openvas to scan ip on internet fails
Already verified that openvas is working when scanning local ip's.
However,scanning my ip servers on the internet does not produce any results. Not sure I'm OpenVAS only works on local servers or anything else that i need to do to have it scan hosts on the internet? |
OpenVAS doesn't come with crippled functionality in any way and will scan any host it can connect with. Since you haven't spilled any relevant details about where you're scanning from, what scan configuration you use, what your targets are and we don't know if there's any filtering along the way maybe start by doing some simple diags like ping, tcptraceroute and nmap (basic connect scan, verbose, and only select ports you know are open) your servers?..
|
scanning remote server that's accessible on the internet (aws) from my local network.
from the server where openvas is installed i checked the following: nmap shows 22/80 opened and I confirmed that I can access via ssh and http as well tcptraceroute reaches the server as expected. Based on the above I think it's clear that routing between the servers is properly setup. on OpenVas server I tried scanning local network servers which provide expected results. However, doing immediate scan with all the default settings terminates almost immediately with the following: Empty reports can happen for the following reasons: The target hosts where regarded dead. The filter does not match any result. A very small or non-verbose scan configuration was applied. I also tried doing ultimate scan but that didn't help. PS: also tried ping as suggested and it appears to be blocked. |
While the only thing I know about Openvas is how it's spelt, I think this is an excellent use case for tracing. It allows you to see how Openvas is trying to check out the other side, and what error packets, if any, come back.
Code:
tcpdump -i mynetworkinterface host something.aws.com wireshark is a little bit like tcpdump, but much better at interpreting packets of different types, and it has a GUI with many bells and whistles. |
Quote:
See "docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html" for more information about the "Alive Test" HTH |
All times are GMT -5. The time now is 05:03 AM. |