OpenVAS仅扫描本地网络ip

时间:2016-01-26 21:01:47

标签: linux networking openvas

如果我尝试在本地网络中尝试定位localhost或ip路由器,那么使用OpenVAS一切正常,任务结束,但如果我尝试扫描公共IP,则停止为1%或2%。

这是我的配置:

  

VMWare的Kali 2.0 64位

     

网络中的网络

     

预装OpenVAS 8

一些细节(netstat):

root@kali:~# netstat -tlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 localhost:9390          *:*                     LISTEN      8560/openvasmd  
tcp        0      0 localhost:9391          *:*                     LISTEN      8561/openvassd: Wai
tcp        0      0 localhost:9392          *:*                     LISTEN      8559/gsad

并且"检查设置":

root@kali:~# openvas-check-setup 
openvas-check-setup 2.3.0

Step 1: Checking OpenVAS Scanner ... 
        OK: OpenVAS Scanner is present in version 5.0.1.
        OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
        OK: OpenVAS Scanner server certificate is valid and present as /var/lib/openvas/CA/servercert.pem.
        OK: NVT collection in /var/lib/openvas/plugins contains 45313 NVTs.
        WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
        SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
        OK: The NVT cache in /var/cache/openvas contains 45313 files for 45313 NVTs.
        OK: redis-server is present in version v=2.8.17.
        OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/lib/redis/redis.sock
        OK: redis-server is running and listening on socket: /var/lib/redis/redis.sock.
        OK: redis-server configuration is OK and redis-server is running.
Step 2: Checking OpenVAS Manager ... 
        OK: OpenVAS Manager is present in version 6.0.1.
        OK: OpenVAS Manager client certificate is valid and present as /var/lib/openvas/CA/clientcert.pem.
        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
        OK: Access rights for the OpenVAS Manager database are correct.
        OK: At least one user exists.
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
        OK: OpenVAS Manager database is at revision 146.
        OK: OpenVAS Manager expects database at revision 146.
        OK: Database schema is up to date.
        OK: OpenVAS Manager database contains information about 45306 NVTs.
        OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
        OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
        OK: xsltproc found.
Step 3: Checking user configuration ... 
        WARNING: Your password policy is empty.
        SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy.
Step 4: Checking Greenbone Security Assistant (GSA) ... 
        OK: Greenbone Security Assistant is present in version 6.0.1.
Step 5: Checking OpenVAS CLI ... 
        OK: OpenVAS CLI version 1.4.0.
Step 6: Checking Greenbone Security Desktop (GSD) ... 
        SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running ... 
        OK: netstat found, extended checks of the OpenVAS services enabled.
        OK: OpenVAS Scanner is running and listening only on the local interface.
        OK: OpenVAS Scanner is listening on port 9391, which is the default port.
        WARNING: OpenVAS Manager is running and listening only on the local interface.
        This means that you will not be able to access the OpenVAS Manager from the
        outside using GSD or OpenVAS CLI.
        SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless you want
        a local service only.
        OK: OpenVAS Manager is listening on port 9390, which is the default port.
        WARNING: Greenbone Security Assistant is running and listening only on the local interface.
        This means that you will not be able to access the Greenbone Security Assistant from the
        outside using a web browser.
        SUGGEST: Ensure that Greenbone Security Assistant listens on all interfaces.
        OK: Greenbone Security Assistant is listening on port 9392, which is the default port.
Step 8: Checking nmap installation ...
        WARNING: Your version of nmap is not fully supported: 6.49BETA4
        SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.
Step 10: Checking presence of optional tools ...
        OK: pdflatex found.
        OK: PDF generation successful. The PDF report format is likely to work.
        OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
        WARNING: Could not find rpm binary, LSC credential package generation for RPM and DEB based targets will not work.
        SUGGEST: Install rpm.
        WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.
        SUGGEST: Install nsis.

It seems like your OpenVAS-8 installation is OK.

这可能对我有所帮助,但是在谷歌和StackOverflow上找不到任何东西:警告:OpenVAS Manager只在本地界面上运行和监听。

我可以检查什么以及如何扫描公共IP?

鉴于我在Linux上的技能有限,我要求你非常具体。的由于

0 个答案:

没有答案
相关问题
最新问题