OpenVas Start: Error

Started by r00tb33r, December 15, 2011, 05:37:31 AM

Previous topic - Next topic

r00tb33r

Hello all,

I get the following error when I do Services>openvas>openvas-services-start

Starting OpenVAS Scanner:
** ERROR **: File is empty
aborting...
Aborted
ERROR.



I have looked at the wiki and have tried upgrading and updating what was recommended to no avail. The openvas updater fails with an error. I found a way to update openvas manually but that did not fix my original problem. Any help is appreciated!


ostendali

Openvas experiencing some problem lately.
could you pls remove and reinstall openvas and let us know if it still gives problem....?
Pls follow the wiki tutorial regardless and at any problem you can post here the complete output.

Thanks

r00tb33r

Hi Ostendali.

I used the Synaptic Package Manager to completely remove all components of openvas and then used it to reinstall openvas again. It uninstalled and reinstalled just fine, but I still get the same error.
Am I missing something? I have openvas-manager, openvas-cli, openvas-administrator, gsd, openvas-scanner, greenbone-security-assistant, and libopenvas4 installed.
I have already done what the wiki says and that has not helped. The problem is still the same.

Thanks for the help.

raffaele

raffaele@backbox:~$ Get root or die tryin'

ostendali

Pls follow the how to linked by Raffaele and if you get still problems drop your output here by restarting manually from terminal all openvas services, such as:
/etc/init.d/openvas-scanner start
/etc/init.d/openvas-manager start
/etc/init.d/openvas-administrator restart
/etc/init.d/greenbone-security-assistant restart

netstat -lnp |grep :9392

In case of non functionality you might get some error during manual restart of openvas, pls copy/paste here the output in case....

r00tb33r

Thanks for the replies guys. Unfortunately I am still having problems.

