date:20180225

Re: [Openvas-discuss] Scanner Master Slave setup

2018-02-25 Thread Thijs Stuurman

By the way, I do notice your initial mail contains logs with:

lib  serv:  DEBUG:2018-02-22 17h59.10 UTC:22888:Connected to server 
‘op4us1opsscan01.domain.net' port 9393.

My master connects to the slaves using OMP (Type: OMP Slave) on port 9390 on 
which gvmd is listening.

I do not see any option in the slave configuration to set secure of insecure…

Thijs Stuurman
Security Operations Center | KPN Internedservices B.V.
thijs.stuur...@internedservices.nl | 
thijs.stuur...@kpn.com
T: +31(0)299476185 | M: +31(0)624366778
PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/)
Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048

W: https://www.internedservices.nl | L: 
https://nl.linkedin.com/in/thijsstuurman

Van: Louis Bohm [mailto:lo...@systemgeek.net]
Verzonden: vrijdag 23 februari 2018 16:05
Aan: Thijs Stuurman 
CC: openvas-discuss@wald.intevation.org
Onderwerp: Re: [Openvas-discuss] Scanner Master Slave setup

I got it working but not sure why.  So if I use a username/password and set the 
credential to allow insecure=yes the client comes back with a 200 response but 
does nothing.  If I change the credential to allow insecure=no the client comes 
back with:
md   main:  DEBUG:2018-02-23 15h01.16 UTC:25782: -> client: 

but then the scan starts…

Very odd.

I will have to try the same thing but with the servercert.pem and see if that 
works.

Louis
:
Louis Bohm - Sr. Systems Engineer
Dell TechDirect Certified

On Feb 23, 2018, at 9:59 AM, Louis Bohm 
> wrote:

That yelled me this on the client but still the scan has not progressed from 
Requested.

Client:
lib  serv:  DEBUG:2018-02-23 14h37.52 utc:25578:Shook hands with peer.
md   main:  DEBUG:2018-02-23 14h37.52 utc:25578:Serving OMP.
md   main:  DEBUG:2018-02-23 14h37.52 utc:25578: <= client  Input may contain 
password, suppressed.
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:XML  start: authenticate (0)
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:client state set: 2
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:XML  start: credentials (2)
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:client state set: 3
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:XML  start: username (3)
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:client state set: 5
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:XML   text: admin
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:XMLend: username
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:client state set: 3
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:XML  start: password (3)
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:client state set: 4
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:XML   text: 
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:XMLend: password
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:client state set: 3
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:XMLend: credentials
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:client state set: 2
mdomp:  DEBUG:2018-02-23 14h37.52 utc:25578:XMLend: authenticate
md   main:  DEBUG:2018-02-23 14h37.52 UTC:25578: -> client: 
AdminUTCnist
mdomp:  DEBUG:2018-02-23 14h37.52 UTC:25578:client state set: 1
md   main:  DEBUG:2018-02-23 14h37.52 UTC:25578: => client  144 bytes
md   main:  DEBUG:2018-02-23 14h37.52 UTC:25578: => client  done
I know the username and password are correct.  And the slave even sent a 200 
response to the master so why is it not working  So frustrating.

Louis
:
Louis Bohm - Sr. Systems Engineer
Dell TechDirect Certified

On Feb 23, 2018, at 7:42 AM, Thijs Stuurman 
> 
wrote:

Try the /var/lib/openvas/CA/cacert.pem from your slave.

