[Openvas-discuss] Scans stop at 1%

Trent Townsend trent_townsend at nextstepinnovation.com
Mon Aug 28 20:55:47 CEST 2017


Am I to the point of having to reinstall the software?  I’m not sure what happened as the verbose option of the update command adds no information.


md   main:MESSAGE:2017-08-28 18h32.40 utc:5471:    OpenVAS Manager version 7.0.2 (DB revision 184)
md   main:   INFO:2017-08-28 18h32.40 utc:5471: rebuild_nvt_cache_retry: Reloading NVT cache
md   main:   INFO:2017-08-28 18h32.40 utc:5472: update_or_rebuild_nvt_cache: Rebuilding NVT cache
base gpgme:MESSAGE:2017-08-28 18h32.40 utc:5472: Setting GnuPG dir to '/var/lib/openvas/openvasmd/gnupg'
base gpgme:MESSAGE:2017-08-28 18h32.40 utc:5472: Using OpenPGP engine version '2.0.22'
md   main:   INFO:2017-08-28 18h32.41 utc:5472:    Updating NVT cache.
md   main:WARNING:2017-08-28 18h48.19 utc:5472: openvas_scanner_read: Failed to read from scanner: Connection reset by peer

From: eero.t.volotinen at gmail.com [mailto:eero.t.volotinen at gmail.com] On Behalf Of Eero Volotinen
Sent: Monday, August 28, 2017 9:01 AM
To: Trent Townsend <trent_townsend at nextstepinnovation.com>
Cc: openvas-discuss at wald.intevation.org
Subject: Re: [Openvas-discuss] Scans stop at 1%

try rebuilding nvt caches?

Eero

2017-08-28 16:57 GMT+03:00 Trent Townsend <trent_townsend at nextstepinnovation.com<mailto:trent_townsend at nextstepinnovation.com>>:
Eero,
  Let me backup just a moment.  Now I can’t seem to get the scanner to start:

[root at ggc-scan cron.d]# systemctl status openvas-scanner
● openvas-scanner.service - OpenVAS Scanner
   Loaded: loaded (/usr/lib/systemd/system/openvas-scanner.service; enabled; vendor preset: disabled)
   Active: activating (start) since Mon 2017-08-28 08:46:07 CDT; 52s ago
  Control: 4056 (openvassd)
   CGroup: /system.slice/openvas-scanner.service
           └─4056 /usr/sbin/openvassd

Aug 28 08:46:07 ggc-scan systemd[1]: Starting OpenVAS Scanner...


The openvassd.log file doesn’t show much except:

   [Mon Aug 28 13:11:52 2017][3090] Failed to initialize nvti cache.

How can I determine what is going on with my scanner?  I’d like to avoid rebuilding the entire system.

Thank you very much in advance,
Trent

From: eero.t.volotinen at gmail.com<mailto:eero.t.volotinen at gmail.com> [mailto:eero.t.volotinen at gmail.com<mailto:eero.t.volotinen at gmail.com>] On Behalf Of Eero Volotinen
Sent: Monday, August 28, 2017 2:23 AM
To: Trent Townsend <trent_townsend at nextstepinnovation.com<mailto:trent_townsend at nextstepinnovation.com>>
Cc: openvas-discuss at wald.intevation.org<mailto:openvas-discuss at wald.intevation.org>
Subject: Re: [Openvas-discuss] Scans stop at 1%

check out that redis is configured and working.

Eero

2017-08-28 5:14 GMT+03:00 Trent Townsend <trent_townsend at nextstepinnovation.com<mailto:trent_townsend at nextstepinnovation.com>>:
I know this has been asked many times over the years but I am at a loss.  I keep getting the scans “Stopped at 1%” message and I cannot find anywhere in the logs that would tell me why.  I did get one scan to run today but I cannot repeat that success.  How does one find what is causing this problem?  Is it possible this is tied to memory or CPU?

Thanks in advance.

