[Openvas-discuss] openvas in openvz

Rene Behring rene.behring at gmail.com
Sat Jun 14 11:03:01 CEST 2014


Hello,

i think „remote host is dead“ comes from „Ping Host“ its also in Familiy "Port Scanners“. Just try some other configs, or disable „Mark unreachable Host as Dead“.

But i have another question, is OpenVAS running well on your Raspberry? I just installed it on my pi and its too slow for me. I´m running Raspbian weezy headless.

René

Am 14.06.2014 um 05:04 schrieb red0queen <red0queen at red-net.info>:

> Hello,
> 
> After many try, I come search help for install openvas in an openvz container. I've try the openvas 6 and 7, and I have the same issue :
> Starts a new scan. Target(s) : 172.xx.xx.xx, with max_hosts = 30 and max_checks = 10
> [Sat Jun 14 02:33:23 2014][15242] Testing 172.xx.xx.xx (::ffff:172.xx.xx.xx) [15259]
> [Sat Jun 14 02:33:23 2014][15259] The remote host (172.xx.xx.xx) is dead
> [Sat Jun 14 02:33:23 2014][15259] Finished testing 172.xx.xx.xx. Time : 0.45 secs
> 
> Openvz have an issue with nmap, the root account in the container can't use it (route_dst_netlink: can't find interface "eth0"), so, it's working fine with a unprivileged user account. I've create a user who launch successfully the openvas daemons... and the scan failed by the same way. 
> 
> A tcpdump capture see an exchange between the openvas & the target when I run the task :
> 04:33:23.628984 IP openvas.49459 > target.http: Flags [S], seq 667629328, win 14600, options [mss 1460,sackOK,TS val 482585178 ecr 0,nop,wscale 7], length 0
> 04:33:23.629021 IP target.http > openvas.49459: Flags [S.], seq 2768203799, ack 667629329, win 14480, options [mss 1460,sackOK,TS val 482585178 ecr 482585178,nop,wscale 7], length 0
> 04:33:23.629036 IP openvas.49459 > target.http: Flags [.], ack 1, win 115, options [nop,nop,TS val 482585178 ecr 482585178], length 0
> 04:33:23.629074 IP openvas.49459 > target.http: Flags [R.], seq 1, ack 1, win 115, options [nop,nop,TS val 482585178 ecr 482585178], length 0
> 
> Of course, a  nmap --reason -sP --send-ip [target] from this same user detect the host up.
> 
> The openvas was running on a debian wheezy, under a proxmox3 with veth net devices. If anyone have a start of solution, I'm ready to try anything for avoid KVM !
> Regards
> -- 
> Red0queen
> Mèl : red0queen(at)red-net(dot)info 
> GPG Id : B75F141B
> www.red-net.info
> _______________________________________________
> Openvas-discuss mailing list
> Openvas-discuss at wald.intevation.org
> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20140614/5b9b6f3d/attachment.html>


More information about the Openvas-discuss mailing list