Greenbone Security Assistant, does the scan but don't find notting

ManuelFranco · July 31, 2023, 3:45pm

Good afternoon everybody,
I recently installed an Ubuntu machine (v. 22.04), and I put the Greenbone Security Assintant running on it, when I loaded some assets and went to run the scan, I automatically received the result, which never changed, it was always 0.0 log (as shown in the print) , can anyone help me?

Thanks in advance.

rippledj · July 31, 2023, 8:43pm

If you look at the scan task’s results and enable logs for the filter, what do the logs say about the scan?

To enable logs in the results, click the edit filter icon in the top right corner of the filter task section, and then enabled Logs and save the filter setting.

A couple of possible reasons are:

There are no vulnerabilities found on the target host (maybe unlikely)
Maybe the alive-test is not sufficient to detect the services on the host

Reading the logs should help determine which of these are the cause.

ManuelFranco · August 1, 2023, 9:47am

@rippledj thank you for your help,
I’ve tried looking for the Logs option but I haven’t found anything, I only have the options that are in the image below.

ManuelFranco · August 1, 2023, 10:07am

When I started the scan again, I left the following command running on the machine:
docker-compose -f docker-compose.yml -p greenbone-community-edition logs -f
And the result is in the image below, nothing unusual I think.

Martin · August 1, 2023, 10:39am

You will need to view the report of the scan and apply the filter there. In your screenshot you are still viewing the tasks page.

Also see our documentation here: 11 Reports and Vulnerability Management — Greenbone Enterprise Appliance 22.04.13 documentation

ManuelFranco · August 1, 2023, 10:49am

I get this @Martin, its all normal i think.

Martin · August 1, 2023, 11:57am

Please see the “Results” tab. Log messages which provide information about the scan are shown there. Error Messages are only shown for severe problems.

For what it is worth, I suspect you configured the scan task without providing a credential for the target. Credentials are used to authenticate to the target of the scan, which allows the scanner to identify much more vulnerabilities.

For an unauthenticated scan, a report similar to yours can be quite normal for a reasonably up-to-date target.

For more information on authenticated scans see 10 Scanning a System — Greenbone Enterprise Appliance 22.04.13 documentation.

cfi · August 1, 2023, 12:57pm

Also note that no ports containing results have been identified. This could have also various reasons:

No open TCP/UDP ports have been identified which is a prerequisite for successful scans
The open ports on the target are not included in the used port list
The scanner isn’t able to reach the target at all (and the “Consider alive” alive criteria has been used)

ManuelFranco · August 16, 2023, 1:44pm

Hey Guys,
I was busy with other work and didn’t have time to play with Greenbone, but when I had some time I went to do some tests and out of nowhere the scans were already working without me having done anything. I don’t know what happened, but it worked. Thank you for your support.

Jabberwocky · January 24, 2024, 10:37am

Good for you, bad for me
i have the same issue. the scans are over after a few seconds without any results.

ManuelFranco · January 29, 2024, 2:25pm

Hi @Jabberwocky, when did you install the “Greenbone machine”?
For me, the problem resolved itself… I don’t know what happened, so I don’t think I can help you, maybe if you provide some more information I can help you, thank you.

rippledj · January 30, 2024, 5:01am

This section from the Greenbone Community Edition documentation - troubleshooting section may help identify the cause of your empty scan results.