Discussion:
The openvas 7 cannot be access even it everything is ok
trancy.zhai
2014-08-04 10:13:48 UTC
Permalink
Hi all,



When we setup openvas ,after all is setup ,the openvas 7 cannot be access
even it everything is ok. Can someone help to figure out the issue?



Site:

---------





My Environment:

-----------

Centos 6.5 +VM7



Note:

------

There are 3 warning in my environment . Do you think we need fix these
warnings?



Step 1: Checking OpenVAS Scanner ...

OK: OpenVAS Scanner is present in version 4.0.1.

OK: OpenVAS Scanner CA Certificate is present as
/var/lib/openvas/CA/cacert.pem.

OK: NVT collection in /var/lib/openvas/plugins contains 35685 NVTs.

OK: Signature checking of NVTs is enabled in OpenVAS Scanner.

OK: The NVT cache in /var/cache/openvas contains 35685 files for
35685 NVTs.

Step 2: Checking OpenVAS Manager ...

OK: OpenVAS Manager is present in version 5.0.2.

OK: OpenVAS Manager client certificate is present as
/var/lib/openvas/CA/clientcert.pem.

OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.

OK: Access rights for the OpenVAS Manager database are correct.

OK: sqlite3 found, extended checks of the OpenVAS Manager
installation enabled.

OK: OpenVAS Manager database is at revision 123.

OK: OpenVAS Manager expects database at revision 123.

OK: Database schema is up to date.

OK: OpenVAS Manager database contains information about 35685 NVTs.

OK: OpenVAS SCAP database found in
/var/lib/openvas/scap-data/scap.db.

OK: OpenVAS CERT database found in
/var/lib/openvas/cert-data/cert.db.

OK: xsltproc found.

Step 3: Checking user configuration ...

OK: The password policy file at /etc/openvas/pwpolicy.conf contains
entries.

Step 4: Checking Greenbone Security Assistant (GSA) ...

OK: Greenbone Security Assistant is present in version 5.0.1.

Step 5: Checking OpenVAS CLI ...

OK: OpenVAS CLI version 1.3.0.

Step 6: Checking Greenbone Security Desktop (GSD) ...

SKIP: Skipping check for Greenbone Security Desktop.

Step 7: Checking if OpenVAS services are up and running ...

OK: netstat found, extended checks of the OpenVAS services enabled.

WARNING: OpenVAS Scanner is listening on port 9391 9393, which is
NOT the default port!

SUGGEST: Ensure OpenVAS Scanner is listening on port 9391.

OK: OpenVAS Manager is running and listening on all interfaces.

OK: OpenVAS Manager is listening on port 9390, which is the default
port.

OK: Greenbone Security Assistant is running and listening on all
interfaces.

OK: Greenbone Security Assistant is listening on port 9392, which is
the default port.

./openvas-check-setup: line 729: [: too many arguments

Step 8: Checking nmap installation ...

WARNING: Your version of nmap is not fully supported: 6.46

SUGGEST: You should install nmap 5.51.

Step 9: Checking presence of optional tools ...

OK: pdflatex found.

OK: PDF generation successful. The PDF report format is likely to
work.

OK: ssh-keygen found, LSC credential generation for GNU/Linux
targets is likely to work.

OK: rpm found, LSC credential package generation for RPM based
targets is likely to work.

WARNING: Could not find alien binary, LSC credential package
generation for DEB based targets will not work.

SUGGEST: Install alien.

OK: nsis found, LSC credential package generation for Microsoft
Windows targets is likely to work.

OK: SELinux is disabled.



It seems like your OpenVAS-7 installation is OK.



If you think it is not OK, please report your observation

and help us to improve this check routine:

http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze
the problem.



Thanks,

Trancy
Rene Behring
2014-08-05 06:46:14 UTC
Permalink
Well, if you have configured, that the scanner is listening on port 9393 then it should be fine, if not you should configure it. the other warnings are „okay“…

the manager has to know on which port the scanner is running.

i don’t know how you installed your openvas, so maybe you have the /etc/init.d/openvas* scripts. if you have them, you can specify it in these scripts or better in the script configs unter /etc/sysconfig/openvas*.

my settings:

[***@localhost ~]$ cat /etc/sysconfig/openvas-scanner
# Options to pass to the openvassd daemon
OPTIONS="“ <— there are no options, so it starts in default port 9391
…

[***@localhost ~]$ cat /etc/sysconfig/openvas-manager
OPTIONS="--port 9390 --sport 9391"

--sport is the scanner port, so you have to switch it to 9393 or start the scanner with the default port.


Rene
Post by trancy.zhai
Hi all,
When we setup openvas ,after all is setup ,the openvas 7 cannot be access even it everything is ok. Can someone help to figure out the issue?
---------
-----------
Centos 6.5 +VM7
------
There are 3 warning in my environment . Do you think we need fix these warnings?
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 4.0.1.
OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
OK: NVT collection in /var/lib/openvas/plugins contains 35685 NVTs.
OK: Signature checking of NVTs is enabled in OpenVAS Scanner.
OK: The NVT cache in /var/cache/openvas contains 35685 files for 35685 NVTs.
Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 5.0.2.
OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
OK: OpenVAS Manager database is at revision 123.
OK: OpenVAS Manager expects database at revision 123.
OK: Database schema is up to date.
OK: OpenVAS Manager database contains information about 35685 NVTs.
OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
OK: xsltproc found.
Step 3: Checking user configuration ...
OK: The password policy file at /etc/openvas/pwpolicy.conf contains entries.
Step 4: Checking Greenbone Security Assistant (GSA) ...
OK: Greenbone Security Assistant is present in version 5.0.1.
Step 5: Checking OpenVAS CLI ...
OK: OpenVAS CLI version 1.3.0.
Step 6: Checking Greenbone Security Desktop (GSD) ...
SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running ...
OK: netstat found, extended checks of the OpenVAS services enabled.
WARNING: OpenVAS Scanner is listening on port 9391 9393, which is NOT the default port!
SUGGEST: Ensure OpenVAS Scanner is listening on port 9391.
OK: OpenVAS Manager is running and listening on all interfaces.
OK: OpenVAS Manager is listening on port 9390, which is the default port.
OK: Greenbone Security Assistant is running and listening on all interfaces.
OK: Greenbone Security Assistant is listening on port 9392, which is the default port.
./openvas-check-setup: line 729: [: too many arguments
Step 8: Checking nmap installation ...
WARNING: Your version of nmap is not fully supported: 6.46
SUGGEST: You should install nmap 5.51.
Step 9: Checking presence of optional tools ...
OK: pdflatex found.
OK: PDF generation successful. The PDF report format is likely to work.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
OK: rpm found, LSC credential package generation for RPM based targets is likely to work.
WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work.
SUGGEST: Install alien.
OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
OK: SELinux is disabled.
It seems like your OpenVAS-7 installation is OK.
If you think it is not OK, please report your observation
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.
Thanks,
Trancy
<Check log.txt>_______________________________________________
Openvas-discuss mailing list
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Loading...