r00tb33r@Oasis:~$ sudo apt-get -y install python-software-properties
[sudo] password for r00tb33r:
Sorry, try again.
[sudo] password for r00tb33r:
Reading package lists... Done
Building dependency tree      
Reading state information... Done
python-software-properties is already the newest version.
The following packages were automatically installed and are no longer required:
 metacity-common libboost-serialization1.42.0 libprotobuf6
 libmetacity-private0
Use 'apt-get autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
r00tb33r@Oasis:~$ sudo add-apt-repository "deb http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_10.04/ ./"
r00tb33r@Oasis:~$ sudo apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys BED1E87979EAFD54
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver hkp://keys.gnupg.net --recv-keys BED1E87979EAFD54
gpg: requesting key 79EAFD54 from hkp server keys.gnupg.net
?: keys.gnupg.net: Connection refused
gpgkeys: HTTP fetch error 7: couldn't connect: Connection refused
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
r00tb33r@Oasis:~$ sudo apt-get update
Ign http://ppa.launchpad.net natty InRelease                                  
Ign http://us.archive.ubuntu.com natty InRelease                              
Ign http://us.archive.ubuntu.com natty-updates InRelease                      
Ign http://security.ubuntu.com natty-security InRelease                        
Ign http://extras.ubuntu.com natty InRelease                                  
Ign http://download.opensuse.org ./ InRelease                                  
Ign http://download.opensuse.org ./ InRelease                                  
Hit http://ppa.launchpad.net natty Release.gpg                                
Get:1 http://security.ubuntu.com natty-security Release.gpg [198 B]            
Get:2 http://extras.ubuntu.com natty Release.gpg [72 B]                        
Hit http://us.archive.ubuntu.com natty Release.gpg                            
Get:3 http://download.opensuse.org ./ Release.gpg [189 B]                      
Hit http://ppa.launchpad.net natty Release                                    
Ign http://deb.pinguin.lu ./ InRelease                                        
Hit http://extras.ubuntu.com natty Release                                    
Get:4 http://us.archive.ubuntu.com natty-updates Release.gpg [198 B]          
Get:5 http://security.ubuntu.com natty-security Release [31.4 kB]              
Hit http://download.opensuse.org ./ Release.gpg                                
Hit http://deb.pinguin.lu ./ Release.gpg                                      
Hit http://us.archive.ubuntu.com natty Release                                
Get:6 http://download.opensuse.org ./ Release [390 B]                          
Get:7 http://us.archive.ubuntu.com natty-updates Release [31.4 kB]            
Hit http://deb.pinguin.lu ./ Release                                          
Hit http://download.opensuse.org ./ Release                                    
Ign http://www.kismetwireless.net natty InRelease                              
Hit http://ppa.launchpad.net natty/main Sources                                
Hit http://extras.ubuntu.com natty/main Sources                                
Hit http://ppa.launchpad.net natty/main i386 Packages                          
Hit http://extras.ubuntu.com natty/main i386 Packages                          
Ign http://extras.ubuntu.com natty/main TranslationIndex                      
Ign http://ppa.launchpad.net natty/main TranslationIndex                      
Get:8 http://security.ubuntu.com natty-security/main Sources [83.4 kB]        
Hit http://us.archive.ubuntu.com natty/main Sources                            
Hit http://us.archive.ubuntu.com natty/restricted Sources                      
Hit http://us.archive.ubuntu.com natty/universe Sources                        
Hit http://us.archive.ubuntu.com natty/multiverse Sources                      
Hit http://us.archive.ubuntu.com natty/main i386 Packages                      
Hit http://us.archive.ubuntu.com natty/restricted i386 Packages                
Hit http://us.archive.ubuntu.com natty/universe i386 Packages                  
Hit http://us.archive.ubuntu.com natty/multiverse i386 Packages                
Ign http://us.archive.ubuntu.com natty/main TranslationIndex                  
Ign http://us.archive.ubuntu.com natty/multiverse TranslationIndex            
Ign http://us.archive.ubuntu.com natty/restricted TranslationIndex            
Ign http://us.archive.ubuntu.com natty/universe TranslationIndex              
Hit http://deb.pinguin.lu ./ Packages                                          
Hit http://download.opensuse.org ./ Packages                                  
Get:9 http://us.archive.ubuntu.com natty-updates/main Sources [143 kB]        
Hit http://www.kismetwireless.net natty Release.gpg                            
Hit http://www.kismetwireless.net natty Release                                
Hit http://www.kismetwireless.net natty/kismet i386 Packages                  
Ign http://www.kismetwireless.net natty/kismet TranslationIndex                
Get:10 http://security.ubuntu.com natty-security/restricted Sources [14 B]    
Ign http://ppa.launchpad.net natty/main Translation-en_US                      
Ign http://extras.ubuntu.com natty/main Translation-en_US                      
Get:11 http://security.ubuntu.com natty-security/universe Sources [15.1 kB]    
Ign http://ppa.launchpad.net natty/main Translation-en                        
Ign http://extras.ubuntu.com natty/main Translation-en                        
Get:12 http://us.archive.ubuntu.com natty-updates/restricted Sources [753 B]  
Get:13 http://us.archive.ubuntu.com natty-updates/universe Sources [33.7 kB]  
Get:14 http://security.ubuntu.com natty-security/multiverse Sources [652 B]    
Ign http://www.kismetwireless.net natty/kismet Translation-en_US              
Ign http://download.opensuse.org ./ Translation-en_US                          
Get:15 http://us.archive.ubuntu.com natty-updates/multiverse Sources [2,317 B]
Get:16 http://us.archive.ubuntu.com natty-updates/main i386 Packages [416 kB]  
Ign http://www.kismetwireless.net natty/kismet Translation-en                  
Get:17 http://security.ubuntu.com natty-security/main i386 Packages [257 kB]  
Ign http://download.opensuse.org ./ Translation-en                            
Ign http://deb.pinguin.lu ./ Translation-en_US                                
Ign http://deb.pinguin.lu ./ Translation-en                                    
Get:18 http://us.archive.ubuntu.com natty-updates/restricted i386 Packages [839 B]
Get:19 http://us.archive.ubuntu.com natty-updates/universe i386 Packages [121 kB]
Get:20 http://security.ubuntu.com natty-security/restricted i386 Packages [14 B]
Get:21 http://security.ubuntu.com natty-security/universe i386 Packages [59.4 kB]
Get:22 http://security.ubuntu.com natty-security/multiverse i386 Packages [2,069 B]
Ign http://security.ubuntu.com natty-security/main TranslationIndex            
Ign http://security.ubuntu.com natty-security/multiverse TranslationIndex      
Ign http://security.ubuntu.com natty-security/restricted TranslationIndex      
Ign http://security.ubuntu.com natty-security/universe TranslationIndex        
Get:23 http://us.archive.ubuntu.com natty-updates/multiverse i386 Packages [5,074 B]
Ign http://us.archive.ubuntu.com natty-updates/main TranslationIndex          
Ign http://us.archive.ubuntu.com natty-updates/multiverse TranslationIndex    
Ign http://us.archive.ubuntu.com natty-updates/restricted TranslationIndex    
Ign http://us.archive.ubuntu.com natty-updates/universe TranslationIndex      
Ign http://us.archive.ubuntu.com natty/main Translation-en_US                  
Ign http://us.archive.ubuntu.com natty/main Translation-en                    
Ign http://us.archive.ubuntu.com natty/multiverse Translation-en_US            
Ign http://us.archive.ubuntu.com natty/multiverse Translation-en              
Ign http://us.archive.ubuntu.com natty/restricted Translation-en_US            
Ign http://us.archive.ubuntu.com natty/restricted Translation-en              
Ign http://security.ubuntu.com natty-security/main Translation-en_US          
Ign http://security.ubuntu.com natty-security/main Translation-en              
Ign http://security.ubuntu.com natty-security/multiverse Translation-en_US    
Ign http://security.ubuntu.com natty-security/multiverse Translation-en        
Ign http://us.archive.ubuntu.com natty/universe Translation-en_US              
Ign http://security.ubuntu.com natty-security/restricted Translation-en_US    
Ign http://security.ubuntu.com natty-security/restricted Translation-en        
Ign http://security.ubuntu.com natty-security/universe Translation-en_US      
Ign http://security.ubuntu.com natty-security/universe Translation-en          
Ign http://us.archive.ubuntu.com natty/universe Translation-en                
Ign http://us.archive.ubuntu.com natty-updates/main Translation-en_US          
Ign http://us.archive.ubuntu.com natty-updates/main Translation-en            
Ign http://us.archive.ubuntu.com natty-updates/multiverse Translation-en_US    
Ign http://us.archive.ubuntu.com natty-updates/multiverse Translation-en      
Ign http://us.archive.ubuntu.com natty-updates/restricted Translation-en_US    
Ign http://us.archive.ubuntu.com natty-updates/restricted Translation-en      
Ign http://us.archive.ubuntu.com natty-updates/universe Translation-en_US      
Ign http://us.archive.ubuntu.com natty-updates/universe Translation-en        
Fetched 1,204 kB in 6s (181 kB/s)                                              
W: Failed to fetch http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_10.04/./Release  Unable to find expected entry 'Sources' in Release file (Wrong sources.list entry or malformed file)