openvas-check-setup log below

Trent

-----------------------------------------------

openvas-check-setup 2.3.7
  Test completeness and readiness of OpenVAS-9

  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

  Use the parameter --server to skip checks for client tools
  like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ...
        OK: OpenVAS Scanner is present in version 5.1.1.
        OK: redis-server is present in version v=3.2.3.
        OK: scanner (kb_location setting) is configured properly using the redis-server socket: /tmp/redis.sock
        OK: redis-server is running and listening on socket: /tmp/redis.sock.
        OK: redis-server configuration is OK and redis-server is running.
        OK: NVT collection in /var/lib/openvas/plugins contains 54814 NVTs.
        WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
        SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
        OK: The NVT cache in /var/cache/openvas contains 54814 files for 54814 NVTs.
Step 2: Checking OpenVAS Manager ...
        OK: OpenVAS Manager is present in version 7.0.2.
        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
        OK: Access rights for the OpenVAS Manager database are correct.
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
        OK: OpenVAS Manager database is at revision 184.
        OK: OpenVAS Manager expects database at revision 184.
        OK: Database schema is up to date.
        OK: OpenVAS Manager database contains information about 54814 NVTs.
        OK: At least one user exists.
        OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
        OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
        OK: xsltproc found.
Step 3: Checking user configuration ...
        WARNING: Your password policy is empty.
        SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy.
Step 4: Checking Greenbone Security Assistant (GSA) ...
        OK: Greenbone Security Assistant is present in version 7.0.2.
        OK: Your OpenVAS certificate infrastructure passed validation.
Step 5: Checking OpenVAS CLI ...
        OK: OpenVAS CLI version 1.4.5.
Step 6: Checking Greenbone Security Desktop (GSD) ...
        SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running ...
        OK: netstat found, extended checks of the OpenVAS services enabled.
        OK: OpenVAS Scanner is running and listening on a Unix domain socket.
        OK: OpenVAS Manager is running and listening on a Unix domain socket.
        OK: Greenbone Security Assistant is listening on port 80, which is the default port.
Step 8: Checking nmap installation ...
        WARNING: Your version of nmap is not fully supported: 6.47
        SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.
Step 10: Checking presence of optional tools ...
        OK: pdflatex found.
        WARNING: PDF generation failed, most likely due to missing LaTeX packages. The PDF report format will not work.
        SUGGEST: Install required LaTeX packages.
        OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
        OK: rpm found, LSC credential package generation for RPM based targets is likely to work.
        WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work.
        SUGGEST: Install alien.
        OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
        OK: SELinux is disabled.

It seems like your OpenVAS-9 installation is OK.

If you think it is not OK, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

[root at ggc-scan openvas]# cat /tmp/openvas-check-setup.log
openvas-check-setup 2.3.7
  Mode:  desktop
  Date:  Sun, 27 Aug 2017 21:03:41 -0500

Checking for old OpenVAS Scanner <= 2.0 ...
/bin/openvas-check-setup: line 172: openvasd: command not found

Checking presence of OpenVAS Scanner ...
OpenVAS Scanner 5.1.1
Most new code since 2005: (C) 2016 Greenbone Networks GmbH
Nessus origin: (C) 2004 Renaud Deraison <deraison at nessus.org<mailto:deraison at nessus.org>>
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


Checking OpenVAS Scanner version ...

        OK: OpenVAS Scanner is present in version 5.1.1.
plugins_folder = /var/lib/openvas/plugins
cache_folder = /var/cache/openvas
include_folders = /var/lib/openvas/plugins
max_hosts = 30
max_checks = 10
be_nice = no
logfile = /var/log/openvas/openvassd.log
log_whole_attack = no
log_plugins_name_at_load = no
dumpfile = /var/log/openvas/openvassd.dump
cgi_path = /cgi-bin:/scripts
optimize_test = yes
checks_read_timeout = 5
network_scan = no
non_simult_ports = 139, 445
plugins_timeout = 320
scanner_plugins_timeout = 36000
safe_checks = yes
auto_enable_dependencies = yes
use_mac_addr = no
nasl_no_signature_check = yes
drop_privileges = no
unscanned_closed = yes
unscanned_closed_udp = yes
vhosts =
vhosts_ip =
report_host_details = yes
kb_location = /tmp/redis.sock
timeout_retry = 3
rules = /etc/openvas/openvassd.rules
port_range = default
silent_dependencies = no
save_knowledge_base = no
kb_restore = no
only_test_hosts_whose_kb_we_dont_have = no
only_test_hosts_whose_kb_we_have = no
kb_dont_replay_scanners = no
kb_dont_replay_info_gathering = no
kb_dont_replay_attacks = no
kb_dont_replay_denials = no
kb_max_age = 864000
slice_network_addresses = no
cert_file = /var/lib/openvas/CA/servercert.pem
key_file = /var/lib/openvas/private/CA/serverkey.pem
ca_file = /var/lib/openvas/CA/cacert.pem
config_file = /etc/openvas/openvassd.conf
Checking presence of redis ...
        OK: redis-server is present in version v=3.2.3.

Checking if redis-server is configured properly to run with openVAS ...
        OK: scanner (kb_location setting) is configured properly using the redis-server socket: /tmp/redis.sock
Checking if redis-server is running ...
        OK: redis-server is running and listening on socket: /tmp/redis.sock.
        OK: redis-server configuration is OK and redis-server is running.

Checking NVT collection ...

