FIX Scan Interrupted at 0%

Hi all,

I have finished install openvas from source in a Debian12 host and i need help to solve the following error.
When I try to perform a scan it automaticattly result as a fail, it reports the following in the webUI:
ErrorOPENVAS

Also I could check that all the services were running but some warnings appeared and i dont know if it is related with my fail or not.

OSPD-openvas.log

OSPD[816] 2024-06-21 06:30:38,133: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:30:49,239: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:30:52,860: INFO: (ospd.command.command) Scan 7417d86f-52ee-486c-b8ff-20bf19321458 added to the queue in position 2.
OSPD[816] 2024-06-21 06:30:59,558: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:31:00,820: INFO: (ospd.ospd) Currently 1 queued scans.
OSPD[816] 2024-06-21 06:31:01,091: INFO: (ospd.ospd) Starting scan 7417d86f-52ee-486c-b8ff-20bf19321458.
OSPD[816] 2024-06-21 06:31:09,560: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:31:19,561: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:31:29,562: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:31:39,563: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:31:49,565: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:31:59,566: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:32:09,567: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:32:12,265: WARNING: (ospd_openvas.daemon) Missing VT oid for a result
OSPD[816] 2024-06-21 06:32:12,266: WARNING: (ospd_openvas.daemon) Invalid VT oid for a result
OSPD[816] 2024-06-21 06:32:13,272: INFO: (ospd.ospd) 7417d86f-52ee-486c-b8ff-20bf19321458: Host scan finished.
OSPD[816] 2024-06-21 06:32:13,276: INFO: (ospd.ospd) 7417d86f-52ee-486c-b8ff-20bf19321458: Host scan got interrupted. Progress: 0, Status: RUNNING
OSPD[816] 2024-06-21 06:32:13,276: INFO: (ospd.ospd) 7417d86f-52ee-486c-b8ff-20bf19321458: Scan interrupted.
OSPD[816] 2024-06-21 06:32:13,343: INFO: (ospd.ospd) 7417d86f-52ee-486c-b8ff-20bf19321458: Scan process is dead and its progress is 0
OSPD[816] 2024-06-21 06:32:13,344: INFO: (ospd.ospd) 7417d86f-52ee-486c-b8ff-20bf19321458: Scan interrupted.
OSPD[816] 2024-06-21 06:32:19,568: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.
OSPD[816] 2024-06-21 06:32:29,569: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.

In openvas.log we can see:

libgvm util:MESSAGE:2024-06-19 12h51.01 utc:1435: Updated NVT cache from version 0 to 202406140605
libgvm util:MESSAGE:2024-06-20 09h27.19 utc:30818: Updated NVT cache from version 202406140605 to 202406190607
sd main:MESSAGE:2024-06-20 12h30.01 utc:35793:764e7ffb-e728-496d-8fef-f7a5f410019c: openvas 23.0.1 started
sd main:MESSAGE:2024-06-20 12h30.01 utc:35793:764e7ffb-e728-496d-8fef-f7a5f410019c: attack_network_init: LSC via openvasd
sd main:MESSAGE:2024-06-20 12h30.01 utc:35793:764e7ffb-e728-496d-8fef-f7a5f410019c: Vulnerability scan 764e7ffb-e728-496d-8fef-f7a5f410019c started: Target has 126 hosts: 10.30.20.0/25, with max_hosts = 20 and max_checks = 4
libgvm boreas:WARNING:2024-06-20 12h30.01 utc:35793:764e7ffb-e728-496d-8fef-f7a5f410019c: set_socket: failed to open ICMPV4 socket: Operation not permitted
libgvm boreas:WARNING:2024-06-20 12h30.01 utc:35793:764e7ffb-e728-496d-8fef-f7a5f410019c: start_alive_detection. Boreas could not initialise alive detection. Boreas was not able to open a new socket. Exit Boreas.
sd main:MESSAGE:2024-06-20 12h30.02 utc:35793:764e7ffb-e728-496d-8fef-f7a5f410019c: Vulnerability scan 764e7ffb-e728-496d-8fef-f7a5f410019c finished in 1 seconds: 0 alive hosts of 126

Thanks in advanced,
Regards,

OSPD[816] 2024-06-21 06:31:49,565: WARNING: (ospd_openvas.messaging.mqtt) Could not connect to MQTT broker, error was: [Errno 111] Connection refused. Trying again in 10s.

Do you have MQTT broker installed? It seems there may be a problem with the source code build docs that has not been resolved. For example, MQTT broker service may need to be installed and enabled if there is still some dependency on it, such as gvm-libs, or ospd-openvas. :thinking: Not 100% sure, since i have not taken a close look at this in some time.

Hello,
By Installing MQTT broker service y could solve the warning error but it still report other error:

OSPD[797] 2024-06-24 09:17:39,681: INFO: (ospd.ospd) Starting scan 9814ef4e-f022-4a77-8da5-3da4f9c076ef.
OSPD[797] 2024-06-24 09:17:41,665: WARNING: (ospd_openvas.daemon) Missing VT oid for a result
OSPD[797] 2024-06-24 09:17:41,667: WARNING: (ospd_openvas.daemon) Invalid VT oid for a result
OSPD[797] 2024-06-24 09:17:42,674: INFO: (ospd.ospd) 8647e117-d4a2-4c71-b30e-bc1f4670e3fc: Host scan finished.

Thats only occurs when I select any openvas alive test in the target config, but if I select consider alive option the test can continuoe with no problem.

Regards,

Also we have the next error:

sd main:MESSAGE:2024-06-24 12h43.24 utc:10945:d5d3bfff-fe7c-447b-b5b2-0914c1ac5e02: Vulnerability scan d5d3bfff-fe7c-447b-b5b2-0914c1ac5e02 started: Target has 1 hosts: 10.30.20.71, with max_hosts = 20 and max_checks = 4
libgvm boreas:WARNING:2024-06-24 12h43.24 utc:10945:d5d3bfff-fe7c-447b-b5b2-0914c1ac5e02: set_socket: failed to open ICMPV4 socket: Operation not permitted
libgvm boreas:WARNING:2024-06-24 12h43.24 utc:10945:d5d3bfff-fe7c-447b-b5b2-0914c1ac5e02: start_alive_detection. Boreas could not initialise alive detection. Boreas was not able to open a new socket. Exit Boreas.
sd main:MESSAGE:2024-06-24 12h43.25 utc:10945:d5d3bfff-fe7c-447b-b5b2-0914c1ac5e02: Vulnerability scan d5d3bfff-fe7c-447b-b5b2-0914c1ac5e02 finished in 11 seconds: 0 alive hosts of 1

VISUDO must be ok:

This file MUST be edited with the ‘visudo’ command as root.

Please consider adding local content in /etc/sudoers.d/ instead of

directly modifying this file.

See the man page for details on how to write a sudoers file.

Defaults env_reset
Defaults mail_badpass
#Defaults secure_path=“/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin”

This fixes CVE-2005-4890 and possibly breaks some versions of kdesu

(#1011624, 452532 – kdesu stopped working in KUbuntu due to sudo's use_pty option)

Defaults use_pty

This preserves proxy settings from user environments of root

equivalent users (group sudo)

#Defaults:%sudo env_keep += “http_proxy https_proxy ftp_proxy all_proxy no_proxy”

This allows running arbitrary commands, but so does ALL, and it means

different sudoers have their choice of editor respected.

#Defaults:%sudo env_keep += “EDITOR”

Completely harmless preservation of a user preference.

#Defaults:%sudo env_keep += “GREP_COLOR”

While you shouldn’t normally run git as root, you need to with etckeeper

#Defaults:%sudo env_keep += “GIT_AUTHOR_* GIT_COMMITTER_*”

Per-user preferences; root won’t have sensible values for them.

#Defaults:%sudo env_keep += “EMAIL DEBEMAIL DEBFULLNAME”

“sudo scp” or “sudo rsync” should be able to use your SSH agent.

#Defaults:%sudo env_keep += “SSH_AGENT_PID SSH_AUTH_SOCK”

Ditto for GPG agent

#Defaults:%sudo env_keep += “GPG_AGENT_INFO”

Host alias specification

User alias specification

Cmnd alias specification

User privilege specification

root ALL=(ALL:ALL) ALL
gvm ALL = NOPASSWD: ALL
redis ALL = NOPASSWD: ALL
dpina ALL = NOPASSWD: ALL
avahi ALL = NOPASSWD: ALL

allow users of the gvm group run openvas

%gvm ALL = NOPASSWD: ALL

Allow members of group sudo to execute any command

%sudo ALL=(ALL:ALL) ALL

See sudoers(5) for more information on “@include” directives:

@includedir /etc/sudoers.d

I need help to solve the next issue:

WARNING: (ospd_openvas.daemon) Missing VT oid for a result
OSPD[3493] 2024-06-28 12:01:53,237: WARNING: (ospd_openvas.daemon) Invalid VT oid for a result
OSPD[3493] 2024-06-28 12:01:53,739: WARNING: (ospd_openvas.daemon) Missing VT oid for a result
OSPD[3493] 2024-06-28 12:01:53,740: WARNING: (ospd_openvas.daemon) Invalid VT oid for a result

I have advanced a bit more in the case.
Finally to avoid the socket error :

set_socket: failed to open ICMPV4 socket: Operation not permitted

I run this function from ROOT user:

/usr/bin/python3 /usr/local/bin/ospd-openvas --foreground --unix-socket /run/ospd/ospd-openvas.sock --pid-file /run/ospd/ospd-openvas.pid --log-file /var/log/gvm/ospd-openvas.log --lock-file-dir lib/openvas --socket-mode 0o770 --notus-feed-dir /var/lib/notus/advisories

And looks like that everything goes right do you know how to help me reconfigure openvas to get permisons to that as default from gvm user?

The only warnong that I get when use a full and fast test is the following:

OSPD[869819] 2024-07-12 07:16:59,273: WARNING: (ospd_openvas.daemon) Missing VT oid for a result
OSPD[869819] 2024-07-12 07:16:59,274: WARNING: (ospd_openvas.daemon) Invalid VT oid  for a result

Thanks you for your help.
Regards,