E: Some index files failed to download. They have been ignored, or old ones used instead.
r00tb33r@Oasis:~$ sudo apt-get -y install greenbone-security-assistant gsd openvas-cli openvas-manager openvas-scanner openvas-administrator sqlite3 xsltproc
Reading package lists... Done
Building dependency tree      
Reading state information... Done
sqlite3 is already the newest version.
xsltproc is already the newest version.
greenbone-security-assistant is already the newest version.
gsd is already the newest version.
openvas-administrator is already the newest version.
openvas-cli is already the newest version.
openvas-manager is already the newest version.
openvas-scanner is already the newest version.
The following packages were automatically installed and are no longer required:
 metacity-common libboost-serialization1.42.0 libprotobuf6
 libmetacity-private0
Use 'apt-get autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 9 not upgraded.
r00tb33r@Oasis:~$
r00tb33r@Oasis:~$ test -e /var/lib/openvas/CA/cacert.pem  || sudo openvas-mkcert -q
r00tb33r@Oasis:~$ sudo openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured NVT rsync feed: rsync://feed.openvas.org:/nvt-feed
rsync: failed to connect to feed.openvas.org: Connection refused (111)
rsync error: error in socket IO (code 10) at clientserver.c(122) [Receiver=3.0.7]
Error: rsync failed. Your NVT collection might be broken now.
r00tb33r@Oasis:~$ test -e /var/lib/openvas/users/om || sudo openvas-mkcert-client -n om -i
Generating RSA private key, 1024 bit long modulus
......++++++
..++++++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [DE]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/openvas-mkcert-client.1927/stdC.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName           :PRINTABLE:'DE'
localityName          :PRINTABLE:'Berlin'
commonName            :PRINTABLE:'om'
Certificate is to be certified until Dec 15 00:32:50 2012 GMT (365 days)

Write out database with 1 new entries
Data Base Updated
User om added to OpenVAS.

