[Openvas-discuss] Why is OpenVAS missing obvious open ports?

Whit Blauvelt whit at transpect.com
Fri Aug 3 16:57:17 CEST 2012


On Fri, Aug 03, 2012 at 04:06:44PM +0200, Michael Meyer wrote:
> *** Whit Blauvelt wrote:
> 
> > It was the "Full and fast" scan that didn't show any ports, even though nmap
> > run by itself on that VM quickly and accurately does.
> 
> there are two logfiles. openvassd.messages and openvassd.dump.
> Anything interesting in it?

This is probably interesting. It occurs frequently in oopenvassd.dump:

(openvassd:6738): GLib-CRITICAL **: g_hash_table_remove_internal: assertion `hash_table != NULL' failed

And openvassd.log reports trouble like this:

[Fri Aug  3 01:44:36 2012][7448] SIGSEGV occured !
[Fri Aug  3 01:44:46 2012][1358] Process 7448 seems to have died too early
[Fri Aug  3 01:44:47 2012][1362] Process 7439 seems to have died too early
[Fri Aug  3 01:45:08 2012][1361] Process 7450 seems to have died too early

Is the lesson that the Atom install on CentOS 6.3 is not compatible with the
system libraries? 

openvas-check-setup 2.2.0 seems to be happy, considering this is for GSA and
not GSD use:

Step 1: Checking OpenVAS Scanner ...
        OK: OpenVAS Scanner is present in version 3.3.1.
        OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
        OK: NVT collection in /var/lib/openvas/plugins contains 26406 NVTs.
        WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
        SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
Step 2: Checking OpenVAS Manager ...
        OK: OpenVAS Manager is present in version 3.0.1.
        OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
        OK: Access rights for the OpenVAS Manager database are correct.
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
        OK: OpenVAS Manager database is at revision 56.
        OK: OpenVAS Manager expects database at revision 56.
        OK: Database schema is up to date.
        OK: OpenVAS Manager database contains information about 26406 NVTs.
        OK: xsltproc found.
Step 3: Checking OpenVAS Administrator ...
        OK: OpenVAS Administrator is present in version 1.2.0.
        OK: At least one user exists.
        OK: At least one admin user exists.
Step 4: Checking Greenbone Security Assistant (GSA) ...
        OK: Greenbone Security Assistant is present in version 3.0.1.
Step 5: Checking OpenVAS CLI ...
        OK: OpenVAS CLI version 1.1.4.SVN.
Step 6: Checking Greenbone Security Desktop (GSD) ...
        ERROR: No Greenbone Security Desktop (gsd) found or too old.
        FIX: Please install Greenbone Security Desktop 1.1.0.

Is there a current OS for which a simple installation (like Atom) that
results in an OpenVAS that just works? At
http://www.openvas.org/install-packages.html it lists CentOS 6 as fully
working, but there shouldn't be fundamental compatibility differences within
the 6.x releases.

Is an old-enough Fedora (15?, 14?) the sweet spot for "It just works"?

Thanks,
Whit



More information about the Openvas-discuss mailing list