Re: [Openvas-discuss] Openvas-Scanner Error: Connection reset by peer
On Mon, Aug 14, 2017 at 09:12:33AM -0400, Nate Robinson wrote: > anyone have any ideas as to what is causing this "connection reset by peer" > error? No specific idea. But I found in my case it was due to problems / missing GPG. It would try to call GPG in the middle of securing the local scan credentials, which would fail and sort of get dumped in /var/log. Then when you tried to figure it out from the outside, the socket gets dropped when the process crashes. I only figured it out by enabling the debug logging and scouring the output closely. Matthew. ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Openvas-Scanner Error: Connection reset by peer
anyone have any ideas as to what is causing this "connection reset by peer" error? On Wed, Aug 9, 2017 at 1:53 PM, Nate Robinson wrote: > Shameless self-bump > > On Mon, Aug 7, 2017 at 1:57 PM, Nate Robinson wrote: > >> Greetings! >> >> >> I am having an issue with my Openvas installation. Any tasks that I >> launch from Greenbone Security's GUI will change to the state "Requested", >> then timeout and change to 'Completed' without ever starting. I'm at my >> wit's end and am not sure what to try next. I'm going to provide as much >> detail as I can and beg/plead for some guidance on how to proceed :D >> >> -I have OpenVAS running on a Centos 7 VM >> >> -Here is an example of the error message in the log: >> >> md main:WARNING:2017-07-26 16h36.51 EDT:2423: openvas_scanner_read: >> Failed to read from scanner: Connection reset by peer >> >> >> -I'm running these versions: >> *Manager:* >> OpenVAS Manager 7.0.1 >> Manager DB revision 184 >> >> *GSAD:* >> Greenbone Security Assistant 7.0.2 >> >> *Scanner:* >> OpenVAS Scanner 5.1.1 >> Most new code since 2005: (C) 2016 Greenbone Networks GmbH >> >> >> -Openvas-check-setup returns "It seems like your OpenVAS-9 installation >> is OK" >> >> -Redis is active and ready to receive connections at /tmp/redis.sock >> >> >> -SELinux is disabled, and iptables isn't blocking loopback (locally) >> >> >> >> -Checking to see if the processes exist and are running (I'm not sure why >> there are two instances of gsad) >> >> $ ps aux | grep -i openvas >> root 2313 0.3 0.8 367720 82280 ?SL Jul26 10:33 openvasmd >> root 2315 0.0 0.0 758568 10012 ?Sl Jul26 0:07 >> /usr/sbin/gsad --listen 0.0.0.0 --port 9392 >> --ssl-private-key=/var/ssl/openvas/MYHOST.key >> --ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90 >> root 2316 0.0 0.0 250600 1756 ?Sl Jul26 0:00 >> /usr/sbin/gsad --listen 0.0.0.0 --port 9392 >> --ssl-private-key=/var/ssl/openvas/MYHOST.key >> --ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90 >> root 5925 0.0 0.0 175356 6556 ?SLs 13:00 0:00 >> /usr/sbin/openvassd >> >> >> >> -Here are the results of `netstat -tulpn`: >> Active Internet connections (only servers) >> Proto Recv-Q Send-Q Local Address Foreign Address State >> PID/Program name >> tcp0 0 0.0.0.0:93920.0.0.0:* >> LISTEN 2315/gsad >> tcp0 0 0.0.0.0:80 0.0.0.0:* >> LISTEN 2316/gsad >> tcp0 0 0.0.0.0:22 0.0.0.0:* >> LISTEN 1035/sshd >> tcp0 0 127.0.0.1:250.0.0.0:* >> LISTEN 2183/master >> tcp6 0 0 :::22 :::* >> LISTEN 1035/sshd >> tcp6 0 0 ::1:25 :::* >> LISTEN 2183/master >> >> >> If there is any additional information that I should provide, please let >> me know. Like I said before, I'm at the end of my rope as far as >> ideas/fixes go, and would greatly appreciate some insight. >> >> >> FWIW: It was working previously, and only recently (~1 month ago) noticed >> the scans were no longer functioning >> >> >> Thanks, >> >> -Nate >> >> > > > -- > --- > Nate Robinson > 3ROX Engineer > 412.268.9251 <(412)%20268-9251> > n...@psc.edu > -- --- Nate Robinson 3ROX Engineer 412.268.9251 n...@psc.edu ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] Openvas-Scanner Error: Connection reset by peer
Shameless self-bump On Mon, Aug 7, 2017 at 1:57 PM, Nate Robinson wrote: > Greetings! > > > I am having an issue with my Openvas installation. Any tasks that I launch > from Greenbone Security's GUI will change to the state "Requested", then > timeout and change to 'Completed' without ever starting. I'm at my wit's > end and am not sure what to try next. I'm going to provide as much detail > as I can and beg/plead for some guidance on how to proceed :D > > -I have OpenVAS running on a Centos 7 VM > > -Here is an example of the error message in the log: > > md main:WARNING:2017-07-26 16h36.51 EDT:2423: openvas_scanner_read: > Failed to read from scanner: Connection reset by peer > > > -I'm running these versions: > *Manager:* > OpenVAS Manager 7.0.1 > Manager DB revision 184 > > *GSAD:* > Greenbone Security Assistant 7.0.2 > > *Scanner:* > OpenVAS Scanner 5.1.1 > Most new code since 2005: (C) 2016 Greenbone Networks GmbH > > > -Openvas-check-setup returns "It seems like your OpenVAS-9 installation is > OK" > > -Redis is active and ready to receive connections at /tmp/redis.sock > > > -SELinux is disabled, and iptables isn't blocking loopback (locally) > > > > -Checking to see if the processes exist and are running (I'm not sure why > there are two instances of gsad) > > $ ps aux | grep -i openvas > root 2313 0.3 0.8 367720 82280 ?SL Jul26 10:33 openvasmd > root 2315 0.0 0.0 758568 10012 ?Sl Jul26 0:07 > /usr/sbin/gsad --listen 0.0.0.0 --port 9392 > --ssl-private-key=/var/ssl/openvas/MYHOST.key > --ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90 > root 2316 0.0 0.0 250600 1756 ?Sl Jul26 0:00 > /usr/sbin/gsad --listen 0.0.0.0 --port 9392 > --ssl-private-key=/var/ssl/openvas/MYHOST.key > --ssl-certificate=/var/ssl/openvas/20170313.MYHOST.crt --timeout 90 > root 5925 0.0 0.0 175356 6556 ?SLs 13:00 0:00 > /usr/sbin/openvassd > > > > -Here are the results of `netstat -tulpn`: > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address State > PID/Program name > tcp0 0 0.0.0.0:93920.0.0.0:* > LISTEN 2315/gsad > tcp0 0 0.0.0.0:80 0.0.0.0:* > LISTEN 2316/gsad > tcp0 0 0.0.0.0:22 0.0.0.0:* > LISTEN 1035/sshd > tcp0 0 127.0.0.1:250.0.0.0:* > LISTEN 2183/master > tcp6 0 0 :::22 :::*LISTEN > 1035/sshd > tcp6 0 0 ::1:25 :::*LISTEN > 2183/master > > > If there is any additional information that I should provide, please let > me know. Like I said before, I'm at the end of my rope as far as > ideas/fixes go, and would greatly appreciate some insight. > > > FWIW: It was working previously, and only recently (~1 month ago) noticed > the scans were no longer functioning > > > Thanks, > > -Nate > > -- --- Nate Robinson 3ROX Engineer 412.268.9251 n...@psc.edu ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss