Mailing List Archive: [Database-devel] Problem with nessus

[Database-devel] Problem with nessus_sql 2.2.3

Jun 5, 2005, 3:47 AM

Post #1 of 7 (2963 views)

Hello all

I'm having problems getting nessus_sql to work. In fact i patched 2.2.4
sources with
2.2.3-core.db patch diff (which went fine). No problem with database tables
auto creation
either - so no problem with databse rights -.

But, when i start a test scan, i get:

onyxium:/usr/local/var/nessus/logs# nessus -q xnessus <pass>
/root/targets.txt /root/targets.nbe
*** The plugins that have the ability to crash remote services or hosts
have been disabled. You should activate them if you want your security
audit to be complete
Communication closed by server
nessus: nessusd abruptly shut the communication down - the test may be
incomplete

When looking into nessusd.messages...

onyxium:/usr/local/var/nessus/logs# tail nessusd.messages
[Sun Jun 5 12:36:10 2005][32758] got local connection
[Sun Jun 5 12:36:10 2005][3188] Client requested protocol version 12.
[Sun Jun 5 12:36:11 2005][3188] successful login of xnessus from 6.0.0.0
[Sun Jun 5 12:36:34 2005][3188] Redirecting debugging output to
/usr/local/var/nessus/logs/nessusd.dump
[Sun Jun 5 12:36:37 2005][3188] MYSQL : connected to DB host: localhost
[Sun Jun 5 12:36:37 2005][3188] user xnessus starts a new scan. Target(s) :
10.0.2.34, with max_hosts = 20 and max_checks = 4
[Sun Jun 5 12:36:37 2005][3188] user xnessus : testing 10.0.2.34
(10.0.2.34) [3272]
[Sun Jun 5 12:36:37 2005][3272] SQL : find by name: "onyxium-gif"
[Sun Jun 5 12:36:37 2005][3272] MYSQL: SELECT hostid FROM host WHERE
name="onyxium-gif" : Lost connection to MySQL server during query : can't
select row
[Sun Jun 5 12:36:37 2005][3272] MATCHED HOSTID: [-1]

Please help me tracking down the problem as i'm trying to use nessus_sql for
production environment.

TIA

Michel.

Re: [Database-devel] Problem with nessus_sql 2.2.3 [ In reply to ]

deraison at nessus

Jun 5, 2005, 1:23 PM

Post #2 of 7 (2922 views)

Permalink

On Jun 5, 2005, at 12:47, the Moonspeller wrote:

>
>
> Please help me tracking down the problem as i'm trying to use
> nessus_sql for production environment.

The SQL branch is absolultely NOT meant for production environment.

-- Renaud

Re: [Database-devel] Problem with nessus_sql 2.2.3 [ In reply to ]

themoonspeller at hotmail

Jun 5, 2005, 11:27 PM

Post #3 of 7 (2919 views)

Permalink

OK Renaud, got me on this one ;)

What could be the cause for this problem, though ?

Thanks a lot

--
M.

>From: Renaud Deraison <deraison@nessus.org>
>To: the Moonspeller <themoonspeller@hotmail.com>
>CC: nessus-devel@list.nessus.org
>Subject: Re: [Nessus-devel] [Database-devel] Problem with nessus_sql 2.2.3
>Date: Sun, 5 Jun 2005 22:23:57 +0200
>
>
>On Jun 5, 2005, at 12:47, the Moonspeller wrote:
>
>>
>>
>>Please help me tracking down the problem as i'm trying to use
>>nessus_sql for production environment.
>
>The SQL branch is absolultely NOT meant for production environment.
>
>
>
> -- Renaud

Re: [Database-devel] Problem with nessus_sql 2.2.3 [ In reply to ]

jfernandez at germinus

Jun 6, 2005, 1:30 AM

Post #4 of 7 (2900 views)

Permalink

the Moonspeller wrote:

>
> When looking into nessusd.messages...
>

(...)
> [Sun Jun 5 12:36:37 2005][3272] SQL : find by name: "onyxium-gif"
> [Sun Jun 5 12:36:37 2005][3272] MYSQL: SELECT hostid FROM host WHERE
> name="onyxium-gif" : Lost connection to MySQL server during query :
> can't select row
> [Sun Jun 5 12:36:37 2005][3272] MATCHED HOSTID: [-1]
>

Ummm... seems to be a problem when retrieving information from the
database. Can you please provide the result of running the SQL query
above: 'SELECT hostid FROM host WHERE name="onyxium-gif"'

Also, it might be worth checking how the database has been changed
since the scan started. Has the 'session' table been modified?

The scan bails out because it lose a connection to the MySQL server,
the database code currently does not attempt to reconnect in this
event and that causes the abrupt en of the scan.

If some of the tables were filled in but the code failed in this
change it might be due to connection timeout in the MySQL database.
The Nessus-SQL code does not explicitly set a timeout so you should be
able to handle this through MySQL's configuration file.

Regards

Javier

Re: Re: [Database-devel] Problem with nessus_sql 2.2.3 [ In reply to ]

campoe at usf

Jun 6, 2005, 11:06 AM

Post #5 of 7 (2909 views)

Permalink

Javier

This is the same error I got when trying the diff back in March. The
SELECT statement itself works just fine. I increased the timeout value
on mysqld to no avail. Here's the only error message on nessus.dump:

Could not realloc() a pointer of size 1279611651 !

