Scan is stuck on nmap.nasl

Getting Started
1

My scan is still at 0% after 2 hours, am I impatient or is it stuck?

When i run HTOP it looks like it is stuck on openvas: openvas: testing x.x.x.x (nmap.nasl)

  • Target
    • Hosts: 5 public IPs (Azure NSG should drop all packages)
    • Port list: All TCP and Nmap top 100 UDP
    • Alive test: Consider Alive
  • Task/Scanner
    • Name: OpenVAS Default
    • Scan config: Full and fast
    • Order for target hosts: sequential
    • Max NVTs: 4
    • Max hosts: 20

HTOP output

  6677 root       20   0  2680  1536  1536 S  0.0  0.0  0:00.01 β”‚  β”œβ”€ /bin/sh/usr/bin/tini – /usr/local/bin/entrypoint ospd-openvas -f --config /etc/gvm/ospd-openvas.conf --notus-feed-dir /var/lib/notus/advisories -m 666
  9825 1001       20   0  425M  257M 13952 S  0.0  1.6  1:30.84 β”‚  β”‚  β”œβ”€ /usr/bin/python3 /usr/local/bin/ospd-openvas -f --config /etc/gvm/ospd-openvas.conf --notus-feed-dir /var/lib/notus/advisories -m 666
  9937 1001       20   0  417M 65156  6656 S  0.0  0.4  0:47.67 β”‚  β”‚  β”‚  β”œβ”€ /usr/bin/python3 /usr/local/bin/ospd-openvas -f --config /etc/gvm/ospd-openvas.conf --notus-feed-dir /var/lib/notus/advisories -m 666
  9938 1001       20   0  417M 65156  6656 S  0.0  0.4  0:02.48 β”‚  β”‚  β”‚  β”‚  β”œβ”€ /usr/bin/python3 /usr/local/bin/ospd-openvas -f --config /etc/gvm/ospd-openvas.conf --notus-feed-dir /var/lib/notus/advisories -m 666
 11440 1001       20   0  417M 65156  6656 S  0.0  0.4  0:00.65 β”‚  β”‚  β”‚  β”‚  β”œβ”€ /usr/bin/python3 /usr/local/bin/ospd-openvas -f --config /etc/gvm/ospd-openvas.conf --notus-feed-dir /var/lib/notus/advisories -m 666
794452 1001       20   0  417M 65156  6656 S  0.0  0.4  0:02.76 β”‚  β”‚  β”‚  β”‚  └─ /usr/bin/python3 /usr/local/bin/ospd-openvas -f --config /etc/gvm/ospd-openvas.conf --notus-feed-dir /var/lib/notus/advisories -m 666
  9942 1001       20   0  425M  257M 13952 S  0.0  1.6  0:12.37 β”‚  β”‚  β”‚  β”œβ”€ /usr/bin/python3 /usr/local/bin/ospd-openvas -f --config /etc/gvm/ospd-openvas.conf --notus-feed-dir /var/lib/notus/advisories -m 666
794449 1001       20   0  425M  249M  6016 S  0.0  1.6  0:22.21 β”‚  β”‚  β”‚  └─ /usr/bin/python3 /usr/local/bin/ospd-openvas -f --config /etc/gvm/ospd-openvas.conf --notus-feed-dir /var/lib/notus/advisories -m 666
794612 1001       30  10  169M 34364 14848 S  0.0  0.2  0:02.35 β”‚  β”‚  β”‚     └─ openvas --scan-start 46045508-4f32-4c81-824b-875d444aacbb
794633 1001       30  10  169M 22432  2816 S  0.0  0.1  0:00.00 β”‚  β”‚  β”‚        β”œβ”€ openvas: openvas: testing x.x.x.x
794662 1001       30  10  169M 21032  2688 S  0.0  0.1  0:00.00 β”‚  β”‚  β”‚        β”‚  └─ openvas: openvas: testing x.x.x.x (nmap.nasl)
794634 1001       30  10  169M 22588  2944 S  0.0  0.1  0:00.00 β”‚  β”‚  β”‚        β”œβ”€ openvas: openvas: testing x.x.x.x
794669 1001       30  10  169M 21032  2688 S  0.0  0.1  0:00.00 β”‚  β”‚  β”‚        β”‚  └─ openvas: openvas: testing x.x.x.x (nmap.nasl)
794635 1001       30  10  169M 22432  2816 S  0.0  0.1  0:00.00 β”‚  β”‚  β”‚        β”œβ”€ openvas: openvas: testing x.x.x.x
794660 1001       30  10  169M 21032  2560 S  0.0  0.1  0:00.00 β”‚  β”‚  β”‚        β”‚  └─ openvas: openvas: testing x.x.x.x (nmap.nasl)
794636 1001       30  10  169M 22436  2816 S  0.0  0.1  0:00.00 β”‚  β”‚  β”‚        β”œβ”€ openvas: openvas: testing x.x.x.x
794667 1001       30  10  169M 20908  2560 S  0.0  0.1  0:00.00 β”‚  β”‚  β”‚        β”‚  └─ openvas: openvas: testing x.x.x.x (nmap.nasl)
794637 1001       30  10  169M 22564  2944 S  0.0  0.1  0:00.00 β”‚  β”‚  β”‚        └─ openvas: openvas: testing x.x.x.x
794688 1001       30  10  169M 21164  2688 S  0.0  0.1  0:00.00 β”‚  β”‚  β”‚           └─ openvas: openvas: testing x.x.x.x (nmap.nasl)
794664 1001       30  10 31032 18452  7064 S  0.0  0.1  0:03.02 β”‚  β”‚  β”œβ”€ nmap -n -Pn -oG /tmp/nmap-x.x.x.x-717821849 -sT -sU -p T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,59
794666 1001       30  10 31032 18516  7124 S  0.7  0.1  0:03.00 β”‚  β”‚  β”œβ”€ nmap -n -Pn -oG /tmp/nmap-x.x.x.x-717821849 -sT -sU -p T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,5
794670 1001       30  10 31032 18504  7116 S  0.0  0.1  0:03.02 β”‚  β”‚  β”œβ”€ nmap -n -Pn -oG /tmp/nmap-x.x.x.x-645706061 -sT -sU -p T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,59
794673 1001       30  10 31032 18504  6984 S  0.0  0.1  0:02.92 β”‚  β”‚  β”œβ”€ nmap -n -Pn -oG /tmp/nmap-x.x.x.x-645706061 -sT -sU -p T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,59
794691 1001       30  10 31032 18584  7064 S  0.0  0.1  0:02.89 β”‚  β”‚  └─ nmap -n -Pn -oG /tmp/nmap-x.x.x.x-1888724133 -sT -sU -p T:1-65535,U:7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,5```
2

That together with consider alive will take a very long timeout to get you nothing.

3

OK - thank you.

I am tasked to provide vulnerability scans on all internal and external addresses. And these 5 are only accessible from a specific IP. I will keep waiting, but som movement of the progress bar would be nice to see.

4

As there is also UDP scanning done the following manual entries gives additional pointers:

I don’t think this is currently technically possible with the way the integration of nmap is currently done (nmap is basically just called on a shell without any scan progress communication between it and the software stack).

5

@makr

Why use OpenVAS if the target doesn’t respond to any ports? You’ll get the same result faster just using Nmap.

Eero

1 Like
6

@Eero Thanks for the tip, I did it to satisfy my auditor.

7

There’s no point in running a vulnerability scan if not a single port is open; hopefully even the auditor understands that.

Eero

1 Like