[Openvas-discuss] Why is OpenVAS missing obvious open ports?
whit at transpect.com
Fri Aug 3 23:54:06 CEST 2012
Okay, this gets weirder. I did a full reinstall, this time on a Fedora 15
VM. Again I used the Atomicorp method. In some ways the result is far
1. The same scan profile ran in under an hour, rather than over 3.
2. The openvassd.log file now looks clean - no segfaults!
But in other ways, not so much:
1. It's still utterly failing to find any open ports except for the same NTP
service it found in the prior attempt (and the same dumb guess that one
IP is either an HP printer or Linux)
2. There are still a bunch of these in openvassd.dump:
(openvassd:27243): GLib-CRITICAL **: g_hash_table_remove_internal: assertion `hash_table != NULL' failed
To be sure, what looked to be very much the same 100 files were brought in
as dependencies by yum along with the Atomicorp install, and those included
nmap, which OpenVAS is configured to use. But the resulting report from the
scan is similarly useless.
So it's good not to segfault - definitely not good to use the Atomicorp
stuff on CentOS 6.x, and Fedora 15 is better in that regard (there being
many reports that Fedora 16 really shouldn't be listed as a currently viable
alternative - but what do I know?).
Is there a known-good OS + installation method that produces an OpenVAS VM
that does its job correctly? nmap works in both cases. The open ports on the
remote range are totally available. Where is OpenVAS going off the tracks?
Avoiding those segfaults wasn't enough.
On Fri, Aug 03, 2012 at 08:49:52AM -0400, Whit Blauvelt wrote:
> Ran a successful Atom install yesterday on a fresh CentOS 6.3 VM. Only
> glitch was had to run openvas-setup twice, as the first time froze. At that
> point everything looked good.
> So I ran the default scan against a remote /27 I admin. Ran for about 3-1/2
> hours, apparently successfully. But the report shows a failure to find
> services that are open on that range. All it finds is an ntp server, where
> there are web, ftp, dns and a few others to be found. And it mostly fails to
> fingerprint OS's either - makes one guess that an IP is either an HP printer
> or Linux (it's Linux), and that's it. For example the report shows, for an
> IP with web service I can easily connect to from that same VM, "Open TCP
> Ports: [none found]".
> Maybe I was hoping for too much, that it would just work out of the box.
> What should I look at to get real results?
More information about the Openvas-discuss