Alex

Javier Fernandez-Sanguino wrote:
> the Moonspeller wrote:
>
>>
>> When looking into nessusd.messages...
>>
>
> (...)
>
>> [Sun Jun 5 12:36:37 2005][3272] SQL : find by name: "onyxium-gif"
>> [Sun Jun 5 12:36:37 2005][3272] MYSQL: SELECT hostid FROM host WHERE
>> name="onyxium-gif" : Lost connection to MySQL server during query :
>> can't select row
>> [Sun Jun 5 12:36:37 2005][3272] MATCHED HOSTID: [-1]
>>
>
> Ummm... seems to be a problem when retrieving information from the
> database. Can you please provide the result of running the SQL query
> above: 'SELECT hostid FROM host WHERE name="onyxium-gif"'
>
> Also, it might be worth checking how the database has been changed since
> the scan started. Has the 'session' table been modified?
>
> The scan bails out because it lose a connection to the MySQL server, the
> database code currently does not attempt to reconnect in this event and
> that causes the abrupt en of the scan.
>
> If some of the tables were filled in but the code failed in this change
> it might be due to connection timeout in the MySQL database. The
> Nessus-SQL code does not explicitly set a timeout so you should be able
> to handle this through MySQL's configuration file.
>
> Regards
>
> Javier
>
> _______________________________________________
> Nessus-devel mailing list
> Nessus-devel@list.nessus.org
> http://mail.nessus.org/mailman/listinfo/nessus-devel

--
-- Alex Campoe, CISSP Information Security Manager --
-- Associate Director, Systems --
-- Email: campoe@usf.edu Phone: (813) 974-1796 --
-- Academic Computing University of South Florida --
-----------------------------------------------------------------------

Re: Re: [Database-devel] Problem with nessus_sql 2.2.3 [ In reply to ]

themoonspeller at hotmail

Jun 6, 2005, 11:48 AM

Post #6 of 7 (2915 views)

Permalink

Alex, Javier

This was the first scan i launched. The database is actually empty - so is the session table-, and the "select" statement returns no record.

I applied the correction to mysql's config timeout value, and got the same message
in nessusd.messages as Alex.

HIWH you in tracking down the problem!

Best regards
--
M.

>From: Alex Campoe <campoe@usf.edu>
>To: Javier Fernandez-Sanguino <jfernandez@germinus.com>
>CC: the Moonspeller <themoonspeller@hotmail.com>,nessus-devel@list.nessus.org
>Subject: Re: [Nessus-devel] Re: [Database-devel] Problem with nessus_sql 2.2.3
>Date: Mon, 06 Jun 2005 14:06:06 -0400
>
>Javier
>
>This is the same error I got when trying the diff back in March. The
>SELECT statement itself works just fine. I increased the timeout
>value on mysqld to no avail. Here's the only error message on
>nessus.dump:
>
>Could not realloc() a pointer of size 1279611651 !
>
>Alex
>
>Javier Fernandez-Sanguino wrote:
>>the Moonspeller wrote:
>>
>>>
>>>When looking into nessusd.messages...
>>>
>>
>>(...)
>>
>>>[Sun Jun 5 12:36:37 2005][3272] SQL : find by name: "onyxium-gif"
>>>[Sun Jun 5 12:36:37 2005][3272] MYSQL: SELECT hostid FROM host
>>>WHERE name="onyxium-gif" : Lost connection to MySQL server during
>>>query : can't select row
>>>[Sun Jun 5 12:36:37 2005][3272] MATCHED HOSTID: [-1]
>>>
>>
>>Ummm... seems to be a problem when retrieving information from the
>>database. Can you please provide the result of running the SQL
>>query above: 'SELECT hostid FROM host WHERE name="onyxium-gif"'
>>
>>Also, it might be worth checking how the database has been changed
>>since the scan started. Has the 'session' table been modified?
>>
>>The scan bails out because it lose a connection to the MySQL
>>server, the database code currently does not attempt to reconnect
>>in this event and that causes the abrupt en of the scan.
>>
>>If some of the tables were filled in but the code failed in this
>>change it might be due to connection timeout in the MySQL database.
>>The Nessus-SQL code does not explicitly set a timeout so you should
>>be able to handle this through MySQL's configuration file.
>>
>>Regards
>>
>>Javier
>>
>>_______________________________________________
>>Nessus-devel mailing list
>>Nessus-devel@list.nessus.org
>>http://mail.nessus.org/mailman/listinfo/nessus-devel
>
>--
>-- Alex Campoe, CISSP Information Security Manager
>--
>-- Associate Director, Systems
>--
>-- Email: campoe@usf.edu Phone: (813) 974-1796
>--
>-- Academic Computing University of South Florida
>--
>-----------------------------------------------------------------------
><< smime.p7s >>

Re: Re: [Database-devel] Problem with nessus_sql 2.2.3 [ In reply to ]

jfernandez at germinus

Jun 7, 2005, 1:06 AM

Post #7 of 7 (2908 views)

Permalink

the Moonspeller wrote:

> Alex, Javier
>
> This was the first scan i launched. The database is actually empty - so
> is the session table-, and the "select" statement returns no record.

IIRC the database should include some information before that SELECT
statement is run but it's been a while since I played with this code.

>
> I applied the correction to mysql's config timeout value, and got the
> same message
> in nessusd.messages as Alex.

Will take a look at it to see where the problem lies. Last time I
checked the code (in 2.2.3) it did work fine in my environment. I'll
keep you posted.

Regards

Javier

Mailing List Archive

Mailing List Archive

Attached Files: