[Openvas-discuss] All scans result in no results

14:23:46 2016][9141] Total time to scan all hosts : 63 seconds I already set the "Alive Test" to "considered alive", but I'm still getting no results. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deC

[Openvas-discuss] Scan "hanging"

the nmap NSE NVTs. Is the dependency on this age-old version of nmap really an issue? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de Hindenburgdamm 30, 12203 Berlin

[Openvas-discuss] Scan fails with "503 Service temporarily down"

r is NOT running! SUGGEST: Start OpenVAS Scanner (openvassd). ERROR: Your OpenVAS-8 installation is not yet complete! I'm then running: # openvasmd --rebuild # echo $? 1 And after that I'm getting the same result as above. I cannot start openvassd. But why? -- Ralf

Re: [Openvas-discuss] Scan fails with "503 Service temporarily down"

* Michael Meyer : > *** Ralf Hildebrandt wrote: > > >WARNING: OpenVAS Scanner is NOT running! > >SUGGEST: Start OpenVAS Scanner (openvassd). In the meantime it's running, but # openvasmd --rebuild is hanging. It's beeing running since: root

Re: [Openvas-discuss] Scan fails with "503 Service temporarily down"

* Ralf Hildebrandt : > # ls -l /var/lib/openvas/scap-data/scap.db > -rw-r--r-- 1 root root 282370048 Apr 6 00:00 > /var/lib/openvas/scap-data/scap.db > > # lsof |grep scap.db > openvasmd 24686 root8u REG9,2 282370048 > 117463496 /var/

Re: [Openvas-discuss] Scan fails with "503 Service temporarily down"

* Michael Meyer : > *** Ralf Hildebrandt wrote: > > > And the number of NVTs is 46542. So why is it "too low"? > > You didn't run "openvasmd --rebuild"? > > 1. Kill all running openvas services. > 2. Delete /var/lib/openvas/plugins/* > 3.

Re: [Openvas-discuss] Scan fails with "503 Service temporarily down"

* Ralf Hildebrandt : > I think it's time to ramp up the logging as you suggested. Logging from level=128 (openvasmd.log) is attached. # openvasmd --rebuild --progress --verbose Rebuilding NVT cache... / still hangs -- Ralf Hildebrandt Charite Universitätsmedizi

Re: [Openvas-discuss] Scan fails with "503 Service temporarily down"

* Michael Meyer : > *** Ralf Hildebrandt wrote: > > > root 32756 44.6 0.0 163740 32256 ?Ss 13:23 1:15 openvassd: > > Reloaded all the NVTs. > > Still missing the "openvassd: Waiting for incoming connections" state. Indeed. this state is never

Re: [Openvas-discuss] Scan fails with "503 Service temporarily down"

* Ralf Hildebrandt : > # strace -p 4949 > strace: Process 4949 attached > restart_syscall(<... resuming interrupted nanosleep ...>) = 0 > write(6, "*4\r\n$6\r\nHSETNX\r\n$23\r\nOpenVAS.__G"..., 60) = 60 > read(6, ":0\r\n", 16384)= 4 > wr

Re: [Openvas-discuss] Scan fails with "503 Service temporarily down"

* Michael Meyer : > *** Ralf Hildebrandt wrote: > > > # strace -p 4949 > > strace: Process 4949 attached > > restart_syscall(<... resuming interrupted nanosleep ...>) = 0 > > write(6, "*4\r\n$6\r\nHSETNX\r\n$23\r\nOpenVAS.__G"..., 60) = 60 > &g

Re: [Openvas-discuss] Scan fails with "503 Service temporarily down"

ep time is 0 lib serv: DEBUG:2016-04-11 13h55.17 utc:21705:Shook hands with peer. md main: DEBUG:2016-04-11 13h55.17 utc:21705:sql_open: db open, max retry sleep time is 0 lib serv: DEBUG:2016-04-11 13h55.38 utc:22380:Shook hands with peer. md main: DEBUG:2016-04-11 13h55.38

[Openvas-discuss] WIKI down?

https://wiki.openvas.org/ says "Cannot contact the database server" -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsberei

[Openvas-discuss] Running openvas-scapdata-sync et.al. harmful?

Can I run the openvas-scapdata-sync etc. during a scan? Or will that cause inconsistencies in the scan? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de Hindenburgdamm 30, 12203

Re: [Openvas-discuss] WIKI down?

* Ralf Hildebrandt : > https://wiki.openvas.org/ > says "Cannot contact the database server" Still broken... -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de H

[Openvas-discuss] Trend indicators suddenly gone

I have several periodic tasks configured, and until recently all of those had these handy "trend indicator" arrows. These are gone now :( -- and I have no idea why... The column "Trend" is empty. I'm using "openvas 6.0.8-2xenial" -- Ralf Hi

Re: [Openvas-discuss] Trend indicators suddenly gone

* Ralf Hildebrandt : > I have several periodic tasks configured, and until recently all of > those had these handy "trend indicator" arrows. > > These are gone now :( -- and I have no idea why... The column "Trend" > is empty. > > I'm using &q

Re: [Openvas-discuss] Trend indicators suddenly gone

* Ralf Hildebrandt : > > I have several periodic tasks configured, and until recently all of > > those had these handy "trend indicator" arrows. > > > > These are gone now :( -- and I have no idea why... The column "Trend" > > is empty. They d

[Openvas-discuss] Problem with ./openvas-check-setup --v9 hanging

When using "./openvas-check-setup --v9", it's hanging when executing the "openvassd -s" command. I'm running openvas9 beta 3 from https://launchpad.net/~mrazavi/+archive/ubuntu/openvas -- Ralf Hildebrandt Charite Universitätsmedizin Berl

Re: [Openvas-discuss] Problem with ./openvas-check-setup --v9 hanging

* Ralf Hildebrandt : > When using "./openvas-check-setup --v9", it's hanging when executing > the "openvassd -s" command. > > I'm running openvas9 beta 3 from > https://launchpad.net/~mrazavi/+archive/ubuntu/openvas Oh, it seems to work when t

[Openvas-discuss] Running periodic tasks manually?

I have several periodic tasks (running weekly on the weekend). Is there a simple way of running those "now"? Currently, I need to change the task, remove the schedule, run it by clicking on the "play" button. -- Ralf Hildebrandt Charite Univer

[Openvas-discuss] openvas9 beta 3: How to change the cerificate for the webserver only?

w-r--r-- 1 root root 1700 Jul 21 12:29 ./CA/servercert.pem -rw--- 1 root root 8289 Jul 21 12:29 ./private/CA/cakey.pem -rw--- 1 root root 8282 Jul 21 12:29 ./private/CA/clientkey.pem -rw--- 1 root root 8295 Jul 21 12:29 ./private/CA/serverkey.pem -- Ralf Hildebrandt Ch

Re: [Openvas-discuss] Argh!!!

but the package collection seems > to mix several version of OpenVAS. And please remind that OpenVAS-9 is > not supported yet. I can tell you that the openvas from https://launchpad.net/~mrazavi/+archive/ubuntu/openvas works like a charm (I tried both 8 and 9beta3) -- Ral

Re: [Openvas-discuss] Reinstall Issues

* Turner,Jonas : > The openvasmd --rebuild just doesn’t seem to want to work. I think if I can > rebuild that…I think it would fix itself. :/ This happened to me when I had old database files lying around. I had to deinstall, remove all files, install again. -- Ralf Hilde

[Openvas-discuss] New users cannot see old tasks?

password). Alas, they can log into GSAD, but they cannot see anything (no reports, no tasks). Is this intentional? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de H

[Openvas-discuss] Easy way of seeing all vulnerabilities for one host (openvas 9beta)

User Tags" -- in openvas8 this gave me all findings for that host instead. How do I get the old behaviour back? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de Hindenburgd

[Openvas-discuss] Verinice ISM report (openvas 9 beta 3)

t fails? (I can create a non-empty TXT report as well as a PDF report!) -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT,

Re: [Openvas-discuss] Verinice ISM report (openvas 9 beta 3)

* Eero Volotinen : > You are possibly missing some binaries. Check out local generate script and > install needed tools. Thanks. # apt-cache search xmlstarlet xmlstarlet - XML-Werkzeugsatz für die Kommandozeile was missing. I would have expected to find this in the log, though. --

[Openvas-discuss] Change Domains in email-related checks

Some of the NVTs perform email checks. Now one colleague mentioned, that example.com is a reserved domain (for examples, that is) -- and at the same time mentioned the existence of the .test TLD -- explicitly designed for testing. Where/how can example.com be changed into example.test ? -- Ralf

Re: [Openvas-discuss] Change Domains in email-related checks

* Christian Fischer : > Hi, > > On 18.11.2016 13:31, Ralf Hildebrandt wrote: > > Where/how can example.com be changed into example.test ? > > this behavior can be changed within the following settings of your scan > configuration: > > SMTP settings From addres

[Openvas-discuss] Scan with HTTP Basic auth?

How can I specify which HTTP Credentials to use during a scan? I see SMB, ESXi and SSH credentials, but can't seem to find HTTP basic auth credentials anywhere. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Fra

[Openvas-discuss] [openvas-9] "Login failed. Waiting for OMP service to become available."

.231.251 gsad main:WARNING:2016-12-28 11h55.30 utc:1673: Authentication failure for 'admin' from 141.42.231.251 gsad main:WARNING:2016-12-28 12h03.08 utc:1673: Authentication failure for 'admin' from 141.42.231.251 -- Ralf Hildebrandt Charite Universitätsmedi

Re: [Openvas-discuss] [openvas-9] "Login failed. Waiting for OMP service to become available."

here. It *used* to work in the last version, it doesn't work now. Once I removed it, I could authenticate again. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de Hindenburgd

[Openvas-discuss] [v9] lots of swap used, memory leak in gsad?

KB (redis-server) PID=4990 swapped 65000 KB (vmtoolsd) PID=66579 swapped 85799 KB (openvasmd) PID=66363 swapped 86211 KB (openvasmd) PID=100816 swapped 87612 KB (openvasmd) PID=69131 swapped 3908328 KB (gsad) Is gsad maybe leaking memory? -- Ralf Hildebrandt

Re: [Openvas-discuss] Port 25 weak ciphers

d France). > > Just can tell you that the issue you're so aggressively talking about > has been already fixed and is available in a current feed version. How can I check which version of the feed I have installed and which version is available (to check if I'm up-to-date)

Re: [Openvas-discuss] [v9] lots of swap used, memory leak in gsad?

* Ralf Hildebrandt : > Prio to my recent update of openvas-9 I checked my machine (159 days of > uptime, with weekly schedules scans in openvas) and found all swap being > used. > > Naturally, I wanted to find out which programs used most swap and > found: > > PID=1

[Openvas-discuss] [v9] Feed updates, how often?

pting skills? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.57

Re: [Openvas-discuss] [v9] Feed updates, how often?

ng incremental file list plugin_feed_info.inc 1,226 100%1.17MB/s0:00:00 (xfr#1, to-chk=0/1) sent 43 bytes received 1,330 bytes 915.33 bytes/sec total size is 1,226 speedup is 0.89 # echo $? 0 -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.

Re: [Openvas-discuss] FP: Hillstone Software TFTP Write/Read Request Server Denial Of Service

t; Vulnerabili... (OID: 1.3.6.1.4.1.25623.1.0.802406) -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk f

[Openvas-discuss] Scans not starting

-864a-158c4dd67754 -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.57

[Openvas-discuss] Very busy REDIS Server

:1.3.6.1.4.1.25623.1.0.901202:category" 8945 "SRANDMEMBER" "login/SSH/success" 10668 "SRANDMEMBER" "HostDetails/OS/cpe:/o:fedoraproject:fedora" 23307 "SRANDMEMBER" "oid:1.3.6.1.4.1.25623.1.0.18183:category" 48151 "SRANDMEMB

