search

immauss / openvas

Containers for running the Greenbone Vulnerability Manager. Run as a single container with all services or separate single applications containers via docker-compose.
GNU Affero General Public License v3.0
354 stars 102 forks source link

Scan not working #115

Closed fellipmelo closed 2 years ago

fellipmelo commented 2 years ago

I'm testing your image and apparently it works fine, But when I do an analysis on some IP address, no vulnerability is found. It seems to be a network problem. I tested it on servers with vulnerability and it still finishes the scanner in 15 seconds and doesn't point out any vulnerability.

image

immauss commented 2 years ago

Are you using a credentialed scan? If so, can you check to see if the credentials are working properly?

fellipmelo commented 2 years ago

No crendentials

immauss commented 2 years ago

Can you reach the devices from the inside the container? Do the hosts show up on a discovery scan? If not, then you are probably right, networking.

How did you start the container, and what is your environment like?

You said you think it's networking... what makes you think that? (I mean, it sounds like it based on what you have said, but was there something else? )

-Scott

polin924fbn commented 2 years ago

Hi immauss I also have the same issue here. I tried to scan instances (running in AWS VPC) by providing IP addresses but I got nothing. I am able to curl the services running in the ec2 machines in AWS VPC (with VPN turned on) from the host directly and also from the inside the docker container. I can get the response. But I get nothing.

Do I have to setup SSH? I also tried Advanced Task Wizard and added SSH Credential but still not work.

I am running the container on Mac OS. The way to run it is:

docker run --detach --publish 8080:9392 -e PASSWORD=1234 --volume openvas:/data  --name openvas immauss/openvas

Will credentialed scan work? How to set it up?

thanks

immauss commented 2 years ago

A credentialed scan will give you much better results. It allows the scanner to login, and run checks on the host you are scanning. Without credentials, you are not really doing more than a discovery scan.

Just add credentials in the configuration menu, then add them to the host you are scanning. You may need to remove the host from an already run scan or create a new host with new credentials then use that for your target.

You can verify the credentials by running ssh from the container. This will verify the path and the credentials in one shot.

docker exec -it bash ssh

If you want more info ... ssh -v