[Openstack] [Neutron] Scan IPs belongin to private networks
Ageeleshwar Kandavelu
Ageeleshwar.Kandavelu at csscorp.com
Thu Apr 17 10:10:15 UTC 2014
The private network is accessible from the net namespace belonging to the router attaching your private network and the external network. As far as I know you would be able to scan the private network from inside the namespace and not anywhere else.
Do let me know if that answered your question and also if you are able to find an alternative please share.
Thank you,
Ageeleshwar K
________________________________
From: ZIBA Romain [Romain.ZIBA at eurogiciel.fr]
Sent: Thursday, April 17, 2014 2:59 PM
To: Ageeleshwar Kandavelu; openstack at lists.openstack.org
Subject: RE: [Openstack] [Neutron] Scan IPs belongin to private networks
Hi,
Yes I am using neutron-openvswitch-plugin. In order to access the instances, I have an external network with router and floating ips. Otherwise, I can only access them from the controller/networking node using IP NETNS.
I would rather not scan the floating ips because an instance may not have one.
Best regards,
Romain Z.
De : Ageeleshwar Kandavelu [mailto:Ageeleshwar.Kandavelu at csscorp.com]
Envoyé : jeudi 17 avril 2014 09:10
À : ZIBA Romain; openstack at lists.openstack.org
Objet : RE: [Openstack] [Neutron] Scan IPs belongin to private networks
The private networks in openstack will not be accessible from outside openstack.
Based on the kind of setup you have there are certain places from where you could launch a scan.
You have give the below information.
Are you using neutron-openvswitch-plugin?
How do you access the instances in the private network( do you have and external network, router and floating ip) ?
Thank you,
Ageeleshwar K
________________________________
From: ZIBA Romain [Romain.ZIBA at eurogiciel.fr]
Sent: Wednesday, April 16, 2014 8:49 PM
To: openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Subject: [Openstack] [Neutron] Scan IPs belongin to private networks
Hello everyone,
I have an Openstack infranstructure up and running with Neutron using GRE tunnel thanks to Openvswitch. I can create networks, subnets, floating IPs and private IPs. Now, I would like to scan my VMs for security purposes.
Do you know if it is possible to scan private IPs with a tool such as OpenVas?
Thanks beforehand & best regards.
Romain.
http://www.csscorp.com/common/email-disclaimer.php
http://www.csscorp.com/common/email-disclaimer.php
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140417/33fadab4/attachment.html>
More information about the Openstack
mailing list