No scan results in certain zones with OS 21.04.1

Dear all

I recently updated to GSM21.04.1 (OVA based) from the previous version GSM6.0.10 (ISO version) on VMWare ESXi. Now I have a strange behavior.

I use one scanner to hop around in several security zones. It is just a temporary solution until we switch over to GMSP by begin of next year.

In internal zones it works properly and scans everything. In DMZ based zones, it doesn’t find any hosts and doesn’t provide any results. With the previous version 6.0.10 (ISO based) it worked without an issue.

When I use the support command line I can ping hosts, so the connectivity to the zone and the hosts contained in that zone is available.

One thing I have seen is, that with an internal scan it quickly provides the hosts found. But with the DMZ the scan without results takes about 2 hours for scanning 250 IP addresses.

Is this a known bug and an upgrade to a more recent version will fix it?
Is there a possibility to have a look into the scanner logs to find out a little bit more about what the error is?

Used GSM version: 21.04.1

Best regards

Hello Werner, welcome to the Greenbone Community!

In GOS 21.04 we have introduced a new way to detect alive hosts:

This is likely related, but I cannot pinpoint the exact root cause right now.

Since the new alive detection method is sending requests faster, could it be that the firewalls of the DMZ, or any other intrusion detection systems, are blocking or slowing down requests from the GSM?

Also, if you were using a custom scan config, did you adjust any settings of the VT Ping Host in the VT family Port scanners? These settings may no longer work as expected in 21.04. If so, please try again with default settings.

Last but not least, have you tried different Alive Test settings for the target?

1 Like

Dear Martin

Yes, I tried different settings, even “Consider Alive”. And still then it doesn’t detect and scan the hosts.

And no, I didn’t change any default settings. It is set up as from the fresh install.

As written above, I went to the support shell and pinged the alive hosts manually and I got from all of these answers.

So there is no firewall in between because I scan directly in the DMZ. I even tried to lower the MTU to the minimum, but this also didn’t work.

Best regards