Hello everybody,
this is a follow-up thread for this one (container immauss/openvas and issues with the OS recognition on targets):
Sadly, after recreating the container, this issue still persists on some hosts.
Using log_whole_attack = yes
in openvas.conf
, we found some more insight to this issue:
sd main:MESSAGE:2023-03-02 16h59.39 utc:8434: Not launching
gb_unknown_os_service_reporting.nasl (1.3.6.1.4.1.25623.1.0.108441)
against IP because a mandatory key is missing (this is
not an error)
2 sd main:MESSAGE:2023-03-02 16h59.27 utc:8434: Not launching
unknown_services.nasl (1.3.6.1.4.1.25623.1.0.11154) against
IP none of the required tcp ports are open (this is not
an error)
3 sd main:MESSAGE:2023-03-02 16h59.27 utc:8434: Not launching
find_service_nmap.nasl (1.3.6.1.4.1.25623.1.0.66286) against
IP none of the required tcp ports are open (this is not
an error)
4 sd main:MESSAGE:2023-03-02 16h59.39 utc:8434: Not launching
find_service_nmap_wrapped.nasl (1.3.6.1.4.1.25623.1.0.108525)
against IP none of the required tcp ports are open (this
is not an error)
So the problem seems to be the port scan. Also, the issue is not really reproducible, sometimes there are no issues recognizing the OS, and sometimes it is not recognized, even on the same host.
We are using the list All IANA TCP and UDP ports
on all targets.
Also, connecting to the target via SMB from the container was working.
Does someone have an idea how to debug this issue?