        OK: NVT collection in /var/lib/openvas/plugins contains 54814 NVTs.
Checking status of signature checking in OpenVAS Scanner ...
        WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
        SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).

        OK: The NVT cache in /var/cache/openvas contains 54814 files for 54814 NVTs.

Checking presence of OpenVAS Manager ...
OpenVAS Manager 7.0.2
Manager DB revision 184
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.



        OK: OpenVAS Manager is present in version 7.0.2.
Checking OpenVAS Manager database ...

        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
Checking access rights of OpenVAS Manager database ...

        OK: Access rights for the OpenVAS Manager database are correct.
Checking sqlite3 presence ...
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.

Checking OpenVAS Manager database revision ...
        OK: OpenVAS Manager database is at revision 184.
Checking database revision expected by OpenVAS Manager ...
        OK: OpenVAS Manager expects database at revision 184.
        OK: Database schema is up to date.
Checking OpenVAS Manager database (NVT data) ...
        OK: OpenVAS Manager database contains information about 54814 NVTs.
Checking if users exist ...
        OK: At least one user exists.

Checking OpenVAS SCAP database ...

        OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
Checking OpenVAS CERT database ...

        OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
Checking xsltproc presence ...
        OK: xsltproc found.

Checking status of password policy ...
        WARNING: Your password policy is empty.
        SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy.

Checking presence of Greenbone Security Assistant ...
Greenbone Security Assistant 7.0.2
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.



        OK: Greenbone Security Assistant is present in version 7.0.2.
Verifying certificate infrastructure ...
OK: Directory for keys (/var/lib/openvas/private/CA) exists.
OK: Directory for certificates (/var/lib/openvas/CA) exists.
OK: CA key found in /var/lib/openvas/private/CA/cakey.pem
OK: CA certificate found in /var/lib/openvas/CA/cacert.pem
OK: CA certificate verified.
OK: Certificate /var/lib/openvas/CA/servercert.pem verified.
OK: Certificate /var/lib/openvas/CA/clientcert.pem verified.

OK: Your OpenVAS certificate infrastructure passed validation.

        OK: Your OpenVAS certificate infrastructure passed validation.
Checking presence of OpenVAS CLI ...
OMP Command Line Interface 1.4.5
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.



        OK: OpenVAS CLI version 1.4.5.
        SKIP: Skipping check for Greenbone Security Desktop.
Checking netstat presence ...
        OK: netstat found, extended checks of the OpenVAS services enabled.

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:6379<http://127.0.0.1:6379>          0.0.0.0:*               LISTEN      1060/redis-server 1
tcp        0      0 127.0.0.1:9390<http://127.0.0.1:9390>          0.0.0.0:*               LISTEN      2544/openvasmd
tcp        0      0 0.0.0.0:9392<http://0.0.0.0:9392>            0.0.0.0:*               LISTEN      2227/gsad
tcp        0      0 0.0.0.0:80<http://0.0.0.0:80>              0.0.0.0:*               LISTEN      2229/gsad
tcp        0      0 0.0.0.0:22<http://0.0.0.0:22>              0.0.0.0:*               LISTEN      1059/sshd
tcp        0      0 127.0.0.1:25<http://127.0.0.1:25>            0.0.0.0:*               LISTEN      1877/master
tcp6       0      0 :::22                   :::*                    LISTEN      1059/sshd
tcp6       0      0 ::1:25                  :::*                    LISTEN      1877/master
        OK: OpenVAS Scanner is running and listening on a Unix domain socket.
        OK: OpenVAS Manager is running and listening on a Unix domain socket.
        OK: Greenbone Security Assistant is listening on port 80, which is the default port.
Checking presence of nmap ...
        WARNING: Your version of nmap is not fully supported: 6.47
        SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.

Checking presence of pdflatex ...
        OK: pdflatex found.

