Hello!!
I am having some "issues" with Kali and Openvas on my Raspberry Pi 2.
I have Greenbone up and running, however on a known vulnerable system it picks up nothing. It does recognise the OS but nothing else.
Openvas-check-setup
nbstat -tunap givesCode:Test completeness and readiness of OpenVAS-7 (add '--v4', '--v5', '--v6' or '--v8' if you want to check for another OpenVAS version) Please report us any non-detected problems and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem. Use the parameter --server to skip checks for client tools like GSD and OpenVAS-CLI. Step 1: Checking OpenVAS Scanner ... OK: OpenVAS Scanner is present in version 4.0.2. OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem. OK: OpenVAS Scanner server certificate is valid and present as /var/lib/openvas/CA/servercert.pem. OK: NVT collection in /var/lib/openvas/plugins contains 38308 NVTs. WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner. SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html). OK: The NVT cache in /var/cache/openvas contains 38308 files for 38308 NVTs. Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 5.0.2. OK: OpenVAS Manager client certificate is valid and present as /var/lib/openvas/CA/clientcert.pem. OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db. OK: Access rights for the OpenVAS Manager database are correct. OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled. OK: OpenVAS Manager database is at revision 123. OK: OpenVAS Manager expects database at revision 123. OK: Database schema is up to date. OK: OpenVAS Manager database contains information about 38308 NVTs. OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db. OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db. OK: xsltproc found. Step 3: Checking user configuration ... dirname: extra operand `/etc/openvas/openvassd.conf' Try `dirname --help' for more information. grep: /pwpolicy.conf: No such file or directory WARNING: Your password policy is empty. SUGGEST: Edit the /pwpolicy.conf file to set a password policy. Step 4: Checking Greenbone Security Assistant (GSA) ... OK: Greenbone Security Assistant is present in version 5.0.1. Step 5: Checking OpenVAS CLI ... OK: OpenVAS CLI version 1.3.0. Step 6: Checking Greenbone Security Desktop (GSD) ... SKIP: Skipping check for Greenbone Security Desktop. Step 7: Checking if OpenVAS services are up and running ... OK: netstat found, extended checks of the OpenVAS services enabled. OK: OpenVAS Scanner is running and listening on all interfaces. OK: OpenVAS Scanner is listening on port 9391, which is the default port. OK: OpenVAS Manager is running and listening on all interfaces. OK: OpenVAS Manager is listening on port 9390, which is the default port. WARNING: Greenbone Security Assistant is running and listening only on the local interface. This means that you will not be able to access the Greenbone Security Assistant from the outside using a web browser. SUGGEST: Ensure that Greenbone Security Assistant listens on all interfaces. OK: Greenbone Security Assistant is listening on port 9392, which is the default port. Step 8: Checking nmap installation ... WARNING: Your version of nmap is not fully supported: 6.47 SUGGEST: You should install nmap 5.51. Step 9: Checking presence of optional tools ... OK: pdflatex found. OK: PDF generation successful. The PDF report format is likely to work. OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work. OK: rpm found, LSC credential package generation for RPM based targets is likely to work. OK: alien found, LSC credential package generation for DEB based targets is likely to work. OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work. It seems like your OpenVAS-7 installation is OK.
If I have a look at the logsCode:Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:9390 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:9391 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:9392 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 45 0 192.168.1.151:40675 173.194.66.95:443 ESTABLISHED tcp 0 0 192.168.1.151:41794 216.58.209.226:443 ESTABLISHED tcp 0 0 192.168.1.151:50890 198.50.203.232:443 ESTABLISHED tcp 45 0 192.168.1.151:45112 216.58.209.225:443 ESTABLISHED tcp6 0 0 :::22 :::* LISTEN udp 0 0 0.0.0.0:53585 0.0.0.0:* udp 0 0 0.0.0.0:62372 0.0.0.0:* udp 0 0 0.0.0.0:68 0.0.0.0:* udp 0 0 0.0.0.0:68 0.0.0.0:* udp6 0 0 :::54768 :::* udp6 0 0 :::4700 :::*
The bit in red confuses me as well. Are there any other places I should be looking?Code:Documents# tail /var/log/openvas/openvasmd.log lib serv:WARNING:2015-03-24 15h21.06 utc:18468: Failed to gnutls_bye: Error in the push function. lib auth: INFO:2015-03-24 15h22.54 utc:18551: Authentication configuration not found. event task:MESSAGE:2015-03-24 15h28.55 UTC:18689: Task f480766f-cfd2-42c5-9faa-4ea66989257d has been deleted by admin event task:MESSAGE:2015-03-24 15h29.21 UTC:18698: Status of task (2fe21729-dbe2-466a-a671-8bbc896cc859) has changed to New event task:MESSAGE:2015-03-24 15h29.24 UTC:18698: Task 2fe21729-dbe2-466a-a671-8bbc896cc859 has been created by admin event task:MESSAGE:2015-03-24 15h29.44 UTC:18707: Status of task unnamed (2fe21729-dbe2-466a-a671-8bbc896cc859) has changed to Requested event task:MESSAGE:2015-03-24 15h29.51 UTC:18707: Task 2fe21729-dbe2-466a-a671-8bbc896cc859 has been requested to start by admin lib serv:WARNING:2015-03-24 15h29.51 UTC:18707: Failed to gnutls_bye: Error in the push function. event task:MESSAGE:2015-03-24 15h30.15 UTC:18712: Status of task unnamed (2fe21729-dbe2-466a-a671-8bbc896cc859) has changed to Running event task:MESSAGE:2015-03-24 15h35.37 UTC:18712: Status of task unnamed (2fe21729-dbe2-466a-a671-8bbc896cc859) has changed to Done
