Closed rbhardwaj00 closed 7 years ago
here are logs :
root@docker-512mb-lon1-01:~# docker top openvas UID PID PPID C STIME TTY TIME CMD root 2170 2153 0 12:42 ? 00:00:00 /bin/sh -c /start root 2193 2170 0 12:42 ? 00:00:00 /bin/bash /start root 2195 2170 1 12:42 ? 00:00:39 redis-server 127.0.0 .1:6379 root 2213 2170 1 12:42 ? 00:00:32 openvassd: Waiting f or incoming connections root 2225 2170 0 12:42 ? 00:00:05 openvasmd root 2572 2193 0 12:46 ? 00:00:00 tail -F /var/log/ope nvas/gsad.log /var/log/openvas/openvasmd.log /var/log/openvas/openvassd.dump /va r/log/openvas/openvassd.messages
==> /var/log/openvas/openvasmd.log <== event target:MESSAGE:2017-09-04 12h53.18 UTC:388: Target Target for immediate scan of IP 46.227.54.67 (a91ede1e-7d05-4c5c-a404-731d3cfa1509) has been created by admin event task:MESSAGE:2017-09-04 12h53.18 UTC:388: Status of task (b70a2a4c-cdc2-45a4-8d70-5ed6e9d1eebd) has changed to New event task:MESSAGE:2017-09-04 12h53.18 UTC:388: Task Immediate scan of IP 46.227.54.67 (b70a2a4c-cdc2-45a4-8d70-5ed6e9d1eebd) has been created by admin event task:MESSAGE:2017-09-04 12h53.18 UTC:388: Status of task Immediate scan of IP 46.227.54.67 (b70a2a4c-cdc2-45a4-8d70-5ed6e9d1eebd) has changed to Requested event task:MESSAGE:2017-09-04 12h53.18 UTC:388: Task Immediate scan of IP 46.227.54.67 (b70a2a4c-cdc2-45a4-8d70-5ed6e9d1eebd) has been requested to start by admin event wizard:MESSAGE:2017-09-04 12h53.18 UTC:388: Wizard quick_first_scan has been run by admin event task:MESSAGE:2017-09-04 12h53.34 UTC:395: Status of task Immediate scan of IP 46.227.54.67 (b70a2a4c-cdc2-45a4-8d70-5ed6e9d1eebd) has changed to Running
==> /var/log/openvas/openvassd.messages <== [Mon Sep 4 12:54:02 2017][394] Starts a new scan. Target(s) : 46.227.54.67, with max_hosts = 30 and max_checks = 10 [Mon Sep 4 12:54:02 2017][394] exclude_hosts: Skipped 0 host(s). [Mon Sep 4 12:54:02 2017][394] Testing 46.227.54.67 (46.227.54.67) [421]
==> /var/log/openvas/openvasmd.log <== event task:MESSAGE:2017-09-04 12h54.05 UTC:395: Status of task Immediate scan of IP 46.227.54.67 (b70a2a4c-cdc2-45a4-8d70-5ed6e9d1eebd) has changed to Done
==> /var/log/openvas/openvassd.messages <== [Mon Sep 4 12:54:05 2017][421] The remote host (46.227.54.67) is dead [Mon Sep 4 12:54:05 2017][421] Finished testing 46.227.54.67. Time : 2.43 secs [Mon Sep 4 12:54:05 2017][394] Test complete [Mon Sep 4 12:54:05 2017][394] Total time to scan all hosts : 32 seconds
==> /var/log/openvas/gsad.log <== gsad main:WARNING:2017-09-04 12h55.35 UTC:48: MHD: Error: received handshake message out of context gsad main:WARNING:2017-09-04 12h55.54 UTC:48: MHD: Error: received handshake message out of context gsad main:WARNING:2017-09-04 12h55.55 UTC:48: MHD: Error: received handshake message out of context gsad main:WARNING:2017-09-04 12h58.34 UTC:48: MHD: Error: received handshake message out of context gsad main:WARNING:2017-09-04 12h59.44 UTC:48: MHD: Error: received handshake message out of context
==> /var/log/openvas/openvasmd.log <== md main:WARNING:2017-09-04 13h18.03 utc:37: accept_and_maybe_fork: failed to fork child: Cannot allocate memory
i manage to fix this upgraded the ram to 2GB memory 2 CPU but issue is now when i scan i getting no results back after like 15 sec
Hi @rbhardwaj00 I recommend between 2GB and 4GB and 2 CPU to run this. Scans can take 10-15 minutes.
Once you start the scan, if you run docker top <docker container id>
you'll be able to see all the scans it's doing. The first is generally nmap
which can take quite a while to scan all ports.
When you say "I get no results back" do you see an error or could it be just taking awhile?
hi mike it just says finish nothing there after 13 seconds and says report empty host might be dead but infact it alive as i tested it shows it on.
also i cant see option to export by pdf do i need to install anything?
On 5 September 2017 at 13:43, Mike Splain notifications@github.com wrote:
Hi @rbhardwaj00 https://github.com/rbhardwaj00 I recommend between 2GB and 4GB and 2 CPU to run this. Scans can take 10-15 minutes.
Once you start the scan, if you run docker top
you'll be able to see all the scans it's doing. The first is generally nmap which can take quite a while to scan all ports. When you say "I get no results back" do you see an error or could it be just taking awhile?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/mikesplain/openvas-docker/issues/138#issuecomment-327163733, or mute the thread https://github.com/notifications/unsubscribe-auth/AeG7cwofFRgBXN2Y7ltmZUqtG2I36Dy8ks5sfUH7gaJpZM4PL6jc .
@rbhardwaj00 can you try the ip vs the dns name of a host? I've seen this too but have been unable to diagnose. Most likely you're experiencing an issue with OpenVAS, not the the container.
You should be able to export the report in the top left corner. I'm not able to spin up a server a the moment but we include all the required utils in the package for PDF creation.
also mike does you container include SCAP and CERT. as your container didnt mention that when i download it yesterday it said NVT 1 day ago but over 2 8 days ago .
On 5 September 2017 at 13:48, Mike Splain notifications@github.com wrote:
@rbhardwaj00 https://github.com/rbhardwaj00 can you try the ip vs the dns name of a host? I've seen this too but have been unable to diagnose. Most likely you're experiencing an issue with OpenVAS, not the the container.
You should be able to export the report in the top left corner. I'm not able to spin up a server a the moment but we include all the required utils in the package for PDF creation.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/mikesplain/openvas-docker/issues/138#issuecomment-327164986, or mute the thread https://github.com/notifications/unsubscribe-auth/AeG7cwmpoBDoUjOWxfKuhM6rEL70fOBUks5sfUMugaJpZM4PL6jc .
@rbhardwaj00 Yes it includes this.
mike how do you create additional users to be able to login. with there own username pass on openvas interface.
Hi i manage to run openvas using your container and login but after i run a scan i get logged off and then i cant reach the url as i get This site can’t be reached ip...... unexpectedly closed the connection.
i tried this twice.
is there a reason why.