Checking presence of LaTeX packages required for PDF report generation ...
        WARNING: PDF generation failed, most likely due to missing LaTeX packages. The PDF report format will not work.
        SUGGEST: Install required LaTeX packages.
This is pdfTeX, Version 3.1415926-2.5-1.40.14 (TeX Live 2013) (format=pdflatex 2017.8.24)  27 AUG 2017 21:04
entering extended mode
restricted \write18 enabled.
%&-line parsing enabled.
**/tmp/openvas-check-setup-tmp.wAAVQxBD9W/test.tex
(/tmp/openvas-check-setup-tmp.wAAVQxBD9W/test.tex
LaTeX2e <2011/06/27>
Babel <v3.8m> and hyphenation patterns for english, dumylang, nohyphenation, lo
aded.
(/usr/share/texlive/texmf-dist/tex/latex/base/article.cls
Document Class: article 2007/10/19 v1.4h Standard LaTeX document class
(/usr/share/texlive/texmf-dist/tex/latex/base/size10.clo
File: size10.clo 2007/10/19 v1.4h Standard LaTeX file (size option)
)
\c at part=\count79
\c at section=\count80
\c at subsection=\count81
\c at subsubsection=\count82
\c at paragraph=\count83
\c at subparagraph=\count84
\c at figure=\count85
\c at table=\count86
\abovecaptionskip=\skip41
\belowcaptionskip=\skip42
\bibindent=\dimen102
) (/usr/share/texlive/texmf-dist/tex/latex/tools/tabularx.sty
Package: tabularx 1999/01/07 v2.07 `tabularx' package (DPC)
(/usr/share/texlive/texmf-dist/tex/latex/tools/array.sty
Package: array 2008/09/09 v2.4c Tabular extension package (FMi)
\col at sep=\dimen103
\extrarowheight=\dimen104
\NC at list=\toks14
\extratabsurround=\skip43
\backup at length=\skip44
)
\TX at col@width=\dimen105
\TX at old@table=\dimen106
\TX at old@col=\dimen107
\TX at target=\dimen108
\TX at delta=\dimen109
\TX at cols=\count87
\TX at ftn=\toks15
) (/usr/share/texlive/texmf-dist/tex/latex/geometry/geometry.sty
Package: geometry 2010/09/12 v5.6 Page Geometry
(/usr/share/texlive/texmf-dist/tex/latex/graphics/keyval.sty
Package: keyval 1999/03/16 v1.13 key=value parser (DPC)
\KV at toks@=\toks16
) (/usr/share/texlive/texmf-dist/tex/generic/oberdiek/ifpdf.sty
Package: ifpdf 2011/01/30 v2.3 Provides the ifpdf switch (HO)
Package ifpdf Info: pdfTeX in PDF mode is detected.
) (/usr/share/texlive/texmf-dist/tex/generic/oberdiek/ifvtex.sty
Package: ifvtex 2010/03/01 v1.5 Detect VTeX and its facilities (HO)
Package ifvtex Info: VTeX not detected.
) (/usr/share/texlive/texmf-dist/tex/generic/ifxetex/ifxetex.sty
Package: ifxetex 2010/09/12 v0.6 Provides ifxetex conditional
)
\Gm at cnth=\count88
\Gm at cntv=\count89
\c at Gm@tempcnt=\count90
\Gm at bindingoffset=\dimen110
\Gm at wd@mp=\dimen111
\Gm at odd@mp=\dimen112
\Gm at even@mp=\dimen113
\Gm at layoutwidth=\dimen114
\Gm at layoutheight=\dimen115
\Gm at layouthoffset=\dimen116
\Gm at layoutvoffset=\dimen117
\Gm at dimlist=\toks17
)

! LaTeX Error: File `comment.sty' not found.

Type X to quit or <RETURN> to proceed,
or enter new name. (Default extension: sty)

Enter file name:
! Emergency stop.
<read *>

l.8 \usepackage
               {longtable}^^M
*** (cannot \read from terminal in nonstop modes)


Here is how much of TeX's memory you used:
815 strings out of 495063
11112 string characters out of 3182201
60410 words of memory out of 3000000
4062 multiletter control sequences out of 15000+200000
3640 words of font info for 14 fonts, out of 3000000 for 9000
14 hyphenation exceptions out of 8191
23i,0n,19p,192b,36s stack positions out of 5000i,500n,10000p,200000b,50000s
!  ==> Fatal error occurred, no output PDF file produced!
Checking presence of ssh-keygen ...
        OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.

Checking presence of rpm ...
        OK: rpm found, LSC credential package generation for RPM based targets is likely to work.

Checking presence of alien ...
        WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work.
        SUGGEST: Install alien.

Checking presence of nsis ...
        OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
Checking for SELinux ...
        OK: SELinux is disabled.



--
Trent Townsend, CISSP, CCNA



________________________________
This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author, and do not necessarily represent those of Next Step Innovation. If you are not the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited. If you have received this email in error, please contact the sender.
________________________________

_______________________________________________
Openvas-discuss mailing list
Openvas-discuss at wald.intevation.org<mailto:Openvas-discuss at wald.intevation.org>
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss



________________________________
This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author, and do not necessarily represent those of Next Step Innovation. If you are not the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited. If you have received this email in error, please contact the sender.
________________________________



This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author, and do not necessarily represent those of Next Step Innovation. If you are not the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited. If you have received this email in error, please contact the sender. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20170828/b0d502be/attachment-0001.html>


More information about the Openvas-discuss mailing list