Thijs Stuurman
Security Operations Center | KPN Internedservices B.V.
thijs.stuur...@internedservices.nl | 
thijs.stuur...@kpn.com
T: +31(0)299476185 | M: +31(0)624366778
PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/)
Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048

W: https://www.internedservices.nl | L: 
https://nl.linkedin.com/in/thijsstuurman

Van: Louis Bohm [mailto:lo...@systemgeek.net]
Verzonden: vrijdag 23 februari 2018 13:18
Aan: Thijs Stuurman 
>
CC: 
openvas-discuss@wald.intevation.org
Onderwerp: Re: [Openvas-discuss] Scanner Master Slave setup

According to the doc it says to use: 
${CMAKE_INSTALL_PREFIX}"/var/lib/openvas/CA/servercert.pem.
On CentOS 7 that turns out to be:

Re: [Openvas-discuss] Installing OpenVAS in CentOS 7 VM

2018-02-25 Thread Eero Volotinen

do you have enought ram in vm?

Eero

25.2.2018 23.04 "Jerry Lotto"  kirjoitti:

> Running around in circles.  Removed, replaced, reinstalled, downgraded 8 /
> upgraded 9.  Everything leads to this:
>
>
>
> Checking OpenVAS Manager database (NVT data) ...
>
> ERROR: The number of NVTs in the OpenVAS Manager database is too
> low.
>
> FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT
> collect
>
> ion and run 'openvasmd --rebuild'.
>
> WARNING: OpenVAS Scanner is NOT running!
>
> SUGGEST: Start OpenVAS Scanner (openvassd).
>
>
>
> So I’ve got a chicken and egg problem.
>
>
>
> Scanner won’t start:
>
>
>
> [root@centos7vm /]# systemctl status *openvas-scanner* -l
>
> ● openvas-scanner.service - OpenVAS Scanner
>
>Loaded: loaded (/usr/lib/systemd/system/openvas-scanner.service;
> enabled; vendor preset: disabled)
>
>Active: *activating (start)* since Sun 2018-02-25 15:46:30 EST; 13min
> ago
>
>   Control: 18590 (openvassd)
>
>CGroup: /system.slice/openvas-scanner.service
>
>└─18590 /usr/sbin/openvassd
>
>
>
> Feb 25 15:46:30 centos7vm.lotto.net systemd[1]: Starting OpenVAS
> Scanner...
>
> Feb 25 15:46:30 centos7vm.lotto.net systemd[1]: Starting OpenVAS
> Scanner...
>
>
>
> Everything else is up:
>
>
>
> [root@centos7vm /]# systemctl status *openvas-manager -l*
>
> ● openvas-manager.service - OpenVAS Manager
>
>Loaded: loaded (/usr/lib/systemd/system/openvas-manager.service;
> enabled; vendor preset: disabled)
>
>Active: *active (running)* since Sun 2018-02-25 13:26:18 EST; 2h 29min
> ago
>
> Main PID: 9986 (openvasmd)
>
>CGroup: /system.slice/openvas-manager.service
>
>└─9986 openvasmd
>
>
>
> Feb 25 13:26:18 centos7vm.lotto.net systemd[1]: Starting OpenVAS
> Manager...
>
> Feb 25 13:26:18 centos7vm.lotto.net systemd[1]: Started OpenVAS Manager.
>
>
>
> [root@centos7vm /]# systemctl status *redis -l*
>
> ● redis.service - Redis persistent key-value database
>
>Loaded: loaded (/usr/lib/systemd/system/redis.service; enabled; vendor
> preset: disabled)
>
>   Drop-In: /etc/systemd/system/redis.service.d
>
>└─limit.conf
>
>Active: *active (running)* since Sun 2018-02-25 12:20:23 EST; 3h 35min
> ago
>
> Main PID: 4744 (redis-server)
>
>CGroup: /system.slice/redis.service
>
>└─4744 /usr/bin/redis-server 127.0.0.1:6379
>
>
>
> [root@centos7vm /]# systemctl status *gsad* -l
>
> ● gsad.service - OpenVAS Manager
>
>Loaded: loaded (/usr/lib/systemd/system/gsad.service; enabled; vendor
> preset: disabled)
>
>Active: *active (running)* since Sun 2018-02-25 15:06:25 EST; 55min ago
>
> Main PID: 16626 (gsad)
>
>CGroup: /system.slice/gsad.service
>
>├─16626 /usr/sbin/gsad --listen 0.0.0.0 --port 9392
>
>└─16627 /usr/sbin/gsad --listen 0.0.0.0 --port 9392
>
>
>
> Feb 25 15:06:25 centos7vm.lotto.net systemd[1]: Starting OpenVAS
> Manager...
>
> Feb 25 15:06:25 centos7vm.lotto.net systemd[1]: Started OpenVAS Manager.
>
>
>
> Scanner logs ogs say:
>
> [Sun Feb 25 15:02:52 2018][51446] NVT with duplicate OID
> 1.3.6.1.4.1.25623.1.0.890841 will be replaced with 2017/deb_dla_841.nasl
>
> [Sun Feb 25 16:52:19 2018][1317] Failed to initialize nvti cache.
>
> (repeats)
>
>
>
> But NVT update or rebuild won’t succeed without scanner running.
>
>
>
> md manage:WARNING:2018-02-25 20h12.30 utc:17040: database must be
> initialised from scanner (with --update or --rebuild)
>
> md   main:MESSAGE:2018-02-25 20h12.30 utc:17041:OpenVAS Manager
> version 7.0.2 (DB revision 184)
>
> md   main:   INFO:2018-02-25 20h12.30 utc:17041: rebuild_nvt_cache_retry:
> Reloading NVT cache
>
> md   main:   INFO:2018-02-25 20h12.30 utc:17042:
> update_or_rebuild_nvt_cache: Rebuilding NVT cache
>
> base gpgme:MESSAGE:2018-02-25 20h12.30 utc:17042: Setting GnuPG dir to
> '/var/lib/openvas/openvasmd/gnupg'
>
> base gpgme:MESSAGE:2018-02-25 20h12.30 utc:17042: Using OpenPGP engine
> version '2.0.22'
>
> md   main:   INFO:2018-02-25 20h12.30 utc:17042:Updating NVT cache.
>
> md   main:WARNING:2018-02-25 20h26.27 utc:17042: openvas_scanner_read:
> Failed to read from scanner: Connection reset by peer
>
>
>
> I’ve deleted the cache, the database, the scap data, the certs –
> regenerated everything from scratch – spinning my wheels.
>
>
>
> Where is the smoking gun?
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> Ru
>
> ___
> Openvas-discuss mailing list
> Openvas-discuss@wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Installing OpenVAS in CentOS 7 VM

