Test alive hosts only #456
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Instead of filtering for every host individually we filter by port. This way we can filter for many hosts without running in memory issues with too big filter descriptions. A new hashtable of the target hosts is used for not including alive hosts we do not want to scan by mistake.
Add icmp ping capability. Is commented out for now because no mechanism for multiple metods exist for now.
Use hachtables instead of gvm_hosts_t struct. Add function for icmp pings.
Function for tcp syn which is to be used by g_hash_table_foreach().
Do not initialize main_kb every time we want to use it.
Packet sniffer can handle IPv4 and IPv6 packets now. ICMPv6 was simplified and is working as expected now.
Simplify icmp (ipv4). Kernel builds ipv4 header for us now.
Temp addition of socket. Will be changed in the future.
Ospd puts alive_detection flag in redis. Openvas stores it in a hashtable we can access.
On ospd side it is checked if openvas conf 'test_alive_hosts_only' is set to 'yes'. If it is set, put the ALIVE_TEST enum in redis which is read by openvas on startup and available via hashtable lookup by prefs_get().
Add basic arp ping functionlity.
One function for getting sockets. Scanner structure with everything needed for scanning. Hosts data strukture which holds the hashtables. Only one sniffer thread instead of starting and stopping. Clean init and free function.
Only init source addresses once and reuse them. Improve checksum function.
Better error handling and error messages. Use memset, memcpy etc. instead of deprecated functions.
Use different redis connection for pushing and popping. When alive_detection crashed we wound get segfault or error.
Somehow pcpa_breakloop seems to work only if this option is set.
Timeout for how long to wait for replies after last packet was sent.
Make private functions static and add or remove __attribte__ ((unused)) where needed.
This way we can ping broadcast addresses and do not get permission denied error while pinging.
This was referenced Feb 27, 2020
jjnicola
previously approved these changes
Mar 13, 2020
jjnicola
approved these changes
Mar 13, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When the scanner preference
test_alive_hosts_onlyis set toyesonly alive hosts are tested by the scanner. This feature is still work in progress, hanging scans or unexpected behavior may occur.Depends on:
You have to change the scanner plugin
ping_host.naslto not run a second alive detection scan. Add the following to the beginning (before or after the function definitions) ofping_host.nasl.How fast the alive scanner sends out pings can be specified by the
BURSTandBURST_TIMEOUTmacros inalivedetection.h.