I have upgraded my working Openvas 7 to GVM-10 and now my scans do not work when scanning an entire subnet with dead hosts. I have narrowed it down to hanging on hosts that do not respond via ping. I can kick off scans to known alive hosts and it works fine, but hangs on dead hosts. Changing the “Alive Test” to Consider Alive does not help either, and produces the same result. I have found the scan will get through alive hosts fine, and when it gets to a non-responsive IP the scan just hangs. Any tips to getting my scans to finish?
1 Like
A normal scan for my result in a interrupt at 1%… also upgraded to GVM-10
Hey guys,
I had the same problem until this morning, the scan interrupt at 1% and with ps aux I saw a lot of openvas pending.
The problem came from redis configuration file. You can check the following file:
openvas-scanner-6.0.0/doc/redis_config.txt
They talk about the parameter databases and the parameter maxclients.
By default when you install redis on debian, the databases is set the 16 and the maxclients is commented.
You have to calculate the number of databases required by:
#DB = 1 + (#of parallel tasks) * (#of parallel hosts)
So if you want to make a scan of 254 hosts by one task, you must have atleast databases 254 in your redis configuration.
Same goes for maxclients parameter with the following :
#CLI = 1 + (#of parallel tasks) * (#of parallel hosts) * (#of concurrent NVTs)
Hope it can solve your problems !
NotMrNod
2 Likes
Hello NotMrNod
I am having problems not based on that particular thing (at least I think so). I have gvm-10 installed on a Centos7 based system and if i just scan 1 IP it worked but if I want to scan 117 it will not continue and there will be after some time some Zombie processes.
What you’re describing is exactly what I’ve experienced, and it was due to a redis configuration files. Can you check your /etc/redis/redis.conf file to check the databases number ?
Try to set it up to 200
Same goes for maxclients, check if it’s commented, and in that case uncomment it.
Don’t forget to restart redis server after that.
I didn’t have that problem with the previous version, and as you can see the documentation about redis configuration change in the GVM-10, so they probably changed something about the redis / gvmd interconnection.
2 Likes
This worked wonderfully for me! Thank you so much!!!
Exact Changes: edited the /etc/redis.conf file, changed the Databases number to 254 and uncommented the maxclients. Scans working great on subnets.
NotMrRod you rock thank you so much.
The hint on redis and the required configuration is also given in the topic below. Will add the specific “1%” note when scanning larger targets there in a few minutes.
2 Likes
THANK YOU! Worked. Is it now limited to 200 hosts ? Can I increase the number to get for example a /20 subnet?
No problem, I increase the value to 600 to do multiple scan at the same time, no problem on my side (3 x /24 at the same time). So there’s no limit in total but there is a limit by scan which is hard coded (Trying to scan large networks ending with 503 internal errors)
Just do the math for the redis configuration to fit your need and you’ll see by yourself.
2 Likes
Perfect I will, many thanks again!