2018-02-25 Thread Jerry Lotto

Running around in circles.  Removed, replaced, reinstalled, downgraded 8 / 
upgraded 9.  Everything leads to this:

 

Checking OpenVAS Manager database (NVT data) ...

    ERROR: The number of NVTs in the OpenVAS Manager database is too low.

    FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT collect

ion and run 'openvasmd --rebuild'.

    WARNING: OpenVAS Scanner is NOT running!

    SUGGEST: Start OpenVAS Scanner (openvassd).

 

So I’ve got a chicken and egg problem.

 

Scanner won’t start:

 

[root@centos7vm /]# systemctl status openvas-scanner -l

● openvas-scanner.service - OpenVAS Scanner

   Loaded: loaded (/usr/lib/systemd/system/openvas-scanner.service; enabled; 
vendor preset: disabled)

   Active: activating (start) since Sun 2018-02-25 15:46:30 EST; 13min ago

  Control: 18590 (openvassd)

   CGroup: /system.slice/openvas-scanner.service

   └─18590 /usr/sbin/openvassd

 

Feb 25 15:46:30 centos7vm.lotto.net systemd[1]: Starting OpenVAS Scanner...

Feb 25 15:46:30 centos7vm.lotto.net systemd[1]: Starting OpenVAS Scanner...

