[Openvas-discuss] openvas in openvz
rene.behring at gmail.com
Sat Jun 14 11:03:01 CEST 2014
i think „remote host is dead“ comes from „Ping Host“ its also in Familiy "Port Scanners“. Just try some other configs, or disable „Mark unreachable Host as Dead“.
But i have another question, is OpenVAS running well on your Raspberry? I just installed it on my pi and its too slow for me. I´m running Raspbian weezy headless.
Am 14.06.2014 um 05:04 schrieb red0queen <red0queen at red-net.info>:
> After many try, I come search help for install openvas in an openvz container. I've try the openvas 6 and 7, and I have the same issue :
> Starts a new scan. Target(s) : 172.xx.xx.xx, with max_hosts = 30 and max_checks = 10
> [Sat Jun 14 02:33:23 2014] Testing 172.xx.xx.xx (::ffff:172.xx.xx.xx) 
> [Sat Jun 14 02:33:23 2014] The remote host (172.xx.xx.xx) is dead
> [Sat Jun 14 02:33:23 2014] Finished testing 172.xx.xx.xx. Time : 0.45 secs
> Openvz have an issue with nmap, the root account in the container can't use it (route_dst_netlink: can't find interface "eth0"), so, it's working fine with a unprivileged user account. I've create a user who launch successfully the openvas daemons... and the scan failed by the same way.
> A tcpdump capture see an exchange between the openvas & the target when I run the task :
> 04:33:23.628984 IP openvas.49459 > target.http: Flags [S], seq 667629328, win 14600, options [mss 1460,sackOK,TS val 482585178 ecr 0,nop,wscale 7], length 0
> 04:33:23.629021 IP target.http > openvas.49459: Flags [S.], seq 2768203799, ack 667629329, win 14480, options [mss 1460,sackOK,TS val 482585178 ecr 482585178,nop,wscale 7], length 0
> 04:33:23.629036 IP openvas.49459 > target.http: Flags [.], ack 1, win 115, options [nop,nop,TS val 482585178 ecr 482585178], length 0
> 04:33:23.629074 IP openvas.49459 > target.http: Flags [R.], seq 1, ack 1, win 115, options [nop,nop,TS val 482585178 ecr 482585178], length 0
> Of course, a nmap --reason -sP --send-ip [target] from this same user detect the host up.
> The openvas was running on a debian wheezy, under a proxmox3 with veth net devices. If anyone have a start of solution, I'm ready to try anything for avoid KVM !
> Mèl : red0queen(at)red-net(dot)info
> GPG Id : B75F141B
> Openvas-discuss mailing list
> Openvas-discuss at wald.intevation.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openvas-discuss