r00tb33r@Oasis:~$ sudo /etc/init.d/openvas-manager stop
Stopping OpenVAS Manager: openvasmd.
r00tb33r@Oasis:~$ sudo /etc/init.d/openvas-scanner stop
Stopping OpenVAS Scanner: openvassd.
r00tb33r@Oasis:~$ sudo openvassd
Loading the plugins... 612 (out of 23937)
** ERROR **: File is empty
aborting...
r00tb33r@Oasis:~$ sudo openvasmd --migrate
r00tb33r@Oasis:~$ sudo openvasmd --rebuild
r00tb33r@Oasis:~$ sudo killall openvassd
openvassd: no process found
r00tb33r@Oasis:~$ sleep 15
r00tb33r@Oasis:~$ sudo /etc/init.d/openvas-scanner start
Starting OpenVAS Scanner:
** ERROR **: File is empty
aborting...
Aborted
ERROR.
r00tb33r@Oasis:~$ sudo /etc/init.d/openvas-manager start
Starting OpenVAS Manager: ERROR.
r00tb33r@Oasis:~$ sudo /etc/init.d/openvas-administrator restart
Restarting OpenVAS Administrator: openvasad.
r00tb33r@Oasis:~$ sudo /etc/init.d/greenbone-security-assistant restart
Restarting Greenbone Security Assistant: gsad.
r00tb33r@Oasis:~$ test -e /var/lib/openvas/users/admin || sudo openvasad -c add_user -n admin -r Admin
Enter password:
ad   main:MESSAGE:2003:2011-12-15 18h34.13 CST: No rules file provided, the new user will have no restrictions.
ad  admin:WARNING:2003:2011-12-15 18h34.13 CST: User admin already exists!
ad   main:WARNING:2003:2011-12-15 18h34.13 CST: Failed to create user admin!
r00tb33r@Oasis:~$

vincenzo

#6
Quote from: r00tb33r on December 15, 2011, 05:37:31 AM
Starting OpenVAS Scanner:
** ERROR **: File is empty
aborting...
Aborted
ERROR.


You can use the following command:

find /var/lib/openvas/plugins/ -maxdepth 1 -size 0

if you need to check which file is empty. Then:


sudo openvas-nvt-sync --wget


to get/update your local NVTs. Then:
Services -> openvas -> openvas-services update (...wait...) and Services -> openvas -> openvas-services start

If it doesn't work you need to follow these steps:

Services -> openvas -> openvas-services stop

sudo apt-get purge greenbone-security-assistant gsd openvas-cli openvas-manager openvas-scanner openvas-administrator sqlite3 xsltproc

(you can omit sqlite3 and xsltproc if you find that many other packages depend on them)


Open the "/etc/apt/sources.list" file:

gksudo geany /etc/apt/sources.list

and replace the following lines:

deb http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_10.04/ ./
deb-src http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_10.04/ ./


with the single line:

deb http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_11.04/ ./

At this point:

sudo apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys BED1E87979EAFD54
sudo apt-get update
sudo apt-get -y install greenbone-security-assistant gsd openvas-cli openvas-manager openvas-scanner openvas-administrator sqlite3 xsltproc


And then (copy and paste the whole block):

test -e /var/lib/openvas/CA/cacert.pem || sudo openvas-mkcert -q
sudo openvas-nvt-sync
test -e /var/lib/openvas/users/om || sudo openvas-mkcert-client -n om -i
sudo /etc/init.d/openvas-manager stop
sudo /etc/init.d/openvas-scanner stop
sudo touch sudo touch /var/lib/openvas/mgr/tasks.db
sudo chmod 600 /var/lib/openvas/mgr/tasks.db
sudo openvassd
sudo openvasmd --migrate
sudo openvasmd --rebuild
sudo killall openvassd
sleep 15
sudo /etc/init.d/openvas-scanner start
sudo /etc/init.d/openvas-manager start
sudo /etc/init.d/openvas-administrator restart


Now verify that everything is working correctly.

You cannot teach a man anything. You can only help him discover it within himself.



r00tb33r

Hey vincenzo,

The first command executed without any output.

sudo openvas-nvt-sync --wget : worked fine.

The updating and starting of the services both failed.

The next three commands work fine, but the keyserver always fails to issue me a key.

The update works fine and everything seems to install fine.

Nearly everything in the last block of code you posted failed because it couldn't find the openvas-scanner of openvas-manager.

If you would like me to post all of the output, I sure can, but there is a lot of it.

vincenzo

#8
Hi,
no need to post the whole output, although some important message would be helpful, for example, something about a missing package, plugin
or a port number. My openvas installation seems to be working just fine. I'm wondering if you have a firewall that doesn't allow you to get that key.
Please, be sure that a firewall is not running. Then retry and let me see if you get any output from this command:

apt-key list | grep 79EAFD54 -A1

Moreover, you can get a useful log file from the openvas-check-setup tool. You can find it here: http://www.openvas.org/setup-and-start.html





You cannot teach a man anything. You can only help him discover it within himself.



r00tb33r

Hello again!

I have good news and bad news...

The bad news: I spent a few days trying to fix this issue back a couple weeks ago to no avail. Some people with the same error as me compiled from source and it worked fine for them.

The good news: I downloaded v2.01 and OpenVAS works perfectly! Thanks for all of your help!!!