 

Everything else is up:

 

[root@centos7vm /]# systemctl status openvas-manager -l

● openvas-manager.service - OpenVAS Manager

   Loaded: loaded (/usr/lib/systemd/system/openvas-manager.service; enabled; 
vendor preset: disabled)

   Active: active (running) since Sun 2018-02-25 13:26:18 EST; 2h 29min ago

 Main PID: 9986 (openvasmd)

   CGroup: /system.slice/openvas-manager.service

   └─9986 openvasmd

 

Feb 25 13:26:18 centos7vm.lotto.net systemd[1]: Starting OpenVAS Manager...

Feb 25 13:26:18 centos7vm.lotto.net systemd[1]: Started OpenVAS Manager.

 

[root@centos7vm /]# systemctl status redis -l

● redis.service - Redis persistent key-value database

   Loaded: loaded (/usr/lib/systemd/system/redis.service; enabled; vendor 
preset: disabled)

  Drop-In: /etc/systemd/system/redis.service.d

   └─limit.conf

   Active: active (running) since Sun 2018-02-25 12:20:23 EST; 3h 35min ago

 Main PID: 4744 (redis-server)

   CGroup: /system.slice/redis.service

   └─4744 /usr/bin/redis-server 127.0.0.1:6379

 

[root@centos7vm /]# systemctl status gsad -l

● gsad.service - OpenVAS Manager

   Loaded: loaded (/usr/lib/systemd/system/gsad.service; enabled; vendor 
preset: disabled)

   Active: active (running) since Sun 2018-02-25 15:06:25 EST; 55min ago

 Main PID: 16626 (gsad)

   CGroup: /system.slice/gsad.service

   ├─16626 /usr/sbin/gsad --listen 0.0.0.0 --port 9392

   └─16627 /usr/sbin/gsad --listen 0.0.0.0 --port 9392

 

Feb 25 15:06:25 centos7vm.lotto.net systemd[1]: Starting OpenVAS Manager...

Feb 25 15:06:25 centos7vm.lotto.net systemd[1]: Started OpenVAS Manager.

 

Scanner logs ogs say:

[Sun Feb 25 15:02:52 2018][51446] NVT with duplicate OID 
1.3.6.1.4.1.25623.1.0.890841 will be replaced with 2017/deb_dla_841.nasl

[Sun Feb 25 16:52:19 2018][1317] Failed to initialize nvti cache.

(repeats)

 

But NVT update or rebuild won’t succeed without scanner running.

 

md manage:WARNING:2018-02-25 20h12.30 utc:17040: database must be initialised 
from scanner (with --update or --rebuild)

md   main:MESSAGE:2018-02-25 20h12.30 utc:17041:    OpenVAS Manager version 
7.0.2 (DB revision 184)

md   main:   INFO:2018-02-25 20h12.30 utc:17041: rebuild_nvt_cache_retry: 
Reloading NVT cache

md   main:   INFO:2018-02-25 20h12.30 utc:17042: update_or_rebuild_nvt_cache: 
Rebuilding NVT cache

base gpgme:MESSAGE:2018-02-25 20h12.30 utc:17042: Setting GnuPG dir to 
'/var/lib/openvas/openvasmd/gnupg'

base gpgme:MESSAGE:2018-02-25 20h12.30 utc:17042: Using OpenPGP engine version 
'2.0.22'

md   main:   INFO:2018-02-25 20h12.30 utc:17042:    Updating NVT cache.

md   main:WARNING:2018-02-25 20h26.27 utc:17042: openvas_scanner_read: Failed 
to read from scanner: Connection reset by peer

 

I’ve deleted the cache, the database, the scap data, the certs – regenerated 
everything from scratch – spinning my wheels.

 

Where is the smoking gun?

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


   Ru

___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Scanner Master Slave setup

Re: [Openvas-discuss] Installing OpenVAS in CentOS 7 VM

[Openvas-discuss] Installing OpenVAS in CentOS 7 VM

3 matches

Site Navigation

Mail list logo

Footer information