Re: [Openvas-discuss] Openvas9 scanning issue [PROPRIETARY]
We use OpenVAS in AWS, and we’ve been very happy with it, especially since adding a custom integration that dynamically updates our scan target groups from our AWS inventory. For your POC, do the AWS security groups in scope allow access to and from your scan target? Are any NACLs implemented in the VPC that could block it? j This message was classified PROPRIETARY by CAMPBELL Jeremy on Monday, December 11, 2017 at 1:48:21 PM. From: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] On Behalf Of sandeep dubey Sent: Friday, December 8, 2017 6:04 AM To: openvas-discuss@wald.intevation.org Subject: [Openvas-discuss] Openvas9 scanning issue Hello, I am doing POC on OpenVAS in AWS environment. The setup is running openvas9 on my ubuntu 14.04 on one of the EC2 instances. While trying to run a network or any scan, the scan process gets done in less than second with no output. However, for the same target, it works on my local VM. Feeds are updated. gsad.log - gsad main:WARNING:2017-12-08 10h51.15 UTC:6544: MHD: Failed to receive data: A TLS packet with unexpected length was received. openvasmd.log - event task:MESSAGE:2017-12-08 06h38.01 UTC:5095: Status of task (40ac81f0-4e7a-4730-9bea-fa246b4ca62e) has changed to New event task:MESSAGE:2017-12-08 06h38.01 UTC:5095: Task 40ac81f0-4e7a-4730-9bea-fa246b4ca62e has been created by admin event task:MESSAGE:2017-12-08 06h38.08 UTC:5101: Status of task test1 (40ac81f0-4e7a-4730-9bea-fa246b4ca62e) has changed to Requested event task:MESSAGE:2017-12-08 06h38.08 UTC:5101: Task 40ac81f0-4e7a-4730-9bea-fa246b4ca62e has been requested to start by admin event task:MESSAGE:2017-12-08 06h38.13 UTC:5105: Status of task test1 (40ac81f0-4e7a-4730-9bea-fa246b4ca62e) has changed to Running event task:MESSAGE:2017-12-08 06h39.12 UTC:5105: Status of task test1 (40ac81f0-4e7a-4730-9bea-fa246b4ca62e) has changed to Done openvassd.messages - [Fri Dec 8 05:40:10 2017][4354] Starts a new scan. Target(s) : localhost, with max_hosts = 30 and max_checks = 10 [Fri Dec 8 05:40:10 2017][4354] exclude_hosts: Skipped 0 host(s). [Fri Dec 8 05:40:10 2017][4354] Testing localhost (127.0.0.1) [4358] [Fri Dec 8 05:40:10 2017][4358] Finished testing 127.0.0.1. Time : 0.02 secs [Fri Dec 8 05:40:10 2017][4354] Test complete [Fri Dec 8 05:40:10 2017][4354] Total time to scan all hosts : 0 seconds -- Regards, Sandeep This message, including attachments, is intended for the above-mentioned addressees only. It may contain confidential information the review, dissemination or disclosure of which is strictly prohibited. Should you receive this message in error, please delete it and notify the sender to the e-mail address indicated above. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Openvas9 scanning issue
Hi, On 08.12.2017 12:04, sandeep dubey wrote: > openvassd.messages - > /[Fri Dec 8 05:40:10 2017][4354] Starts a new scan. Target(s) : > localhost, with max_hosts = 30 and max_checks = 10 > [Fri Dec 8 05:40:10 2017][4354] exclude_hosts: Skipped 0 host(s). > [Fri Dec 8 05:40:10 2017][4354] Testing localhost (127.0.0.1) [4358] > [Fri Dec 8 05:40:10 2017][4358] Finished testing 127.0.0.1. Time : 0.02 > secs > [Fri Dec 8 05:40:10 2017][4354] Test complete > [Fri Dec 8 05:40:10 2017][4354] Total time to scan all hosts : 0 seconds/ as pointed out in IRC this is most likely caused by the "Alive Test" setting of your target definition: http://docs.greenbone.net/GSM-Manual/gos-4/en/vulnerabilitymanagement.html#creating-a-target Regards, -- Christian Fischer | PGP Key: 0x54F3CE5B76C597AD Greenbone Networks GmbH | http://greenbone.net Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
[Openvas-discuss] Openvas9 scanning issue
Hello, I am doing POC on OpenVAS in AWS environment. The setup is running openvas9 on my ubuntu 14.04 on one of the EC2 instances. While trying to run a network or any scan, the scan process gets done in less than second with no output. However, for the same target, it works on my local VM. Feeds are updated. gsad.log - *gsad main:WARNING:2017-12-08 10h51.15 UTC:6544: MHD: Failed to receive data: A TLS packet with unexpected length was received.* openvasmd.log - *event task:MESSAGE:2017-12-08 06h38.01 UTC:5095: Status of task (40ac81f0-4e7a-4730-9bea-fa246b4ca62e) has changed to Newevent task:MESSAGE:2017-12-08 06h38.01 UTC:5095: Task 40ac81f0-4e7a-4730-9bea-fa246b4ca62e has been created by adminevent task:MESSAGE:2017-12-08 06h38.08 UTC:5101: Status of task test1 (40ac81f0-4e7a-4730-9bea-fa246b4ca62e) has changed to Requestedevent task:MESSAGE:2017-12-08 06h38.08 UTC:5101: Task 40ac81f0-4e7a-4730-9bea-fa246b4ca62e has been requested to start by adminevent task:MESSAGE:2017-12-08 06h38.13 UTC:5105: Status of task test1 (40ac81f0-4e7a-4730-9bea-fa246b4ca62e) has changed to Runningevent task:MESSAGE:2017-12-08 06h39.12 UTC:5105: Status of task test1 (40ac81f0-4e7a-4730-9bea-fa246b4ca62e) has changed to Done* openvassd.messages - *[Fri Dec 8 05:40:10 2017][4354] Starts a new scan. Target(s) : localhost, with max_hosts = 30 and max_checks = 10[Fri Dec 8 05:40:10 2017][4354] exclude_hosts: Skipped 0 host(s).[Fri Dec 8 05:40:10 2017][4354] Testing localhost (127.0.0.1) [4358][Fri Dec 8 05:40:10 2017][4358] Finished testing 127.0.0.1. Time : 0.02 secs[Fri Dec 8 05:40:10 2017][4354] Test complete[Fri Dec 8 05:40:10 2017][4354] Total time to scan all hosts : 0 seconds* -- Regards, Sandeep ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss