LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-08-2015, 09:40 PM   #1
pgb205
Member
 
Registered: Nov 2007
Posts: 124

Rep: Reputation: 15
openvas to scan ip on internet fails


Already verified that openvas is working when scanning local ip's.

However,scanning my ip servers on the internet does not produce any results.
Not sure I'm OpenVAS only works on local servers or anything else that i need to do to have it scan hosts on the internet?
 
Old 11-09-2015, 02:17 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,393
Blog Entries: 55

Rep: Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565Reputation: 3565
OpenVAS doesn't come with crippled functionality in any way and will scan any host it can connect with. Since you haven't spilled any relevant details about where you're scanning from, what scan configuration you use, what your targets are and we don't know if there's any filtering along the way maybe start by doing some simple diags like ping, tcptraceroute and nmap (basic connect scan, verbose, and only select ports you know are open) your servers?..
 
Old 11-09-2015, 01:59 PM   #3
pgb205
Member
 
Registered: Nov 2007
Posts: 124

Original Poster
Rep: Reputation: 15
scanning remote server that's accessible on the internet (aws) from my local network.

from the server where openvas is installed i checked the following:
nmap shows 22/80 opened and I confirmed that I can access via ssh and http as well

tcptraceroute reaches the server as expected.

Based on the above I think it's clear that routing between the servers is properly setup.

on OpenVas server I tried scanning local network servers which provide expected results.
However, doing immediate scan with all the default settings terminates almost immediately with the following:
Empty reports can happen for the following reasons:
The target hosts where regarded dead.
The filter does not match any result.
A very small or non-verbose scan configuration was applied.


I also tried doing ultimate scan but that didn't help.

PS: also tried ping as suggested and it appears to be blocked.

Last edited by pgb205; 11-09-2015 at 02:00 PM.
 
Old 11-09-2015, 02:37 PM   #4
berndbausch
Senior Member
 
Registered: Nov 2013
Location: Tokyo
Distribution: Redhat/Centos, Ubuntu, Raspbian, Fedora
Posts: 2,018

Rep: Reputation: 431Reputation: 431Reputation: 431Reputation: 431Reputation: 431
While the only thing I know about Openvas is how it's spelt, I think this is an excellent use case for tracing. It allows you to see how Openvas is trying to check out the other side, and what error packets, if any, come back.

Code:
tcpdump -i mynetworkinterface host something.aws.com
would be my first approach. You can also save the packets to a file and analyze them later.

wireshark is a little bit like tcpdump, but much better at interpreting packets of different types, and it has a GUI with many bells and whistles.
 
Old 12-03-2015, 06:35 AM   #5
_mime_
LQ Newbie
 
Registered: Dec 2015
Posts: 1

Rep: Reputation: Disabled
Quote:
Originally Posted by pgb205 View Post
PS: also tried ping as suggested and it appears to be blocked.
If that is the case, choose a different "Alive Test" when creating a target, for example "ICMP, TCP Service & ARP Ping" or just use "Consider alive".

See "docs.greenbone.net/GSM-Manual/gos-3.1/en/scanning.html" for more information about the "Alive Test"

HTH
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
hcitool scan fails to see bluetooth keyboard BartG Linux - Hardware 4 03-07-2014 05:23 PM
Scan a website with OpenVAS? turiyain Linux - Newbie 6 06-21-2012 02:25 AM
[SOLVED] Wapiti security tool fails to run with Openvas shayno90 Linux - Software 12 04-10-2012 09:30 AM
Openvas-manager & openvas-cli Minky Linux - Software 1 04-26-2010 07:59 AM
Firewall fails port scan test windz Linux - Security 3 08-01-2004 01:05 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:28 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration