search

kimocrossman1 / opendlp

Automatically exported from code.google.com/p/opendlp
0 stars 0 forks source link

Typical scan times? #8

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Of those who have gotten the agent to work, what was your average scan time?  I 
started my first test scan using the VM of my test victim a little over 3 hours 
ago and the scan status still reads "-1: Deploying", is this normal?

on a side note, does the agent require any other port than 443 be open on the 
VM image in order to run?

Original issue reported on code.google.com by vyrus....@gmail.com on 1 Sep 2010 at 6:06

GoogleCodeExporter commented 9 years ago 
My average scan times depend on how many regexes I enable. A good ballpark 
estimate is 2 GB per hour.

It is not normal for your OpenDLP scan to be stuck at the "-1" state for so 
long.
1. What message did you get from that system when you deployed the agent?
2. Do you have the correct authentication credentials?
3. Did you specify the Workgroup, even if it is not part of a domain? That is 
required.
4. Do your authentication credentials have local administrator privileges on 
the system?
5. Can you look at the test victim to see if the service created the 
installation path, copied the files, and created the service?
6. If you are still having issues, can you clean up the test victim system 
(delete the OpenDLP installation directory, manually remove the service), then 
rerun the deployment with debugging set as high as possible?  Then email the 
log to me.

443 is the only required port to be open. The agents communicate strictly over 
443 with the web server for everything.

Original comment by andrew.O...@gmail.com on 1 Sep 2010 at 10:56

GoogleCodeExporter commented 9 years ago 
Solved the issue.

When creating a new profile the URL used in reporting results is set to the URL 
of the web management console by default.  As the host I am scanning is NOT my 
VM host but another system entirely, that URL had to be set to the public ip of 
my VM host and forwarded port <https://ip:pubfwdport>

After changing that everything ran smoothly.

Original comment by vyrus....@gmail.com on 2 Sep 2010 at 4:10

GoogleCodeExporter commented 9 years ago

Original comment by andrew.O...@gmail.com on 2 Sep 2010 at 9:55