I’m testing the capacity of GVM-9 to scan large networks (eg; more thant 4096 IP addresses) in one task. So I have restarted openvasmd with option --max-ips-per-target=8128. So far so good.
I created a target of 6000+ hosts and tried to run the scan. Immediately after that, the scan fails with error 503, service temporarily down. openvasmd.log just log “Task XXX (…) could not be started by admin”
Strange things happens. By default the order of target hosts is set to sequential. If I change this to Random, then the scan will start without errors ??!!
Sorry Lukas I don’t understand what you mean. If this wasn’t supported by default, why would there be this option --max-ips-per-target, with a hard coded limit to 65535 ? And why would that work anyway in random mode but not in sequential ?
Because it is a very bad idea to scan such a big number of hosts and it creates a lot of issues. It’s opening a can of worms. Therefore we are setting a hard limit. You still can patch the sources if you think you really need to do that. But please be aware we wont give any further advises here or offer any help. We made this hard limit on intention!
We only support the GCE and our Appliances, everything else is on your own risk. Due to the fact that this is not an issue with the GCE, you are on your own.
Currently it isn’t possible to use random order with this number of hosts. But we already fixed it and the fixes will be shipped with the next releases.
Thanks a lot bricks. It’s only for testing at this point, so no worries and there is a workaround anyway. I will report to this forum how the scanning goes with such large targets; for the knowledge database at least.