I’ve seen other similar threads on here, but none of them refer to the exact problem I am having. I’ve tried a ton of different IPs, and the OpenVAS logs show that the host is alive for all of them, but the scan won’t go any further and it shows “No Hosts available” in the scan report. Here is an example of the log entries.
libgvm boreas:MESSAGE:2024-01-08 21h23.19 utc:31734:17c985ac-f4af-421b-9595-f7d8095a96ff: Alive scan 17c985ac-f4af-421b-9595-f7d8095a96ff started: Target has 1 hosts
sd main:MESSAGE:2024-01-08 21h23.20 utc:31762:17c985ac-f4af-421b-9595-f7d8095a96ff: Vulnerability scan 17c985ac-f4af-421b-9595-f7d8095a96ff started for host: 10.100.100.137
libgvm boreas:MESSAGE:2024-01-08 21h23.23 utc:31734:17c985ac-f4af-421b-9595-f7d8095a96ff: Alive scan 17c985ac-f4af-421b-9595-f7d8095a96ff finished in 4 seconds: 1 alive hosts of 1.
After this, the log never shows any more entries for any of the scans until I manually stop it. I’ve given it up to ~8 hours of a running scan without a single entry.
EDIT: Should add that I assume something must have changed in the last week or so, because I’ve been using the same VM and have made no real configuration changes. And as recently as Friday it was able to flawlessly run a scan. If I attempt to re-run that scan now, however, it will show no available hosts.
You have to verify your alive criteria. There are many factors that can give you a false impression that a host is alive that is not, like “proxy ARP” etc … here are many posts discussion that in high detail.
I understand that, and I’ve looked through some of your replies on posts that discuss that. I guess I forgot to mention in my original post, but I know the host is alive. I’ve run nmap scans on the target and it successfully shows open ports, domain name, etc. That much I already know is confirmed, it’s just on GVM that the scans aren’t showing that the host is available.
Hmm what alive criteria do you use ? ICMP is always a good start if you can ping the host. If you are certain that the host is up “consider alive” is your way, but that is slowing down your scan speed if the host is dead anyway.
I’ve tested all of them. They all had the same result except TCP-ACK which showed “0 out of 0” on the hosts tab as opposed to the rest which showed “0 out of 1”. TCP-ACK still showed “1 out of 1 found alive” in the OpenVAS logs, though.
Hmm you need to investigate that on the wire, i think you have a network issue. TCPDUMP is your friend. Good luck …
It likely has something to do with our DNS server. DC has been dying for awhile and a power outage the other night was the final blow. Working on migrating to a new server right now and will likely get back to scanning sometime after that. I can shoot back and let you know how it goes when I get there. Appreciate the help, though