Re: [Openvas-discuss] Openvas-Scanner Error: Connection reset by peer
On Mon, Aug 14, 2017 at 09:12:33AM -0400, Nate Robinson wrote: > anyone have any ideas as to what is causing this "connection reset by peer" > error? No specific idea. But I found in my case it was due to problems / missing GPG. It would try to call GPG in the middle of securing the local scan credentials, which would fail and sort of get dumped in /var/log. Then when you tried to figure it out from the outside, the socket gets dropped when the process crashes. I only figured it out by enabling the debug logging and scouring the output closely. Matthew. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Openvas-Scanner Error: Connection reset by peer
anyone have any ideas as to what is causing this "connection reset by peer" error? On Wed, Aug 9, 2017 at 1:53 PM, Nate Robinsonwrote: > Shameless self-bump > > On Mon, Aug 7, 2017 at 1:57 PM, Nate Robinson wrote: > >> Greetings! >> >> >> I am having an issue with my Openvas installation. Any tasks that I >> launch from Greenbone Security's GUI will change to the state "Requested", >> then timeout and change to 'Completed' without ever starting. I'm at my >> wit's end and am not sure what to try next. I'm going to provide as much >> detail as I can and beg/plead for some guidance on how to proceed :D >> >> -I have OpenVAS running on a Centos 7 VM >> >> -Here is an example of the error message in the log: >> >> md main:WARNING:2017-07-26 16h36.51 EDT:2423: openvas_scanner_read: >> Failed to read from scanner: Connection reset by peer >> >> >> -I'm running these versions: >> *Manager:* >> OpenVAS Manager 7.0.1 >> Manager DB revision 184 >> >> *GSAD:* >> Greenbone Security Assistant 7.0.2 >> >> *Scanner:* >> OpenVAS Scanner 5.1.1 >> Most new code since 2005: (C) 2016 Greenbone Networks GmbH >> >> >> -Openvas-check-setup returns "It seems like your OpenVAS-9 installation >> is OK" >> >> -Redis is active and ready to receive connections at /tmp/redis.sock >> >> >> -SELinux is disabled, and iptables isn't blocking loopback (locally) >> >> >> >> -Checking to see if the processes exist and are running (I'm not sure why >> there are two instances of gsad) >> >> $ ps aux | grep -i openvas >> root 2313 0.3 0.8 367720 82280 ?SL Jul26 10:33 openvasmd >> root 2315 0.0 0.0 758568 10012 ?Sl Jul26 0:07 >> /usr/sbin/gsad --listen 0.0.0.0 --port 9392 >> --ssl-private-key=/var/ssl/openvas/MYHOST.key >> --ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90 >> root 2316 0.0 0.0 250600 1756 ?Sl Jul26 0:00 >> /usr/sbin/gsad --listen 0.0.0.0 --port 9392 >> --ssl-private-key=/var/ssl/openvas/MYHOST.key >> --ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90 >> root 5925 0.0 0.0 175356 6556 ?SLs 13:00 0:00 >> /usr/sbin/openvassd >> >> >> >> -Here are the results of `netstat -tulpn`: >> Active Internet connections (only servers) >> Proto Recv-Q Send-Q Local Address Foreign Address State >> PID/Program name >> tcp0 0 0.0.0.0:93920.0.0.0:* >> LISTEN 2315/gsad >> tcp0 0 0.0.0.0:80 0.0.0.0:* >> LISTEN 2316/gsad >> tcp0 0 0.0.0.0:22 0.0.0.0:* >> LISTEN 1035/sshd >> tcp0 0 127.0.0.1:250.0.0.0:* >> LISTEN 2183/master >> tcp6 0 0 :::22 :::* >> LISTEN 1035/sshd >> tcp6 0 0 ::1:25 :::* >> LISTEN 2183/master >> >> >> If there is any additional information that I should provide, please let >> me know. Like I said before, I'm at the end of my rope as far as >> ideas/fixes go, and would greatly appreciate some insight. >> >> >> FWIW: It was working previously, and only recently (~1 month ago) noticed >> the scans were no longer functioning >> >> >> Thanks, >> >> -Nate >> >> > > > -- > --- > Nate Robinson > 3ROX Engineer > 412.268.9251 <(412)%20268-9251> > n...@psc.edu > -- --- Nate Robinson 3ROX Engineer 412.268.9251 n...@psc.edu ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Openvas-Scanner Error: Connection reset by peer
Greetings! I am having an issue with my Openvas installation. Any tasks that I launch from Greenbone Security's GUI will change to the state "Requested", then timeout and change to 'Completed' without ever starting. I'm at my wit's end and am not sure what to try next. I'm going to provide as much detail as I can and beg/plead for some guidance on how to proceed :D -I have OpenVAS running on a Centos 7 VM -Here is an example of the error message in the log: md main:WARNING:2017-07-26 16h36.51 EDT:2423: openvas_scanner_read: Failed to read from scanner: Connection reset by peer -I'm running these versions: *Manager:* OpenVAS Manager 7.0.1 Manager DB revision 184 *GSAD:* Greenbone Security Assistant 7.0.2 *Scanner:* OpenVAS Scanner 5.1.1 Most new code since 2005: (C) 2016 Greenbone Networks GmbH -Openvas-check-setup returns "It seems like your OpenVAS-9 installation is OK" -Redis is active and ready to receive connections at /tmp/redis.sock -SELinux is disabled, and iptables isn't blocking loopback (locally) -Checking to see if the processes exist and are running (I'm not sure why there are two instances of gsad) $ ps aux | grep -i openvas root 2313 0.3 0.8 367720 82280 ?SL Jul26 10:33 openvasmd root 2315 0.0 0.0 758568 10012 ?Sl Jul26 0:07 /usr/sbin/gsad --listen 0.0.0.0 --port 9392 --ssl-private-key=/var/ssl/openvas/MYHOST.key --ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90 root 2316 0.0 0.0 250600 1756 ?Sl Jul26 0:00 /usr/sbin/gsad --listen 0.0.0.0 --port 9392 --ssl-private-key=/var/ssl/openvas/MYHOST.key --ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90 root 5925 0.0 0.0 175356 6556 ?SLs 13:00 0:00 /usr/sbin/openvassd -Here are the results of `netstat -tulpn`: Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp0 0 0.0.0.0:93920.0.0.0:* LISTEN 2315/gsad tcp0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2316/gsad tcp0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1035/sshd tcp0 0 127.0.0.1:250.0.0.0:* LISTEN 2183/master tcp6 0 0 :::22 :::*LISTEN 1035/sshd tcp6 0 0 ::1:25 :::*LISTEN 2183/master If there is any additional information that I should provide, please let me know. Like I said before, I'm at the end of my rope as far as ideas/fixes go, and would greatly appreciate some insight. FWIW: It was working previously, and only recently (~1 month ago) noticed the scans were no longer functioning Thanks, -Nate ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss