내 OpenVAS가 Kali Linux에서 시작되지 않습니다.
root@kali:~# openvas-mkcert
One or more files do already exist and would be overriden:
/var/lib/openvas/CA/cacert.pem
/var/lib/openvas/private/CA/cakey.pem
/var/lib/openvas/CA/servercert.pem
/var/lib/openvas/private/CA/serverkey.pem
You need to remove or rename them and re-run openvas-mkcert.
If you run openvas-mkcert with '-f', the files will be overwritten.
root@kali:~# openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report synchronization problems to [email protected].
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
[i] Feed is already current, no synchronization necessary.
root@kali:~# openvas-mkcert-client -n om -i
Generating RSA private key, 1024 bit long modulus
...++++++
.......................++++++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [DE]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/openvas-mkcert-client.3524/stdC.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'DE'
localityName :PRINTABLE:'Berlin'
commonName :PRINTABLE:'om'
Certificate is to be certified until May 19 17:49:55 2016 GMT (365 days)
Write out database with 1 new entries
Data Base Updated
Your client certificates are in /tmp/openvas-mkcert-client.3524 .
You will have to copy them by hand.
root@kali:~# openvasmd --rebuild
root@kali:~# openvasmd --backup
root@kali:~# openvasad -c 'add_user' -n openvasadmin -r
bash: openvasad: command not found
root@kali:~# openvasad -c 'add_user' -n openvasadmin -r admin
bash: openvasad: command not found
root@kali:~# openvassd
root@kali:~# openvas-mkcert
One or more files do already exist and would be overriden:
/var/lib/openvas/CA/cacert.pem
/var/lib/openvas/private/CA/cakey.pem
/var/lib/openvas/CA/servercert.pem
/var/lib/openvas/private/CA/serverkey.pem
You need to remove or rename them and re-run openvas-mkcert.
If you run openvas-mkcert with '-f', the files will be overwritten.
root@kali:~# openvas-mkcert -f
-------------------------------------------------------------------------------
Creation of the OpenVAS SSL Certificate
-------------------------------------------------------------------------------
This script will now ask you the relevant information to create the SSL certificate of OpenVAS.
Note that this information will *NOT* be sent to anybody (everything stays local), but anyone with the ability to connect to your OpenVAS daemon will be able to retrieve this information.
CA certificate life time in days [1460]:
Server certificate life time in days [365]:
Your country (two letter code) [DE]: PL
Your state or province name [none]:
Your location (e.g. town) [Berlin]: Wroclaw
Your organization [OpenVAS Users United]:
-------------------------------------------------------------------------------
Creation of the OpenVAS SSL Certificate
-------------------------------------------------------------------------------
Congratulations. Your server certificate was properly created.
The following files were created:
. Certification authority:
Certificate = /var/lib/openvas/CA/cacert.pem
Private key = /var/lib/openvas/private/CA/cakey.pem
. OpenVAS Server :
Certificate = /var/lib/openvas/CA/servercert.pem
Private key = /var/lib/openvas/private/CA/serverkey.pem
Press [ENTER] to exit
root@kali:~# openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report synchronization problems to [email protected].
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
[i] Feed is already current, no synchronization necessary.
root@kali:~# openvas-mkcert-client -n om -i
Generating RSA private key, 1024 bit long modulus
.............................++++++
..++++++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [DE]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/openvas-mkcert-client.3871/stdC.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'DE'
localityName :PRINTABLE:'Berlin'
commonName :PRINTABLE:'om'
Certificate is to be certified until May 19 17:59:47 2016 GMT (365 days)
Write out database with 1 new entries
Data Base Updated
Your client certificates are in /tmp/openvas-mkcert-client.3871 .
You will have to copy them by hand.
root@kali:~# openvasmd --rebuild
root@kali:~# openvassd
bind() failed : Address already in use
root@kali:~#
이것은 작동하지 않습니다:
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report synchronization problems to [email protected].
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
@ERROR: max connections (200) reached -- try again later
rsync error: error starting client-server protocol (code 5) at main.c(1534) [Receiver=3.0.9]
[e] Error: rsync failed.
[i] This script synchronizes a SCAP data directory with the OpenVAS one.
[i] SCAP dir: /var/lib/openvas/scap-data
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured SCAP data rsync feed: rsync://feed.openvas.org:/scap-data
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report synchronization problems to [email protected].
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
@ERROR: max connections (200) reached -- try again later
rsync error: error starting client-server protocol (code 5) at main.c(1534) [Receiver=3.0.9]
[e] Error: rsync failed. Your SCAP data might be broken now.
[i] This script synchronizes a CERT advisory directory with the OpenVAS one.
[i] CERT dir: /var/lib/openvas/cert-data
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured CERT data rsync feed: rsync://feed.openvas.org:/cert-data
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report synchronization problems to [email protected].
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
@ERROR: max connections (200) reached -- try again later
rsync error: error starting client-server protocol (code 5) at main.c(1534) [Receiver=3.0.9]
Error: rsync failed. Your CERT data might be broken now.
Stopping OpenVAS Manager: openvasmd.
Stopping OpenVAS Scanner: openvassd.
또한 이 시점에서 터미널이 정지됩니다.
Starting OpenVas Services
Starting Greenbone Security Assistant: ERROR.
Starting OpenVAS Scanner: ERROR.
Starting OpenVAS Manager: ERROR.
root@kali:~#
이 문제를 해결하는 방법?
답변1
노력하다:
/etc/init.d/openvas-server 및 openvas-manager로 이동하여 다음 줄에 시간을 추가합니다.
# time to wait for daemons death, in seconds
# don't set it too low or you might not let openvassd die gracefully
DODTIME=5
openvas-server 및 openvas-manager의 경우 DODTIME을 약 15 또는 20으로 설정합니다.
스캐너를 시작합니다. service openvassd start를 시작한 다음 --rebuild 매개변수를 사용하여 관리자를 시작합니다. openvasmd - 재구축
답변2
Openvasd, openvas-server 또는 (철자가 올바른 경우) openvassd는 유사한 소스를 사용해야 하므로 이미 서비스가 실행되고 있다고 가정합니다. 실행 중인 서비스를 중지해 보세요.
sudo service openvas-server stop
sudo service openvasd stop
sudo service openvassd stop
그런 다음 내가 필요하다고 생각하는 명령을 실행할 수 있습니다.
답변3
다양한 버전에서 이 문제가 발생했습니다. distro 업그레이드나 업데이트로 문제가 해결되는 경우도 있지만 이것도 마찬가지입니다.
apt-get purge --auto-remove redis-server
apt-get install openvas
openvas-setup
작동하고 기록이 손실되지 않습니다.