OpenVAS 7 - nmap not launching

Discussion:

Duckworth, Douglas C

2014-09-12 21:07:01 UTC

Update:

ping.nasl runs and I can see traffic listening via tcpdump on target:

16:02:06.623903 IP (tos 0x0, ttl 56, id 24917, offset 0, flags [none], proto TCP (6), length 44)
XXX.XXX.XXX.XXX.33750 > XXX.XXX.XXX.XXX.443: Flags [S], cksum 0xcd2a (correct), seq 1701439924, win 1024, options [mss 1460], length 0

nmap.nasl "hangs" though with no incoming traffic reaching target

root 3267 6.6 0.4 137952 37992 ? Ss 15:52 0:39 openvassd: Waiting for incoming connections
root 3524 0.0 0.0 15344 2428 pts/0 S+ 15:57 0:00 watch -n 5 ps aux | grep openvassd
root 4275 21.3 0.7 161732 61980 ? Ss 16:01 0:10 openvassd: Serving 127.0.0.1
root 4290 0.3 0.7 164308 63724 ? S 16:01 0:00 openvassd: testing XXX.XXX.XXX.XXX
root 4310 0.1 0.8 172992 64988 ? S 16:02 0:00 openvassd: testing XXX.XXX.XXX.XXX (/usr/local/var/lib/openvas/plugins/nmap.nasl)

***@pentest:~# strace -p 4310
Process 4310 attached - interrupt to quit
read(7,

----nothing else from strace----

the target profile should be scanning 1-65535 and top 100 udp...

Any suggestions? This was compiled from source on Kali 1.09 following this guide:

http://www.devconsole.info/?p=1010

Thanks
Doug

--
Thanks

Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112

E: ***@tulane.edu<mailto:***@tulane.edu>
O: 504-988-9341
F: 504-988-8505

On 09/12/2014 03:14 PM, Duckworth, Douglas C wrote:
Sorry for the n00b inquiry.

I am having issues executing nmap port scan using Openvas 7.

Setup output shows no problems:

http://pastebin.com/jiV5PXVZ

Yet "ps aux" shows that nmap does not launch. I am confused as to whether my scan config should use "Launch Nmap for Network Scanning" or "Nmap (NASL wrapper)."

Have a good weekend!

Thanks,
Doug

--
Thanks

Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112

E: ***@tulane.edu<mailto:***@tulane.edu>
O: 504-988-9341
F: 504-988-8505

Duckworth, Douglas C

2014-09-12 20:14:45 UTC

Permalink

Sorry for the n00b inquiry.

I am having issues executing nmap port scan using Openvas 7.

Setup output shows no problems:

http://pastebin.com/jiV5PXVZ

Yet "ps aux" shows that nmap does not launch. I am confused as to whether my scan config should use "Launch Nmap for Network Scanning" or "Nmap (NASL wrapper)."

Have a good weekend!

Thanks,
Doug

--
Thanks

Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112

E: ***@tulane.edu<mailto:***@tulane.edu>
O: 504-988-9341
F: 504-988-8505

Michael Meyer

2014-09-13 07:46:50 UTC

Permalink

Post by Duckworth, Douglas C
nmap.nasl "hangs" though with no incoming traffic reaching target

Please run "ps auxwww" to get the complete nmap command line. Now run
nmap manual with the same arguments. Did that work?

Micha

--
Michael Meyer OpenPGP Key: 0xAF069E9152A6EFA6
http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner

Duckworth, Douglas C

2014-09-16 15:37:19 UTC

Permalink

Thanks for the educational reply!

root 4374 0.1 0.8 172984 64976 ? S 10:27 0:00 openvassd: testing XXX.XXX.XXX.XXX (/usr/local/var/lib/openvas/plugins/nmap.nasl)
root 4375 5.6 0.3 60304 26964 ? S 10:27 0:00 nmap -n -P0 -oG /tmp/nmap-network-1230976031 -sS -sU -sV -sR -O --osscan_guess -f -p T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,593,623,626,631,996-999,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,3703,4444,4500,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185-49186,49188,49190-49194,49200-49201 --min_parallelism 5 --max_parallelism 100 XXX.XXX.XXX.XXX

strace info:

ioctl(4294967295, TIOCGPGRP, [0]) = -1 EBADF (Bad file descriptor)
sendto(5, "E\0\0\34\204k \0:\6\352$\201Qw[\201QxN\324\260\223\222\261\177\34\272", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\204k \1:\6\352#\201Qw[\201QxN\0\0\0\0`\2\4\0", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\204k\0\2:\6\n#\201Qw[\201QxNk]\0\0\2\4\5\264", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
select(7, [6], NULL, NULL, {0, 2000}) = 0 (Timeout)
ioctl(4294967295, TIOCGPGRP, [0]) = -1 EBADF (Bad file descriptor)
sendto(5, "E\0\0\34\367\236 \0009\6w\361\201Qw[\201QxN\324\2608\v\261\177\34\272", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\367\236 \0019\6w\360\201Qw[\201QxN\0\0\0\0`\2\4\0", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\367\236\0\0029\6\227\357\201Qw[\201QxN\306\344\0\0\2\4\5\264", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
select(7, [6], NULL, NULL, {0, 643109}^C <unfinished ...>

Looks like others have had experienced similar issues:

http://comments.gmane.org/gmane.comp.security.openvas.users/4053

Should I uncheck "Network Scan?"

Thanks
Doug

--
Thanks

Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112

E: ***@tulane.edu<mailto:***@tulane.edu>
O: 504-988-9341
F: 504-988-8505

On 09/13/2014 02:47 AM, Michael Meyer wrote:

ps auxwww

Eero Volotinen

2014-09-16 15:42:28 UTC

Permalink

Hi,

Does nmap -P0 target-ip work on root?

--
Eero

Post by Duckworth, Douglas C
Thanks for the educational reply!
root 4374 0.1 0.8 172984 64976 ? S 10:27 0:00
openvassd: testing XXX.XXX.XXX.XXX
(/usr/local/var/lib/openvas/plugins/nmap.nasl)
root 4375 5.6 0.3 60304 26964 ? S 10:27 0:00 nmap -n
-P0 -oG /tmp/nmap-network-1230976031 -sS -sU -sV -sR -O --osscan_guess -f
-p
T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,593,623,626,631,996-999,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,3703,4444,4500,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185-49186,49188,49190-49194,49200-49201
--min_parallelism 5 --max_parallelism 100 XXX.XXX.XXX.XXX
ioctl(4294967295, TIOCGPGRP, [0]) = -1 EBADF (Bad file descriptor)
sendto(5, "E\0\0\34\204k
\0:\6\352$\201Qw[\201QxN\324\260\223\222\261\177\34\272", 28, 0,
{sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")},
16) = 28
sendto(5, "E\0\0\34\204k \1:\6\352#\201Qw[\201QxN\0\0\0\0`\2\4\0", 28, 0,
{sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")},
16) = 28
sendto(5, "E\0\0\34\204k\0\2:\6\n#\201Qw[\201QxNk]\0\0\2\4\5\264", 28, 0,
{sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")},
16) = 28
select(7, [6], NULL, NULL, {0, 2000}) = 0 (Timeout)
ioctl(4294967295, TIOCGPGRP, [0]) = -1 EBADF (Bad file descriptor)
sendto(5, "E\0\0\34\367\236
\0009\6w\361\201Qw[\201QxN\324\2608\v\261\177\34\272", 28, 0,
{sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")},
16) = 28
sendto(5, "E\0\0\34\367\236 \0019\6w\360\201Qw[\201QxN\0\0\0\0`\2\4\0",
28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("
XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5,
"E\0\0\34\367\236\0\0029\6\227\357\201Qw[\201QxN\306\344\0\0\2\4\5\264",
28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("
XXX.XXX.XXX.XXX")}, 16) = 28
select(7, [6], NULL, NULL, {0, 643109}^C <unfinished ...>
http://comments.gmane.org/gmane.comp.security.openvas.users/4053
Should I uncheck "Network Scan?"
Thanks
Doug
--
Thanks
Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112
O: 504-988-9341
F: 504-988-8505
ps auxwww
_______________________________________________
Openvas-discuss mailing list
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Duckworth, Douglas C

2014-09-16 16:06:37 UTC

Permalink

Yes sir but now seeing "-1 EAGAIN (Resource temporarily unavailable)."

I am unfamilar with normal nmap strace output so your help greatly appreciated.

***@pentest:~# nmap -v -P0 XXX.XXX.XXX.XXX

Starting Nmap 6.47 ( http://nmap.org ) at 2014-09-16 10:55 CDT
Initiating Parallel DNS resolution of 1 host. at 10:55
Completed Parallel DNS resolution of 1 host. at 10:55, 0.00s elapsed
Initiating SYN Stealth Scan at 10:55
Scanning foo.bar.edu (XXX.XXX.XXX.XXX) [1000 ports]
SYN Stealth Scan Timing: About 15.00% done; ETC: 10:58 (0:02:56 remaining)

strace:

read(3, 0x7fff277e1dbc, 1) = -1 EAGAIN (Resource temporarily unavailable)
sendto(4, "E\0\0,\r\273\0\0(\6\222\305\201Qw[\201QxN\247\364\rLx\21VM\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(3404), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\353\363\0\0,\6\260\214\201Qw[\201QxN\247\364 \277x\21VM\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(8383), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\2230\0\0.\6\7P\201Qw[\201QxN\247\364\0Sx\21VM\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(83), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\236*\0\0005\6\365U\201Qw[\201QxN\247\364\r*x\21VM\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(3370), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
select(6, [5], NULL, NULL, {0, 947940}) = 0 (Timeout)
ioctl(3, TIOCGPGRP, [4748]) = 0
read(3, 0x7fff277e1dbc, 1) = -1 EAGAIN (Resource temporarily unavailable)
sendto(4, "E\0\0,\22|\0\0004\6\202\4\201Qw[\201QxN\247\363\10\24x\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(2068), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\365\340\0\0001\6\241\237\201Qw[\201QxN\247\363N x\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(20000), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
select(6, [5], NULL, NULL, {0, 25971}) = 0 (Timeout)
ioctl(3, TIOCGPGRP, [4748]) = 0
read(3, 0x7fff277e1dbc, 1) = -1 EAGAIN (Resource temporarily unavailable)
sendto(4, "E\0\0,\244\236\0\0001\6\362\341\201Qw[\201QxN\247\363\27>x\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(5950), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,*\361\0\0009\6d\217\201Qw[\201QxN\247\363\7\372x\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(2042), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,>\317\0\0004\6U\261\201Qw[\201QxN\247\363\n\215x\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(2701), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\330>\0\0'\6\311A\201Qw[\201QxN\247\363\1\321x\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(465), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\321B\0\0005\6\302=\201Qw[\201QxN\247\363\32\fx\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(6668), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\237=\0\0)\6\0C\201Qw[\201QxN\247\363!\311x\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(8649), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\2\351\0\0*\6\233\227\201Qw[\201QxN\247\363\v\311x\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(3017), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\255\364\0\0005\6\345\213\201Qw[\201QxN\247\363\27\324x\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(6100), sin_addr=inet_addr("999.999.999.999")}, 16) = 44
~

--
Thanks

Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112

E: ***@tulane.edu<mailto:***@tulane.edu>
O: 504-988-9341
F: 504-988-8505

On 09/16/2014 10:42 AM, Eero Volotinen wrote:
Hi,

Does nmap -P0 target-ip work on root?

--
Eero

2014-09-16 18:37 GMT+03:00 Duckworth, Douglas C <***@tulane.edu<mailto:***@tulane.edu>>:
Thanks for the educational reply!

root 4374 0.1 0.8 172984 64976 ? S 10:27 0:00 openvassd: testing XXX.XXX.XXX.XXX (/usr/local/var/lib/openvas/plugins/nmap.nasl)
root 4375 5.6 0.3 60304 26964 ? S 10:27 0:00 nmap -n -P0 -oG /tmp/nmap-network-1230976031 -sS -sU -sV -sR -O --osscan_guess -f -p T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,593,623,626,631,996-999,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,3703,4444,4500,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185-49186,49188,49190-49194,49200-49201 --min_parallelism 5 --max_parallelism 100 XXX.XXX.XXX.XXX

strace info:

ioctl(4294967295, TIOCGPGRP, [0]) = -1 EBADF (Bad file descriptor)
sendto(5, "E\0\0\34\204k \0:\6\352$\201Qw[\201QxN\324\260\223\222\261\177\34\272", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\204k \1:\6\352#\201Qw[\201QxN\0\0\0\0`\2\4\0", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\204k\0\2:\6\n#\201Qw[\201QxNk]\0\0\2\4\5\264", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
select(7, [6], NULL, NULL, {0, 2000}) = 0 (Timeout)
ioctl(4294967295, TIOCGPGRP, [0]) = -1 EBADF (Bad file descriptor)
sendto(5, "E\0\0\34\367\236 \0009\6w\361\201Qw[\201QxN\324\2608\v\261\177\34\272", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\367\236 \0019\6w\360\201Qw[\201QxN\0\0\0\0`\2\4\0", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\367\236\0\0029\6\227\357\201Qw[\201QxN\306\344\0\0\2\4\5\264", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
select(7, [6], NULL, NULL, {0, 643109}^C <unfinished ...>

Looks like others have had experienced similar issues:

http://comments.gmane.org/gmane.comp.security.openvas.users/4053

Should I uncheck "Network Scan?"

Thanks
Doug

--
Thanks

Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112

E: ***@tulane.edu<mailto:***@tulane.edu>
O: 504-988-9341
F: 504-988-8505

On 09/13/2014 02:47 AM, Michael Meyer wrote:

ps auxwww

Eero Volotinen

2014-09-16 18:52:59 UTC

Permalink

Hi,

Is there any special limits configured to server? please run following
command and wait until scan is ready:

nmap -P0 -sT -p- ip.address

Post by Duckworth, Douglas C
Yes sir but now seeing "-1 EAGAIN (Resource temporarily unavailable)."
I am unfamilar with normal nmap strace output so your help greatly appreciated.
Starting Nmap 6.47 ( http://nmap.org ) at 2014-09-16 10:55 CDT
Initiating Parallel DNS resolution of 1 host. at 10:55
Completed Parallel DNS resolution of 1 host. at 10:55, 0.00s elapsed
Initiating SYN Stealth Scan at 10:55
Scanning foo.bar.edu (XXX.XXX.XXX.XXX) [1000 ports]
SYN Stealth Scan Timing: About 15.00% done; ETC: 10:58 (0:02:56 remaining)
read(3, 0x7fff277e1dbc, 1) = -1 EAGAIN (Resource temporarily unavailable)
sendto(4,
"E\0\0,\r\273\0\0(\6\222\305\201Qw[\201QxN\247\364\rLx\21VM\0\0\0\0"...,
44, 0, {sa_family=AF_INET, sin_port=htons(3404),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\353\363\0\0,\6\260\214\201Qw[\201QxN\247\364
\277x\21VM\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(8383),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4,
"E\0\0,\2230\0\0.\6\7P\201Qw[\201QxN\247\364\0Sx\21VM\0\0\0\0"..., 44, 0,
{sa_family=AF_INET, sin_port=htons(83),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4,
"E\0\0,\236*\0\0005\6\365U\201Qw[\201QxN\247\364\r*x\21VM\0\0\0\0"..., 44,
0, {sa_family=AF_INET, sin_port=htons(3370),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
select(6, [5], NULL, NULL, {0, 947940}) = 0 (Timeout)
ioctl(3, TIOCGPGRP, [4748]) = 0
read(3, 0x7fff277e1dbc, 1) = -1 EAGAIN (Resource temporarily unavailable)
sendto(4,
"E\0\0,\22|\0\0004\6\202\4\201Qw[\201QxN\247\363\10\24x\20VL\0\0\0\0"...,
44, 0, {sa_family=AF_INET, sin_port=htons(2068),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4, "E\0\0,\365\340\0\0001\6\241\237\201Qw[\201QxN\247\363N
x\20VL\0\0\0\0"..., 44, 0, {sa_family=AF_INET, sin_port=htons(20000),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
select(6, [5], NULL, NULL, {0, 25971}) = 0 (Timeout)
ioctl(3, TIOCGPGRP, [4748]) = 0
read(3, 0x7fff277e1dbc, 1) = -1 EAGAIN (Resource temporarily unavailable)
sendto(4,
"E\0\0,\244\236\0\0001\6\362\341\201Qw[\201QxN\247\363\27>x\20VL\0\0\0\0"...,
44, 0, {sa_family=AF_INET, sin_port=htons(5950),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4,
"E\0\0,*\361\0\0009\6d\217\201Qw[\201QxN\247\363\7\372x\20VL\0\0\0\0"...,
44, 0, {sa_family=AF_INET, sin_port=htons(2042),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4,
"E\0\0,>\317\0\0004\6U\261\201Qw[\201QxN\247\363\n\215x\20VL\0\0\0\0"...,
44, 0, {sa_family=AF_INET, sin_port=htons(2701),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4,
"E\0\0,\330>\0\0'\6\311A\201Qw[\201QxN\247\363\1\321x\20VL\0\0\0\0"..., 44,
0, {sa_family=AF_INET, sin_port=htons(465),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4,
"E\0\0,\321B\0\0005\6\302=\201Qw[\201QxN\247\363\32\fx\20VL\0\0\0\0"...,
44, 0, {sa_family=AF_INET, sin_port=htons(6668),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4,
"E\0\0,\237=\0\0)\6\0C\201Qw[\201QxN\247\363!\311x\20VL\0\0\0\0"..., 44, 0,
{sa_family=AF_INET, sin_port=htons(8649),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4,
"E\0\0,\2\351\0\0*\6\233\227\201Qw[\201QxN\247\363\v\311x\20VL\0\0\0\0"...,
44, 0, {sa_family=AF_INET, sin_port=htons(3017),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
sendto(4,
"E\0\0,\255\364\0\0005\6\345\213\201Qw[\201QxN\247\363\27\324x\20VL\0\0\0\0"...,
44, 0, {sa_family=AF_INET, sin_port=htons(6100),
sin_addr=inet_addr("999.999.999.999")}, 16) = 44
~
--
Thanks
Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112
O: 504-988-9341
F: 504-988-8505
Hi,
Does nmap -P0 target-ip work on root?
--
Eero

Post by Duckworth, Douglas C
Thanks for the educational reply!
root 4374 0.1 0.8 172984 64976 ? S 10:27 0:00
openvassd: testing XXX.XXX.XXX.XXX
(/usr/local/var/lib/openvas/plugins/nmap.nasl)
root 4375 5.6 0.3 60304 26964 ? S 10:27 0:00 nmap -n
-P0 -oG /tmp/nmap-network-1230976031 -sS -sU -sV -sR -O --osscan_guess -f
-p
T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,593,623,626,631,996-999,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,3703,4444,4500,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185-49186,49188,49190-49194,49200-49201
--min_parallelism 5 --max_parallelism 100 XXX.XXX.XXX.XXX
ioctl(4294967295, TIOCGPGRP, [0]) = -1 EBADF (Bad file descriptor)
sendto(5, "E\0\0\34\204k
\0:\6\352$\201Qw[\201QxN\324\260\223\222\261\177\34\272", 28, 0,
{sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("
XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\204k \1:\6\352#\201Qw[\201QxN\0\0\0\0`\2\4\0", 28, 0,
{sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("
XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\204k\0\2:\6\n#\201Qw[\201QxNk]\0\0\2\4\5\264", 28, 0,
{sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("
XXX.XXX.XXX.XXX")}, 16) = 28
select(7, [6], NULL, NULL, {0, 2000}) = 0 (Timeout)
ioctl(4294967295, TIOCGPGRP, [0]) = -1 EBADF (Bad file descriptor)
sendto(5, "E\0\0\34\367\236
\0009\6w\361\201Qw[\201QxN\324\2608\v\261\177\34\272", 28, 0,
{sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("
XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\367\236 \0019\6w\360\201Qw[\201QxN\0\0\0\0`\2\4\0",
28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("
XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5,
"E\0\0\34\367\236\0\0029\6\227\357\201Qw[\201QxN\306\344\0\0\2\4\5\264",
28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("
XXX.XXX.XXX.XXX")}, 16) = 28
select(7, [6], NULL, NULL, {0, 643109}^C <unfinished ...>
http://comments.gmane.org/gmane.comp.security.openvas.users/4053
Should I uncheck "Network Scan?"
Thanks
Doug
--
Thanks
Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112
O: 504-988-9341
F: 504-988-8505
ps auxwww
_______________________________________________
Openvas-discuss mailing list
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Duckworth, Douglas C

2014-09-16 15:42:14 UTC

Permalink

Setting "Network Scan" to "No" does not remedy the situation. strace still shows the bad file descriptor error when using nmap...

Doug

--
Thanks

Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112

E: ***@tulane.edu<mailto:***@tulane.edu>
O: 504-988-9341
F: 504-988-8505

On 09/16/2014 10:37 AM, Duckworth, Douglas C wrote:
Thanks for the educational reply!

root 4374 0.1 0.8 172984 64976 ? S 10:27 0:00 openvassd: testing XXX.XXX.XXX.XXX (/usr/local/var/lib/openvas/plugins/nmap.nasl)
root 4375 5.6 0.3 60304 26964 ? S 10:27 0:00 nmap -n -P0 -oG /tmp/nmap-network-1230976031 -sS -sU -sV -sR -O --osscan_guess -f -p T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,593,623,626,631,996-999,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,3703,4444,4500,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185-49186,49188,49190-49194,49200-49201 --min_parallelism 5 --max_parallelism 100 XXX.XXX.XXX.XXX

strace info:

ioctl(4294967295, TIOCGPGRP, [0]) = -1 EBADF (Bad file descriptor)
sendto(5, "E\0\0\34\204k \0:\6\352$\201Qw[\201QxN\324\260\223\222\261\177\34\272", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\204k \1:\6\352#\201Qw[\201QxN\0\0\0\0`\2\4\0", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\204k\0\2:\6\n#\201Qw[\201QxNk]\0\0\2\4\5\264", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
select(7, [6], NULL, NULL, {0, 2000}) = 0 (Timeout)
ioctl(4294967295, TIOCGPGRP, [0]) = -1 EBADF (Bad file descriptor)
sendto(5, "E\0\0\34\367\236 \0009\6w\361\201Qw[\201QxN\324\2608\v\261\177\34\272", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\367\236 \0019\6w\360\201Qw[\201QxN\0\0\0\0`\2\4\0", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
sendto(5, "E\0\0\34\367\236\0\0029\6\227\357\201Qw[\201QxN\306\344\0\0\2\4\5\264", 28, 0, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("XXX.XXX.XXX.XXX")}, 16) = 28
select(7, [6], NULL, NULL, {0, 643109}^C <unfinished ...>

Looks like others have had experienced similar issues:

http://comments.gmane.org/gmane.comp.security.openvas.users/4053

Should I uncheck "Network Scan?"

Thanks
Doug

--
Thanks

Douglas Charles Duckworth
Unix Administrator
Tulane University
Technology Services
1555 Poydras Ave
NOLA -- 70112

E: ***@tulane.edu<mailto:***@tulane.edu>
O: 504-988-9341
F: 504-988-8505

On 09/13/2014 02:47 AM, Michael Meyer wrote:

ps auxwww