 8191 23i,0n,19p,192b,36s stack positions out of 5000i,500n,10000p,200000b,50000s ! ==> Fatal error occurred, no output PDF file produced! Checking presence of ssh-keygen ... OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work. Checking presence of rpm ... OK: rpm found, LSC credential package generation for RPM based targets is likely to work. Checking presence of alien ... WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work. SUGGEST: Install alien. Checking presence of nsis ... OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work. Checking for SELinux ... OK: SELinux is disabled. -- Trent Townsend, CISSP, CCNA ________________________________ This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author, and do not necessarily represent those of Next Step Innovation. If you are not the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited. If you have received this email in error, please contact the sender. ________________________________ _______________________________________________ Openvas-discuss mailing list [email protected]<mailto:[email protected]> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ________________________________ This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author, and do not necessarily represent those of Next Step Innovation. If you are not the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited. If you have received this email in error, please contact the sender. ________________________________ This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author, and do not necessarily represent those of Next Step Innovation. If you are not the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited. If you have received this email in error, please contact the sender.
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