Re: [Openvas-discuss] NVT Feed 14 days old

a way to confirm the latest available version? Also, how far behind > are the NVT updates for free version vs the enterprise? http://plugins.openvas.org/ says "Plugin Set: 201705050549" -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite

Re: [Openvas-discuss] OpenVAS9 hanging nasl tasks

7 > write(5, "*2\r\n$11\r\nSRANDMEMBER\r\n$41\r\noid:1"..., 70) = 70 > read(5, "$1\r\n3\r\n", 16384) = 7 > write(5, "*2\r\n$11\r\nSRANDMEMBER\r\n$40\r\noid:1"..., 69) = 69 > ... > """ > > Both redis and openvas

Re: [Openvas-discuss] NVT updates

* Shreyas M R : > How often Openvas NVT are updated? Red Hat reports security bugs on daily > basis, how new Red Hat bugs are included to NVD database and OpenVAS NVT > feed? About once per week -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@c

Re: [Openvas-discuss] NVT updates

* Shreyas M R : > Is there any prrof of it? Like a link where I can verify that it updates > once every week http://plugins.openvas.org/ check for "Last update" -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus B

Re: [Openvas-discuss] NVT feed too old (15 days)

/sbin/greenbone-nvt-sync --feedversion 201707260553 -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT,

Re: [Openvas-discuss] FW: openvas 9 on kali 2017.1 fails to start after stopping a scan

from redis. That's like nuking the entire site from orbit. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netz

Re: [Openvas-discuss] [ext] GSA 7.0.3 Invalid host header

GSA 7.0.3? /usr/sbin/gsad --allow-header-host=xxx -c /root/certificates/xxx.pem -k /root/certificates/privkey.pem --port=443 --no-redirect "--allow-header-host=xxx" -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus B

Re: [Openvas-discuss] [ext] GSA 7.0.3 Invalid host header

ui somethimes bails out with: Internal error: exec_omp_get:3113 (GSA 7.0.3) An internal error occurred. Diagnostics: Could not authenticate to manager daemon. The ui then offers a "assumed sane state" link and one can continue. -- Ralf Hildebrandt Charite Universitätsmedi

Re: [Openvas-discuss] [ext] GSA 7.0.3 Invalid host header

e PPA are not postgres enabled. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155 signatur

Re: [Openvas-discuss] [ext] GSA 7.0.3 Invalid host header

* Ralf Hildebrandt : > * Roger Davies : > > Ralf > > > > Not seen that. I use Postgres and haven't seen that error, although my > > manager instance is still on the older 7.0.1 version (compiled). > > Definitely occured with the recent update from Moh

Re: [Openvas-discuss] [ext] GSA 7.0.3 Invalid host header

e of sqlite3_step is SQLITE_INTERRUPT (https://www.sqlite.org/rescode.html#interrupt) sqlite3_interrupt() can cause this (see function sql_cancel_internal() ) but I don't see where that function is being used. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.

Re: [Openvas-discuss] [ext] openvas 8 installation incomplete

it.d/openvas-manager start lso check the logs at /var/log/openvas/openvasmd.log -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, A

[Openvas-discuss] Vulnerability "1.3.6.1.4.1.25623.1.0.140803"

Detection Method Details: 1.3.6.1.4.1.25623.1.0.140803 (OID: 1.3.6.1.4.1.25623.1.0.140803) Version used: $Revision: 9758 $ Product Detection Result Product: cpe:/a:acme:mini_httpd:1.23 Method: mini_httpd Detection (OID: 1.3.6.1.4.1.25623.1.0.140802) Log:View details of product detection How can I fix th

Re: [Openvas-discuss] [ext] Vulnerability "1.3.6.1.4.1.25623.1.0.140803"

* Ralf Hildebrandt : > In my openvas installation the vulnerability > "1.3.6.1.4.1.25623.1.0.140803" doesn't have a proper title. It's > listed under it's OID: Argh, a NVT Update fixed those :/ -- Ralf Hildebrandt Charite Universitätsmedizin