Closed LoZio closed 2 years ago
Ok this is weird. The Discover scan is the only that gets the open ports, any other scan profile gets no open ports. In every test the scanned host was set to "consider alive".
With Discover the ports are here Changing the scan config in the same task to anything different from Discover gets no open ports. WTF? This if Full and fast:
Same host, container 20.08.04.6 runs out of the box with no configuration needed on the same target. Definitely something broken in the latest one.
Last test: tag 21.4.3 that is different from latest, same odd behaviour, not working.
I was able to run latest/53cdb09ef0c9 upgrading from a previous version on the same docker data volume, unfortunately I did not check which version. So it seems that initializing from scratch one of the recent images creates broken scan profiles, and I'm not able to discover what is broken
This sounds like an issue someone else had last week. It was the scanning profile. Could it be the same as this? https://github.com/immauss/openvas/issues/69
It is, I was looking for an open issue since it is current. In the end: if you set up a new container it creates the scan profiles downloading stuff. Those profile do not have the scanners enabled, except for Discover. If you upgrade a previous container keeping the old volume with profiles created before one of the latest images, it just keeps working. For anyone finding this thread, this is the exact flag you need to put: Before finding #69 I was looking for a similar setting in the options, but it is a Family in the network vulnerabilities test. Thank you @immauss
Using latest as of today. Should be 21.4.3 as per your doc but the about says 21.4.2. This is not the problem btw. I run the container from 3 different machines. After initial update I got the feeds in sync. I create any kind of scan (single host/network), the scan starts and does fined all the hosts on the subnet. It gets os info but then stops. No errors, just 0 open ports found. I'm getting mad at this. No way OpenVAS finds a single open port so anything is scanned. Test I've done: From the host I can scan a specific target with nmap and find the dozen open port it has. From inside the running container on the same host, nmap finds the same open ports. So I'm sure network is ok and TCP packets are not blocked in any way. Also two completely different network environments were tested with the same result. I configured the scan to use any predefined port range, created my ranges with only the open ports inside. I set the Alive test to anything possible. Nothing, always 0 ports found open in OV, and no scanning is happening. No errors in the report, it ends normally. Same on Ubuntu 20.04, Debian 10, Debian 11. On at least one of the server I ran older versions of the container successfully, but I don't remember which versions as it was months ago. Is there some kind of log I can check? Thanks