1 2 Previous Next 11 Replies Latest reply: Feb 5, 2013 8:23 AM by infosecjeff RSS

    Running MVM 7.5 on VMWare Workstation - scan engine cannot communicate with an scan controller

    infosecjeff

      I am running MVM 7.5 on VMWare Workstation - Guest is a Windows 2008 R2 with SQL 2008 R2 Express.  I have all the MVM 7.5 components installed on this server.

      My issue is the scan engine cannot communicate with any scan controllers.  If I fire up Tcpview.exe and watch I can see the scanengine send syn packets to TCP port 3803, but the scan controller isn't listening on that port for some reason even though it is configured to, as observed in the server.config.xml file.

       

      I've installed this on two different VMs and I get the same error.

       

      Here's part of the logfile:

       

      2012-10-04 14:57:00-05:00 |  | 0 | Discovery | 0x086C | The Discovery service has started.

      2012-10-04 14:57:00-05:00 |  | 4 | ScanEngine | 0x0840 | Removing active jobs...

      2012-10-04 14:57:01-05:00 |  | 0 | Assessment | 0x08B4 | Service Started

      2012-10-04 14:57:01-05:00 |  | 0 | Assessment | 0x08C0 | The Assessment service has started.

      2012-10-04 14:57:01-05:00 |  | 4 | Assessment | 0x08C0 | ScriptRegulatorConfig: ScriptRegulator_MaxMemory% = 80, ScriptRegulator_Hysteresis% = 1, ScriptRegulator_SemaphoreMultiplier = 1, ScriptRegulator_ProcessorQueueLengthLimit = 100

      2012-10-04 14:57:01-05:00 |  | 4 | Assessment | 0x08C0 | ScriptRegulatorConfig: MaxMemoryKB = 3313398, HysteresisKB = 41941, SemaphoreCount = 2

      2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ScriptRegulator: ScriptResumeLevelKB = 3271457, OutOfResourcesMinuteCountMax = 4

      2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ScriptRegulator | PrivateUsageKB | PrivateUsage | PrivateUsageDeltaKB | RunningThreads | ParkedThreads | Parked/Total | LoadedScripts | ExecutedScripts | ExecutedScripts/m | Avg.ExecutedScript/m | [Modules] | LoadedGeneral | ExecutedGeneral | ExecutedGeneral/m | LoadedWeb | ExecutedWeb | ExecutedWeb/m | LoadedWham | ExecutedWham | ExecutedWham/m | LoadedWireless | ExecutedWireless | ExecutedWireless/m | LoadedShell | ExecutedShell | ExecutedShell/m | [System] | PagefileUsageKB | PeakPagefileUsageKB | WorkingSetSizeKB | PeakWorkingSetSizeKB | PageFaultCount | GlbTotalPageFile | GlbAvailPageFile | VirtualBytes | VirtualUsage

      2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ThreadManager | [P1] | ActiveThreads | ParkedThreads | ActiveTasks | ParkedTasks | [TM] | ActiveThreads | Avg.Scripts/m | EstimatedTimeInMinutes | ExecutedScripts | ExecutingThreads | WaitingThreads | [Modules] | TotalBatches | TotalTaskGroups | ActiveWorkUnits | InactiveWorkUnits | General-WorkUnits | WebFSL-WorkUnits | WHAM-WorkUnits | Wireless-WorkUnits | Shell-WorkUnits | WebScan-WorkUnits | [Process] | Threads | MemoryUsageKB | VirtualBytes | [System] | ProcessorTime | Threads | PQL | [D1] | ProcessedTasks | CreatedThreads | ReusedThreads | DestroyedThreads | CreateFailedCount |NewThreadRejectionCount/m | PopCount/m | PrecondFailedCount/m | SkippedOverCount/m | Avg.Distance

      2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ThreadManager::Init

      2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ThreadManagerConfig: ThreadManager_MaxMemory% = 70, ThreadManager_MaxVM% = 90, ThreadManager_CriticalMemory% = 60, ThreadManager_CriticalVM% = 89, ThreadManager_MaxAllowedThreads = 1000, ThreadManager_MaxBatchesPerGB = 25, ThreadManager_AllowedWorkloadInWorkUnits = 1000000

      2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08C0 | ThreadManagerConfig: MaxMemoryKB = 2893981, MaxVMKB = 3774758, CriticalMemoryKB = 2474563, CriticalVMKB = 3732816, MaxAllowedThreads = 1000, MaxAllowedBatches = 100, ThreadManager_WaitObjectTimeoutMS = 10000, ThreadPool_WaitObjectTimeoutMS = 1000

      2012-10-04 14:57:03-05:00 |  | 4 | Assessment | 0x08D4 | ThreadManager | [P1] | 0 | 0 | 0 | 0 | [TM] | 0 | 10000 | 0 | 0 | 0 | 0 | [Modules] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | [Process] | 8 | 5108 | 56572 | [System] | 0 | 512 | 0 | [D1] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |

      2012-10-04 14:57:10-05:00 |  | 4 | FSAPI | 0x073C | Connecting to Foundstone Database (server='MVM75\SQLEXPRESS', DBName='faultline', user='faultline', NTAuth=0)

      2012-10-04 14:57:10-05:00 |  | 1 | FSAPI | 0x073C | Foundstone Database connected

      2012-10-04 14:57:10-05:00 |  | 4 | FSAPI | 0x073C | FSAPI Server: Address='MVM75', Port=3800, Certs Path='C:\Program Files (x86)\Foundstone\Configuration', Secure= 1, SendTimeout=6, RecvTimeout=6, uLog=0

