我的 OpenVAS 未在 Kali Linux 中启动。
root@kali:~# openvas-mkcert
One or more files do already exist and would be overriden:
/var/lib/openvas/CA/cacert.pem
/var/lib/openvas/private/CA/cakey.pem
/var/lib/openvas/CA/servercert.pem
/var/lib/openvas/private/CA/serverkey.pem
You need to remove or rename them and re-run openvas-mkcert.
If you run openvas-mkcert with '-f', the files will be overwritten.
root@kali:~# openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report synchronization problems to [email protected].
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
[i] Feed is already current, no synchronization necessary.
root@kali:~# openvas-mkcert-client -n om -i
Generating RSA private key, 1024 bit long modulus
...++++++
.......................++++++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [DE]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/openvas-mkcert-client.3524/stdC.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'DE'
localityName :PRINTABLE:'Berlin'
commonName :PRINTABLE:'om'
Certificate is to be certified until May 19 17:49:55 2016 GMT (365 days)
Write out database with 1 new entries
Data Base Updated
Your client certificates are in /tmp/openvas-mkcert-client.3524 .
You will have to copy them by hand.
root@kali:~# openvasmd --rebuild
root@kali:~# openvasmd --backup
root@kali:~# openvasad -c 'add_user' -n openvasadmin -r
bash: openvasad: command not found
root@kali:~# openvasad -c 'add_user' -n openvasadmin -r admin
bash: openvasad: command not found
root@kali:~# openvassd
root@kali:~# openvas-mkcert
One or more files do already exist and would be overriden:
/var/lib/openvas/CA/cacert.pem
/var/lib/openvas/private/CA/cakey.pem
/var/lib/openvas/CA/servercert.pem
/var/lib/openvas/private/CA/serverkey.pem
You need to remove or rename them and re-run openvas-mkcert.
If you run openvas-mkcert with '-f', the files will be overwritten.
root@kali:~# openvas-mkcert -f
-------------------------------------------------------------------------------
Creation of the OpenVAS SSL Certificate
-------------------------------------------------------------------------------
This script will now ask you the relevant information to create the SSL certificate of OpenVAS.
Note that this information will *NOT* be sent to anybody (everything stays local), but anyone with the ability to connect to your OpenVAS daemon will be able to retrieve this information.
CA certificate life time in days [1460]:
Server certificate life time in days [365]:
Your country (two letter code) [DE]: PL
Your state or province name [none]:
Your location (e.g. town) [Berlin]: Wroclaw
Your organization [OpenVAS Users United]:
-------------------------------------------------------------------------------
Creation of the OpenVAS SSL Certificate
-------------------------------------------------------------------------------
Congratulations. Your server certificate was properly created.
The following files were created:
. Certification authority:
Certificate = /var/lib/openvas/CA/cacert.pem
Private key = /var/lib/openvas/private/CA/cakey.pem
. OpenVAS Server :
Certificate = /var/lib/openvas/CA/servercert.pem
Private key = /var/lib/openvas/private/CA/serverkey.pem
Press [ENTER] to exit
root@kali:~# openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report synchronization problems to [email protected].
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
[i] Feed is already current, no synchronization necessary.
root@kali:~# openvas-mkcert-client -n om -i
Generating RSA private key, 1024 bit long modulus
.............................++++++
..++++++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [DE]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/openvas-mkcert-client.3871/stdC.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'DE'
localityName :PRINTABLE:'Berlin'
commonName :PRINTABLE:'om'
Certificate is to be certified until May 19 17:59:47 2016 GMT (365 days)
Write out database with 1 new entries
Data Base Updated
Your client certificates are in /tmp/openvas-mkcert-client.3871 .
You will have to copy them by hand.
root@kali:~# openvasmd --rebuild
root@kali:~# openvassd
bind() failed : Address already in use
root@kali:~#
这是行不通的:
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report synchronization problems to [email protected].
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
@ERROR: max connections (200) reached -- try again later
rsync error: error starting client-server protocol (code 5) at main.c(1534) [Receiver=3.0.9]
[e] Error: rsync failed.
[i] This script synchronizes a SCAP data directory with the OpenVAS one.
[i] SCAP dir: /var/lib/openvas/scap-data
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured SCAP data rsync feed: rsync://feed.openvas.org:/scap-data
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report synchronization problems to [email protected].
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
@ERROR: max connections (200) reached -- try again later
rsync error: error starting client-server protocol (code 5) at main.c(1534) [Receiver=3.0.9]
[e] Error: rsync failed. Your SCAP data might be broken now.
[i] This script synchronizes a CERT advisory directory with the OpenVAS one.
[i] CERT dir: /var/lib/openvas/cert-data
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured CERT data rsync feed: rsync://feed.openvas.org:/cert-data
OpenVAS feed server - http://www.openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report synchronization problems to [email protected].
If you have any other questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
@ERROR: max connections (200) reached -- try again later
rsync error: error starting client-server protocol (code 5) at main.c(1534) [Receiver=3.0.9]
Error: rsync failed. Your CERT data might be broken now.
Stopping OpenVAS Manager: openvasmd.
Stopping OpenVAS Scanner: openvassd.
并且,终端此时冻结了。
Starting OpenVas Services
Starting Greenbone Security Assistant: ERROR.
Starting OpenVAS Scanner: ERROR.
Starting OpenVAS Manager: ERROR.
root@kali:~#
如何解决这个问题呢?
答案1
尝试 :
导航到 /etc/init.d/openvas-server 和 openvas-manager 并将时间添加到此行:
# time to wait for daemons death, in seconds
# don't set it too low or you might not let openvassd die gracefully
DODTIME=5
对于 openvas-server 和 openvas-manager,将 DODTIME 设置为 15 或 20 左右。
启动扫描仪: service openvassd start 然后使用 --rebuild 参数启动管理器。 openvasmd——重建
答案2
Openvasd、openvas-server 或(如果你没有拼写错误)openvassd 应该使用类似的源,所以我认为你已经在那里运行了一个服务。尝试停止正在运行的服务;
sudo service openvas-server stop
sudo service openvasd stop
sudo service openvassd stop
然后你可以运行我认为必要的命令。
答案3
我在各种不同的版本中都遇到过这个问题。我发现发行版升级或更新有时可以修复它,但这个也可以。
apt-get purge --auto-remove redis-server
apt-get install openvas
openvas-setup
会起作用并且你不会丢失任何历史记录。