Re: [Openvas-discuss] Openvas-Scanner Error: Connection reset by peer

2017-08-14 Thread Matthew Hall 
On Mon, Aug 14, 2017 at 09:12:33AM -0400, Nate Robinson wrote:
> anyone have any ideas as to what is causing this "connection reset by peer"
> error?

No specific idea. But I found in my case it was due to problems / missing GPG. 
It would try to call GPG in the middle of securing the local scan credentials, 
which would fail and sort of get dumped in /var/log.

Then when you tried to figure it out from the outside, the socket gets dropped 
when the process crashes.

I only figured it out by enabling the debug logging and scouring the output 
closely.

Matthew.
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] Openvas-Scanner Error: Connection reset by peer

2017-08-14 Thread Nate Robinson 
anyone have any ideas as to what is causing this "connection reset by peer"
error?

On Wed, Aug 9, 2017 at 1:53 PM, Nate Robinson  wrote:

> Shameless self-bump
>
> On Mon, Aug 7, 2017 at 1:57 PM, Nate Robinson  wrote:
>
>> Greetings!
>>
>>
>> I am having an issue with my Openvas installation. Any tasks that I
>> launch from Greenbone Security's GUI will change to the state "Requested",
>> then timeout and change to 'Completed' without ever starting. I'm at my
>> wit's end and am not sure what to try next. I'm going to provide as much
>> detail as I can and beg/plead for some guidance on how to proceed :D
>>
>> -I have OpenVAS running on a Centos 7 VM
>>
>> -Here is an example of the error message in the log:
>>
>> md   main:WARNING:2017-07-26 16h36.51 EDT:2423: openvas_scanner_read:
>> Failed to read from scanner: Connection reset by peer
>>
>>
>> -I'm running these versions:
>> *Manager:*
>> OpenVAS Manager 7.0.1
>> Manager DB revision 184
>>
>> *GSAD:*
>> Greenbone Security Assistant 7.0.2
>>
>> *Scanner:*
>> OpenVAS Scanner 5.1.1
>> Most new code since 2005: (C) 2016 Greenbone Networks GmbH
>>
>>
>> -Openvas-check-setup returns "It seems like your OpenVAS-9 installation
>> is OK"
>>
>> -Redis is active and ready to receive connections at /tmp/redis.sock
>>
>>
>> -SELinux is disabled, and iptables isn't blocking loopback (locally)
>>
>>
>>
>> -Checking to see if the processes exist and are running (I'm not sure why
>> there are two instances of gsad)
>>
>> $ ps aux | grep -i openvas
>> root  2313  0.3  0.8 367720 82280 ?SL   Jul26  10:33 openvasmd
>> root  2315  0.0  0.0 758568 10012 ?Sl   Jul26   0:07
>> /usr/sbin/gsad --listen 0.0.0.0 --port 9392 
>> --ssl-private-key=/var/ssl/openvas/MYHOST.key
>> --ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90
>> root  2316  0.0  0.0 250600  1756 ?Sl   Jul26   0:00
>> /usr/sbin/gsad --listen 0.0.0.0 --port 9392 
>> --ssl-private-key=/var/ssl/openvas/MYHOST.key
>> --ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90
>> root  5925  0.0  0.0 175356  6556 ?SLs  13:00   0:00
>> /usr/sbin/openvassd
>>
>>
>>
>> -Here are the results of `netstat -tulpn`:
>> Active Internet connections (only servers)
>> Proto Recv-Q Send-Q Local Address   Foreign Address State
>>   PID/Program name
>> tcp0  0 0.0.0.0:93920.0.0.0:*
>> LISTEN  2315/gsad
>> tcp0  0 0.0.0.0:80  0.0.0.0:*
>> LISTEN  2316/gsad
>> tcp0  0 0.0.0.0:22  0.0.0.0:*
>> LISTEN  1035/sshd
>> tcp0  0 127.0.0.1:250.0.0.0:*
>> LISTEN  2183/master
>> tcp6   0  0 :::22   :::*
>>  LISTEN  1035/sshd
>> tcp6   0  0 ::1:25  :::*
>>  LISTEN  2183/master
>>
>>
>> If there is any additional information that I should provide, please let
>> me know. Like I said before, I'm at the end of my rope as far as
>> ideas/fixes go, and would greatly appreciate some insight.
>>
>>
>> FWIW: It was working previously, and only recently (~1 month ago) noticed
>> the scans were no longer functioning
>>
>>
>> Thanks,
>>
>> -Nate
>>
>>
>
>
> --
> ---
> Nate Robinson
> 3ROX Engineer
> 412.268.9251 <(412)%20268-9251>
> n...@psc.edu
>



-- 
---
Nate Robinson
3ROX Engineer
412.268.9251
n...@psc.edu
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] Openvas-Scanner Error: Connection reset by peer

2017-08-07 Thread Nate Robinson 
Greetings!


I am having an issue with my Openvas installation. Any tasks that I launch
from Greenbone Security's GUI will change to the state "Requested", then
timeout and change to 'Completed' without ever starting. I'm at my wit's
end and am not sure what to try next. I'm going to provide as much detail
as I can and beg/plead for some guidance on how to proceed :D

-I have OpenVAS running on a Centos 7 VM

-Here is an example of the error message in the log:

md   main:WARNING:2017-07-26 16h36.51 EDT:2423: openvas_scanner_read:
Failed to read from scanner: Connection reset by peer


-I'm running these versions:
*Manager:*
OpenVAS Manager 7.0.1
Manager DB revision 184

*GSAD:*
Greenbone Security Assistant 7.0.2

*Scanner:*
OpenVAS Scanner 5.1.1
Most new code since 2005: (C) 2016 Greenbone Networks GmbH


-Openvas-check-setup returns "It seems like your OpenVAS-9 installation is
OK"

-Redis is active and ready to receive connections at /tmp/redis.sock


-SELinux is disabled, and iptables isn't blocking loopback (locally)



-Checking to see if the processes exist and are running (I'm not sure why
there are two instances of gsad)

$ ps aux | grep -i openvas
root  2313  0.3  0.8 367720 82280 ?SL   Jul26  10:33 openvasmd
root  2315  0.0  0.0 758568 10012 ?Sl   Jul26   0:07
/usr/sbin/gsad --listen 0.0.0.0 --port 9392
--ssl-private-key=/var/ssl/openvas/MYHOST.key
--ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90
root  2316  0.0  0.0 250600  1756 ?Sl   Jul26   0:00
/usr/sbin/gsad --listen 0.0.0.0 --port 9392
--ssl-private-key=/var/ssl/openvas/MYHOST.key
--ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90
root  5925  0.0  0.0 175356  6556 ?SLs  13:00   0:00
/usr/sbin/openvassd



-Here are the results of `netstat -tulpn`:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address   Foreign Address State
PID/Program name
tcp0  0 0.0.0.0:93920.0.0.0:*   LISTEN
 2315/gsad
tcp0  0 0.0.0.0:80  0.0.0.0:*   LISTEN
 2316/gsad
tcp0  0 0.0.0.0:22  0.0.0.0:*   LISTEN
 1035/sshd
tcp0  0 127.0.0.1:250.0.0.0:*   LISTEN
 2183/master
tcp6   0  0 :::22   :::*LISTEN
 1035/sshd
tcp6   0  0 ::1:25  :::*LISTEN
 2183/master


If there is any additional information that I should provide, please let me
know. Like I said before, I'm at the end of my rope as far as ideas/fixes
go, and would greatly appreciate some insight.


FWIW: It was working previously, and only recently (~1 month ago) noticed
the scans were no longer functioning


Thanks,

-Nate
___
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss