Not scanning public/external IP

[nisar-med]

I have tried scanning public IP addresses using greenbone security web interface and the scanner just finishes with an empty report and /var/log/openvas/openvasmd.log says the host is dead.

I can scan localhost without any problems. I am using boot2docker in Mac OS to run the docker image and it seems that it has something to do with openvassd configuration to allow scanning of external IP addresses but I can't figure it out.

[mikesplain]

I've seen this a few times, could be the same as https://github.com/mikesplain/openvas-docker/issues/84. Can you provide the full log? Also, try to scan a public djs record before scanning an ip and let me know the results. Thanks!

[nisar-med]

Pasting full log in the end of this message.

Found this post which is kind of related but applicable to older version. http://www.backtrack-linux.org/forums/showthread.php?t=59874

Also is there a way to debug openvassd service? (log_whole_attack = yes already enabled), I think nmap is returning "host is dead". I tried google.com and it is taking forever at 1%. $ docker exec -it openvas tail -f /var/log/openvas/openvassd.messages

[Mon Jun 20 12:22:00 2016][818] Starts a new scan. Target(s) : 59.167.29.49, with max_hosts = 30 and max_checks = 10 [Mon Jun 20 12:22:00 2016][818] exclude_hosts: Skipped 0 host(s). [Mon Jun 20 12:22:00 2016][818] Testing securesites.toowards.com (59.167.29.49) [839] [Mon Jun 20 12:22:03 2016][839] The remote host (59.167.29.49) is dead [Mon Jun 20 12:22:03 2016][839] Finished testing 59.167.29.49. Time : 3.51 secs [Mon Jun 20 12:22:03 2016][818] Test complete [Mon Jun 20 12:22:04 2016][818] Total time to scan all hosts : 12 seconds

$ docker exec -it openvas tail -f /var/log/openvas/openvasmd.log

md otp:MESSAGE:2016-06-20 12h12.11 utc:47: Scanner loading: 47250 / 47486 nvts. lib auth: INFO:2016-06-20 12h12.52 utc:125: Authentication configuration not found. event target:MESSAGE:2016-06-20 12h21.47 UTC:814: Target 218ac69a-74ec-48dd-8113-dbfb342d18c0 has been created by admin event task:MESSAGE:2016-06-20 12h21.47 UTC:814: Status of task (5d53a742-be32-4394-a879-6076b23da9c1) has changed to New event task:MESSAGE:2016-06-20 12h21.47 UTC:814: Task 5d53a742-be32-4394-a879-6076b23da9c1 has been created by admin event task:MESSAGE:2016-06-20 12h21.48 UTC:814: Status of task Immediate scan of IP 59.167.29.49 (5d53a742-be32-4394-a879-6076b23da9c1) has changed to Requested event task:MESSAGE:2016-06-20 12h21.48 UTC:814: Task 5d53a742-be32-4394-a879-6076b23da9c1 has been requested to start by admin event wizard:MESSAGE:2016-06-20 12h21.48 UTC:814: Wizard quick_first_scan has been run by admin event task:MESSAGE:2016-06-20 12h21.53 UTC:820: Status of task Immediate scan of IP 59.167.29.49 (5d53a742-be32-4394-a879-6076b23da9c1) has changed to Running event task:MESSAGE:2016-06-20 12h22.04 UTC:820: Status of task Immediate scan of IP 59.167.29.49 (5d53a742-be32-4394-a879-6076b23da9c1) has changed to Done

[ghost]

I'm getting the exact same problem. Host OS is Ubuntu 15.10 Wily.

[Thu Aug  4 17:46:11 2016][27162] openvassd 5.0.5 started
[Thu Aug  4 17:47:19 2016][27199] Client not present
[Thu Aug  4 18:00:07 2016][27162] Received the Terminated signal
[Thu Aug 11 02:03:09 2016][23] openvassd 5.0.5 started
[Thu Aug 11 02:03:34 2016][35] Client not present
[Thu Aug 11 02:07:40 2016][444] Starts a new scan. Target(s) : REDACTED, with max_hosts = 30 and max_checks = 10
[Thu Aug 11 02:07:40 2016][444] exclude_hosts: Skipped 0 host(s).
[Thu Aug 11 02:07:40 2016][444] Testing handy.com (REDACTED) [456]
[Thu Aug 11 02:07:42 2016][456] The remote host (REDACTED) is dead
[Thu Aug 11 02:07:43 2016][456] Finished testing REDACTED. Time : 2.94 secs
[Thu Aug 11 02:07:43 2016][444] Test complete
[Thu Aug 11 02:07:43 2016][444] Total time to scan all hosts : 8 seconds

[mikesplain]

I'm no longer seeing this after v9 so closing. Please reopen if you experience this again