      2012-10-04 14:57:10-05:00 |  | 4 | FSAPI | 0x073C | FSComm Server: Certificate - server (C:\Program Files (x86)\Foundstone\Configuration\CustomEngine.pem), ca (C:\Program Files (x86)\Foundstone\Configuration\CustomTrustedCA.pem), dh (C:\Program Files (x86)\Foundstone\Configuration\dh.pem). (0)

      2012-10-04 14:57:10-05:00 |  | 4 | FSAPI | 0x08E4 | FSComm Server: Server Up - https://MVM75:3800 - Send Timeout(6), Receive Timeout(6). (0)

      2012-10-04 14:57:10-05:00 |  | 4 | FSAPI | 0x08E8 | Benchmark Update Monitor active (0)

      2012-10-04 14:58:03-05:00 |  | 4 | Assessment | 0x08D4 | ThreadManager | [P1] | 0 | 0 | 0 | 0 | [TM] | 0 | 10000 | 0 | 0 | 0 | 0 | [Modules] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | [Process] | 8 | 8572 | 62552 | [System] | 2 | 476 | 0 | [D1] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |

      2012-10-04 14:58:30-05:00 |  | 4 | ScanEngine | 0x0840 | BatchCal | ThreadKB | HostKB | HostCount | WhamThreadKB | WhamHostKB | WhamHostCount | TotalHostCount | WorkerThreads | MemAvailKB | ThreadCount | BatchCostKB | EstimatedTotalKB | ActualTotalKB

      2012-10-04 14:58:30-05:00 |  | 4 | ScanEngine | 0x0840 | AsstStat | TotalHosts | ScanResp | Duration | TotalPhys | AvailPhys | TotalPF | AvailPF | TotalVM | AvailVM | AvailExt | CommitTotal | CommitLimit | CommitPeak | WhamHosts | OtherHosts | RecoveryCount | AsstIndex | BatchCount

      2012-10-04 14:58:30-05:00 |  | 2 | ScanEngine | 0x0840 | WARNING: IPv6 network stack is unavailable; all IPv6 addresses will be ignored.

      2012-10-04 14:58:30-05:00 |  | 4 | ScanEngine | 0x0B7C | CNCDThread::ThreadFunc: Running...

      2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0838 | ENGINESTATE_RECOVERING

      2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0B90 | ScanEngine::ThreadFunc: Running...

      2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | SaaSController::ThreadFunc: Running...

      2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0BC0 | SaaSUploader::ThreadFunc: Running...

      2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0BC0 | ThreadPool usage: High=1, Low=1, Shared=8

      2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | FSScanEngine: Log=0, LogXML=0, ThreadPool_Debug=0

      2012-10-04 14:58:31-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | Posting EngineStatus - Immediately (with 3 minute timeout)

      2012-10-04 14:58:32-05:00 |  | 1 | ScanEngineSvc | 0x0B94 | CommHTTP::Connect: Unable to connect to (HTTPS)MVM75:3803. COpenSSLSocket::Connect - tcp connect failed

      2012-10-04 14:58:32-05:00 |  | 2 | ScanEngineSvc | 0x0B94 | CommHTTP::PostResource returns (0xa0fbf061)[E_ENGINE_HTTP_CONNECT_FAIL]

      2012-10-04 14:58:32-05:00 |  | 2 | ScanEngineSvc | 0x0B94 | CommHTTP::PostEngineStatus returns (0xa0fbf061)[E_ENGINE_HTTP_CONNECT_FAIL]

      2012-10-04 14:58:33-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | Starting up the engine...

      2012-10-04 14:58:33-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | Begin system operation...

      2012-10-04 14:58:33-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | End system operation.

      2012-10-04 14:58:33-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | ENGINESTATE_RUNNING

      2012-10-04 14:58:33-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | The engine is running.

      2012-10-04 14:58:33-05:00 |  | 4 | Assessment | 0x08D4 | ThreadManager - Invoke OnStatus(normal)

      2012-10-04 14:58:33-05:00 |  | 4 | Assessment | 0x08D4 | ThreadManager! | [P1] | 0 | 0 | 0 | 0 | [TM] | 0 | 10000 | 0 | 0 | 0 | 0 | [Modules] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | [Process] | 10 | 17648 | 73580 | [System] | 42 | 572 | 2 | [D1] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |

      2012-10-04 14:58:33-05:00 | <?xml version="1.0" encoding="utf-16" ?>

      <AssessmentStatus>

      <Process status="normal" />

      </AssessmentStatus> | -2 | Assessment | 0x08D4 | No listeners registered for "Assessment::OnProcessStatus" event.

      2012-10-04 14:59:03-05:00 |  | 4 | Assessment | 0x08D4 | ThreadManager | [P1] | 0 | 0 | 0 | 0 | [TM] | 0 | 10000 | 0 | 0 | 0 | 0 | [Modules] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | [Process] | 10 | 17648 | 73580 | [System] | 50 | 553 | 0 | [D1] | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |

      2012-10-04 14:59:31-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | FSScanEngine: Log=0, LogXML=0, ThreadPool_Debug=0

      2012-10-04 14:59:31-05:00 |  | 4 | ScanEngineSvc | 0x0B94 | Re-posting EngineStatus...

      2012-10-04 14:59:32-05:00 |  | 1 | ScanEngineSvc | 0x0B94 | CommHTTP::Connect: Unable to connect to (HTTPS)MVM75:3803. COpenSSLSocket::Connect - tcp connect failed

      2012-10-04 14:59:32-05:00 |  | 2 | ScanEngineSvc | 0x0B94 | CommHTTP::PostResource returns (0xa0fbf061)[E_ENGINE_HTTP_CONNECT_FAIL]

      2012-10-04 14:59:32-05:00 |  | 2 | ScanEngineSvc | 0x0B94 | CommHTTP::PostEngineStatus returns (0xa0fbf061)[E_ENGINE_HTTP_CONNECT_FAIL]

        1 2 Previous Next