[Openvas-devel] SSH LSCs and Shared Sockets

Michael Wiegand michael.wiegand at greenbone.net
Thu Apr 7 15:17:46 CEST 2011


Hello,

I have lately taken a closer look at the SSH support code in
openvas-libraries and the ssh_func.inc NASL library and I am currently
in the process of testing some possible improvements.

The first result is the attached patch; it removes the handling of a
shared socket from ssh_func.inc. The shared socket concept enabled
multiple NVTs to share a single SSH connection instead of establishing
individual connections. However, the implementation of this concept in
ssh_func.inc, openvas-libraries and openvas-scanner is very complex and
prone to failures, for example when a target contains multiple SSH
ports.

Contrary to our expectations, the patch actually improved scan
performance dramatically in our tests. The total time to do a full scan
of a Linux target with Local Security Checks (LSCs) through SSH was
reduced from 10 minutes to about 3.5 minutes, probably because more SSH
tests are now able to run in parallel.

A possible side effect of this patch would be the multiple SSH
connections; but in my tests I did not observe any negative effects.

Please do test the SSH LSC behaviour with the attached patch to
ssh_func.inc and let me know what results you see in your environment.

If you have any questions or suggestion, feel free to let me know.

Regards,

Michael

-- 
Michael Wiegand |  Greenbone Networks GmbH  |  http://www.greenbone.net/
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner

-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssh_func_shared_socket.patch
Type: text/x-diff
Size: 4754 bytes
Desc: not available
URL: <http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20110407/4393ff60/attachment.patch>


More information about the Openvas-devel mailing list