Number of simultaneous nmap processes/scans

In the first phase of the scan, GVM lauches several openvas processes in parallel:

root 3565 0.0 0.1 178208 16832 ? SN 13:35 0:00 openvas: testing (/var/lib/openvas/plugins/nmap.nasl)
root 3566 0.0 0.1 178208 16844 ? SN 13:35 0:00 openvas: testing (/var/lib/openvas/plugins/nmap.nasl)
root 3567 0.0 0.1 178208 16844 ? SN 13:35 0:00 openvas: testing (/var/lib/openvas/plugins/nmap.nasl)

Each of those launches a single nmap process:

root       3589  2.5  0.0  58572 13756 ?        SN   13:35   0:00 nmap -n -Pn -oG /tmp/nmap- -sT -sU -p T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,593,623,626,631,996-999,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,3703,4444,4500,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185-49186,49188,49190-49194,49200-49201 -T4

[root@netz-secscan] /root# ps auxwww|egrep nmap | wc -l

In total, I counted 30 openvas processes, each launching one nmap process.

Where/how can I reduce this parallelism?

Just change your task when you creating one:

Keywords: Maximum concurrently executed NVTs per host
Maximum concurrently scanned hosts

1 Like

No, that’s not helping. It’s not the NVTs, but the initial nmap scan (which is running at much higher concurrency).

hey hildeb
Would you tell me from where you copy this piece of logs ?
I really need to know How openvas run Ips and nvts against IP in sequential order ?

These are not logs, this is just an overview about the processes running.

All I did was use “ps auxwww” and the use grep on the output:

ps auxwww|grep "(openvas:|nmap)"

1 Like

Thanks for your reply
I will check that

You can try our new host alive detection by setting test_alive_hosts_only = yes in the openvas.conf file (see changes at GVM 20.08 (oldstable, initial release 2020-08-12) It doesn’t use nmap at all. But it might also be possible that nmap is used beside host alive detection. In that case you need to reduce the number of parallel nvts in the task settings.