Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
3874 Views 11 Replies Latest reply: Feb 5, 2013 8:23 AM by infosecjeff RSS 1 2 Previous Next
infosecjeff Newcomer 44 posts since
Sep 11, 2010
Currently Being Moderated

Oct 4, 2012 4:42 PM

Running MVM 7.5 on VMWare Workstation - scan engine cannot communicate with an scan controller

I am running MVM 7.5 on VMWare Workstation - Guest is a Windows 2008 R2 with SQL 2008 R2 Express.  I have all the MVM 7.5 components installed on this server.

My issue is the scan engine cannot communicate with any scan controllers.  If I fire up Tcpview.exe and watch I can see the scanengine send syn packets to TCP port 3803, but the scan controller isn't listening on that port for some reason even though it is configured to, as observed in the server.config.xml file.

 

I've installed this on two different VMs and I get the same error.

 

Here's part of the logfile:

 

2012-10-04 14:57:00-05:00 |  | 0 | Discovery | 0x086C | The Discovery service has started.

2012-10-04 14:57:00-05:00 |  | 4 | ScanEngine | 0x0840 | Removing active jobs...

2012-10-04 14:57:01-05:00 |  | 0 | Assessment | 0x08B4 | Service Started

2012-10-04 14:57:01-05:00 |  | 0 | Assessment | 0x08C0 | The Assessment service has started.

2012-10-04 14:57:01-05:00 |  | 4 | Assessment | 0x08C0 | ScriptRegulatorConfig: ScriptRegulator_MaxMemory% = 80, ScriptRegulator_Hysteresis% = 1, ScriptRegulator_SemaphoreMultiplier = 1, ScriptRegulator_ProcessorQueueLengthLimit = 100

2012-10-04 14:57:01-05:00 |  | 4 | Assessment | 0x08C0 | ScriptRegulatorConfig: MaxMemoryKB = 3313398, HysteresisKB = 41941, SemaphoreCount = 2

2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ScriptRegulator: ScriptResumeLevelKB = 3271457, OutOfResourcesMinuteCountMax = 4

2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ScriptRegulator | PrivateUsageKB | PrivateUsage | PrivateUsageDeltaKB | RunningThreads | ParkedThreads | Parked/Total | LoadedScripts | ExecutedScripts | ExecutedScripts/m | Avg.ExecutedScript/m | [Modules] | LoadedGeneral | ExecutedGeneral | ExecutedGeneral/m | LoadedWeb | ExecutedWeb | ExecutedWeb/m | LoadedWham | ExecutedWham | ExecutedWham/m | LoadedWireless | ExecutedWireless | ExecutedWireless/m | LoadedShell | ExecutedShell | ExecutedShell/m | [System] | PagefileUsageKB | PeakPagefileUsageKB | WorkingSetSizeKB | PeakWorkingSetSizeKB | PageFaultCount | GlbTotalPageFile | GlbAvailPageFile | VirtualBytes | VirtualUsage

2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ThreadManager | [P1] | ActiveThreads | ParkedThreads | ActiveTasks | ParkedTasks | [TM] | ActiveThreads | Avg.Scripts/m | EstimatedTimeInMinutes | ExecutedScripts | ExecutingThreads | WaitingThreads | [Modules] | TotalBatches | TotalTaskGroups | ActiveWorkUnits | InactiveWorkUnits | General-WorkUnits | WebFSL-WorkUnits | WHAM-WorkUnits | Wireless-WorkUnits | Shell-WorkUnits | WebScan-WorkUnits | [Process] | Threads | MemoryUsageKB | VirtualBytes | [System] | ProcessorTime | Threads | PQL | [D1] | ProcessedTasks | CreatedThreads | ReusedThreads | DestroyedThreads | CreateFailedCount |NewThreadRejectionCount/m | PopCount/m | PrecondFailedCount/m | SkippedOverCount/m | Avg.Distance

2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ThreadManager::Init

2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ThreadManagerConfig: ThreadManager_MaxMemory% = 70, ThreadManager_MaxVM% = 90, ThreadManager_CriticalMemory% = 60, ThreadManager_CriticalVM% = 89, ThreadManager_MaxAllowedThreads = 1000, ThreadManager_MaxBatchesPerGB = 25, ThreadManager_AllowedWorkloadInWorkUnits = 1000000

2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ThreadManagerConfig: MaxMemoryKB = 2893981, MaxVMKB = 3774758, CriticalMemoryKB = 2474563, CriticalVMKB = 3732816, MaxAllowedThreads = 1000, MaxAllowedBatches = 100, ThreadManager_WaitObjectTimeoutMS = 10000, ThreadPool_WaitObjectTimeoutMS = 1000

2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08D4 | ThreadManager | [P1] | 0 | 0 | 0 | 0 | [TM] | 0 | 10000 | 0 | 0 | 0 | 0 | [Modules] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | [Process] | 8 | 5108 | 56572 | [System] | 0 | 512 | 0 | [D1] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |

2012-10-04 14:57:10-05:00 |  | 4 | FSAPI | 0x073C | Connecting to Foundstone Database (server='MVM75\SQLEXPRESS', DBName='faultline', user='faultline', NTAuth=0)

2012-10-04 14:57:10-05:00 |  | 1 | FSAPI | 0x073C | Foundstone Database connected

2012-10-04 14:57:10-05:00 |  | 4 | FSAPI | 0x073C | FSAPI Server: Address='MVM75', Port=3800, Certs Path='C:\Program Files (x86)\Foundstone\Configuration', Secure= 1, SendTimeout=6, RecvTimeout=6, uLog=0

2012-10-04 14:57:10-05:00 |  | 4 | FSAPI | 0x073C | FSComm Server: Certificate - server (C:\Program Files (x86)\Foundstone\Configuration\CustomEngine.pem), ca (C:\Program Files (x86)\Foundstone\Configuration\CustomTrustedCA.pem), dh (C:\Program Files (x86)\Foundstone\Configuration\dh.pem). (0)

2012-10-04 14:57:10-05:00 |  | 4 | FSAPI | 0x08E4 | FSComm Server: Server Up - https://MVM75:3800 - Send Timeout(6), Receive Timeout(6). (0)

2012-10-04 14:57:10-05:00 |  | 4 | FSAPI | 0x08E8 | Benchmark Update Monitor active (0)

2012-10-04 14:58:03-05:00 |  | 4 | Assessment | 0x08D4 | ThreadManager | [P1] | 0 | 0 | 0 | 0 | [TM] | 0 | 10000 | 0 | 0 | 0 | 0 | [Modules] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | [Process] | 8 | 8572 | 62552 | [System] | 2 | 476 | 0 | [D1] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |

2012-10-04 14:58:30-05:00 |  | 4 | ScanEngine | 0x0840 | BatchCal | ThreadKB | HostKB | HostCount | WhamThreadKB | WhamHostKB | WhamHostCount | TotalHostCount | WorkerThreads | MemAvailKB | ThreadCount | BatchCostKB | EstimatedTotalKB | ActualTotalKB

2012-10-04 14:58:30-05:00 |  | 4 | ScanEngine | 0x0840 | AsstStat | TotalHosts | ScanResp | Duration | TotalPhys | AvailPhys | TotalPF | AvailPF | TotalVM | AvailVM | AvailExt | CommitTotal | CommitLimit | CommitPeak | WhamHosts | OtherHosts | RecoveryCount | AsstIndex | BatchCount

2012-10-04 14:58:30-05:00 |  | 2 | ScanEngine | 0x0840 | WARNING: IPv6 network stack is unavailable; all IPv6 addresses will be ignored.

2012-10-04 14:58:30-05:00 |  | 4 | ScanEngine | 0x0B7C | CNCDThread::ThreadFunc: Running...

2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0838 | ENGINESTATE_RECOVERING

2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0B90 | ScanEngine::ThreadFunc: Running...

2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | SaaSController::ThreadFunc: Running...

2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0BC0 | SaaSUploader::ThreadFunc: Running...

2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0BC0 | ThreadPool usage: High=1, Low=1, Shared=8

2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | FSScanEngine: Log=0, LogXML=0, ThreadPool_Debug=0

2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | Posting EngineStatus - Immediately (with 3 minute timeout)

2012-10-04 14:58:32-05:00 |  | 1 | ScanEngineSvc | 0x0B94 | CommHTTP::Connect: Unable to connect to (HTTPS)MVM75:3803. COpenSSLSocket::Connect - tcp connect failed

2012-10-04 14:58:32-05:00 |  | 2 | ScanEngineSvc | 0x0B94 | CommHTTP::PostResource returns (0xa0fbf061)[E_ENGINE_HTTP_CONNECT_FAIL]

2012-10-04 14:58:32-05:00 |  | 2 | ScanEngineSvc | 0x0B94 | CommHTTP::PostEngineStatus returns (0xa0fbf061)[E_ENGINE_HTTP_CONNECT_FAIL]

2012-10-04 14:58:33-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | Starting up the engine...

2012-10-04 14:58:33-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | Begin system operation...

2012-10-04 14:58:33-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | End system operation.

2012-10-04 14:58:33-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | ENGINESTATE_RUNNING

2012-10-04 14:58:33-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | The engine is running.

2012-10-04 14:58:33-05:00 |  | 4 | Assessment | 0x08D4 | ThreadManager - Invoke OnStatus(normal)

2012-10-04 14:58:33-05:00 |  | 4 | Assessment | 0x08D4 | ThreadManager! | [P1] | 0 | 0 | 0 | 0 | [TM] | 0 | 10000 | 0 | 0 | 0 | 0 | [Modules] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | [Process] | 10 | 17648 | 73580 | [System] | 42 | 572 | 2 | [D1] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |

2012-10-04 14:58:33-05:00 | <?xml version="1.0" encoding="utf-16" ?>

<AssessmentStatus>

<Process status="normal" />

</AssessmentStatus> | -2 | Assessment | 0x08D4 | No listeners registered for "Assessment::OnProcessStatus" event.

2012-10-04 14:59:03-05:00 |  | 4 | Assessment | 0x08D4 | ThreadManager | [P1] | 0 | 0 | 0 | 0 | [TM] | 0 | 10000 | 0 | 0 | 0 | 0 | [Modules] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | [Process] | 10 | 17648 | 73580 | [System] | 50 | 553 | 0 | [D1] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |

2012-10-04 14:59:31-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | FSScanEngine: Log=0, LogXML=0, ThreadPool_Debug=0

2012-10-04 14:59:31-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | Re-posting EngineStatus...

2012-10-04 14:59:32-05:00 |  | 1 | ScanEngineSvc | 0x0B94 | CommHTTP::Connect: Unable to connect to (HTTPS)MVM75:3803. COpenSSLSocket::Connect - tcp connect failed

2012-10-04 14:59:32-05:00 |  | 2 | ScanEngineSvc | 0x0B94 | CommHTTP::PostResource returns (0xa0fbf061)[E_ENGINE_HTTP_CONNECT_FAIL]

2012-10-04 14:59:32-05:00 |  | 2 | ScanEngineSvc | 0x0B94 | CommHTTP::PostEngineStatus returns (0xa0fbf061)[E_ENGINE_HTTP_CONNECT_FAIL]

1 2 Previous Next

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points