Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Oct 25 10:02
    schewara assigned #293
  • Oct 25 10:02
    schewara labeled #293
  • Oct 25 10:02
    schewara assigned #293
  • Oct 25 10:02
    schewara opened #293
  • Oct 25 09:02
    schewara commented #237
  • Oct 22 08:12
    Dexus commented #292
  • Oct 22 08:03
    rvisc commented #292
  • Oct 22 07:45
    Dexus commented #292
  • Oct 22 07:40
    rvisc commented #292
  • Oct 20 11:34
    Dexus commented #292
  • Oct 20 10:58
    Dexus commented #292
  • Oct 20 10:10
    rvisc commented #292
  • Oct 19 14:13
    Dexus closed #292
  • Oct 19 14:13
    Dexus commented #292
  • Oct 19 14:13
    Dexus labeled #292
  • Oct 19 14:13
    Dexus unlabeled #292
  • Oct 19 14:13
    Dexus labeled #292
  • Oct 19 14:11
    rvisc assigned #292
  • Oct 19 14:11
    rvisc labeled #292
  • Oct 19 14:11
    rvisc assigned #292
Mark De Silva
@markdesilva
With the gvm-libs 2.80.1, which will fix the "nvt family" issue, do I need to also do a pull for the scanners?
Mark De Silva
@markdesilva
Deleted last 2 posts because the issues were my own stupidity, no need to clog up the conversation with it. Sorry.
Mark De Silva
@markdesilva

Anyone else seeing a deluge of these messages in the logs?

main:WARNING:......: There was a problem trying to load ..... This may be due to a parse error, or it failed to find the dependency. Please check the path to the file.

https://community.greenbone.net/t/nasl-dependencies-problem-loading/8612

The above link says it should resolve with a feed update, but it doesn't.

Mark De Silva
@markdesilva

And anyone else getting subnet scans with and without exclusion being interrupted at 99%?

Nothing in the logs to indicate why, just says

OSPD[174] 2021-03-27 23:15:10,880: INFO: (ospd.ospd) d82570be-b377-4b69-ae0c-0cfd017ca857: Scan stopped with errors.
OSPD[174] 2021-03-27 23:15:10,880: INFO: (ospd.ospd) d82570be-b377-4b69-ae0c-0cfd017ca857: Scan interrupted.

Funny thing is that the scan for all the machines is completed, it just doesn't finish properly and gets interrupted. Started happening only in the last 2 weeks.

Mark De Silva
@markdesilva
Noticed something else. My container auto restarts after reboot. But rebooting always results in the "socket not being available" even when the container apparently starts up. Scanner verification fails. So I have to restart the container then the socket becomes available.
Mark De Silva
@markdesilva
And where can I enable test_alive_hosts_only? I can't find openvas.conf
Mark De Silva
@markdesilva
pixel is the scanner image for remote scanner going to be updated to 20.8.1 from 20.8.0? Getting errors for scans from remote scanners

Report outdated / end-of-life Scan Engine / Environment (local)

Summary
This script checks and reports an outdated or end-of-life scan engine for the following environments:

  • Greenbone Source Edition (GSE)

  • Greenbone Security Manager TRIAL (formerly Greenbone Community Edition (GCE))

    used for this scan.

    NOTE: While this is not, in and of itself, a security vulnerability, a severity is reported to
    make you aware of a possible decreased scan coverage or missing detection of vulnerabilities on
    the target due to e.g.:

  • missing functionalities

  • missing bugfixes

  • incompatibilities within the feed
    Detection Result

Installed GVM Libraries (gvm-libs) version: 20.8.0
Latest available GVM Libraries (gvm-libs) version: 20.8.1
Reference URL(s) for the latest available version: https://community.greenbone.net/t/gvm-20-08-stable-initial-release-2020-08-12/6312

Mark De Silva
@markdesilva
funny thing is main scanner image gvm-docker is already using 20.8.1 but its still complaining that the installed gvm-libs are 20.8.0
Joshua Schmitt
@pixelsquared
@markdesilva I am working on the upgrade here Secure-Compliance-Solutions-LLC/GVM-Docker#160
Mark De Silva
@markdesilva
Thanks Joshua!
Mark De Silva
@markdesilva
Hi Joshua, can we pull the new version already? Saw there was an update to the dockerfile. And what about openvas-docker for the remote scanner? Do we just pull again and set up the keys as new keys? Thank you.
Joshua Schmitt
@pixelsquared
@markdesilva I am going to update the openvas-docker today and do a release for both
Joshua Schmitt
@pixelsquared
I was not able to update yesterday like I said hopefully today I can push the update
Joshua Schmitt
@pixelsquared
I am having issues with the image upgrade to the new version from the old one so I have not pushed the update yet if anyone could help find the issue that would be helpful.
Mark De Silva
@markdesilva
Hi Joshua, not sure what I can do to help. What are the issues you’re having? Is it the same as the problem upgrading from v11?
Mark De Silva
@markdesilva
Hi any updates?
Joshua Schmitt
@pixelsquared
Yes I have fixed the first issue but another one has appeared and I am working on resolving
@markdesilva ^
the first issue was this gvm issue greenbone/gvmd#1497
so I have set the image to the commit to fix the issue
I just think I found a solution to the current issue and am testing it now
Mark De Silva
@markdesilva
Thanks!
Mark De Silva
@markdesilva
just to confirm, to install the new version i only need to pull securecompliance/gvm:latest? Or i need to specify the actual version? I noticed it was stated pre -release.
Mark De Silva
@markdesilva
I pulled the latest, logs still says container 20.04. docker image ls shows created 2 months ago.
Ran a scan its still saying End-of-life scan engine
Mark De Silva
@markdesilva
Pulled ‘master’ then it works shows 21.04
Mark De Silva
@markdesilva
Unfortunately all past reports cant be displayed. The error is “TypeError: e is undefined”
Mark De Silva
@markdesilva
Even scans done with new version the same error on the reports “TypeError: e is undefined”
Mark De Silva
@markdesilva
Openvas-docker for the scanners, pulled ‘master’ and ‘latest’ still shows using old engine ‘End-of-life scan engine’. Logs show openvas version is 20.8.1
Joshua Schmitt
@pixelsquared
@markdesilva yep I had that same issue as well still working on it but I have made progress
Mark De Silva
@markdesilva

When trying to run the 21.04 without using old databases, I get this error:

9:C 28 Apr 2021 14:16:12.287 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo 9:C 28 Apr 2021 14:16:12.287 # Redis version=6.0.6, bits=64, commit=00000000, modified=0, pid=9, just started 9:C 28 Apr 2021 14:16:12.287 # Configuration loaded Wait for redis socket to be created... Testing redis status... Redis ready. Starting PostgreSQL... pg_ctl: another server might be running; trying to start server anyway waiting for server to start....2021-04-28 14:16:13.327 UTC [22] LOG: starting PostgreSQL 12.6 (Ubuntu 12.6-1.pgdg20.10+1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 10.2.0-13ubuntu1) 10.2.0, 64-bit 2021-04-28 14:16:13.327 UTC [22] LOG: listening on IPv4 address "0.0.0.0", port 5432 2021-04-28 14:16:13.327 UTC [22] LOG: listening on IPv6 address "::", port 5432 2021-04-28 14:16:13.329 UTC [22] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432" 2021-04-28 14:16:13.340 UTC [23] LOG: database system was interrupted; last known up at 2021-04-28 14:16:09 UTC 2021-04-28 14:16:13.437 UTC [23] LOG: database system was not properly shut down; automatic recovery in progress 2021-04-28 14:16:13.438 UTC [23] LOG: redo starts at 0/1C98530 2021-04-28 14:16:13.441 UTC [23] LOG: invalid record length at 0/1D70788: wanted 24, got 0 2021-04-28 14:16:13.441 UTC [23] LOG: redo done at 0/1D70760 2021-04-28 14:16:13.501 UTC [22] LOG: database system is ready to accept connections done server started NOTICE: relation "vt_severities" already exists, skipping CREATE TABLE ALTER TABLE UPDATE 0 ALTER TABLE Failed to connect to /var/run/ospd/ospd.sock. Failed to rebuild NVT cache.

Mark De Silva
@markdesilva

Hi @pixelsquared, not sure what happened, but somehow the reports are now working? This is what I recall doing:

1) renamed /var/lib/docker/volumes/gvm-data to something else (eg: /var/lib/docker/volumes/gvm-data.org)
2) created /var/lib/docker/volumes/gvm-data/_data
3) ran the docker command to start gvm
4) docker fails with "Failed to connect to /var/run/ospd/ospd.sock"
5) rm -f /var/lib/docker/volumes/gvm-data
6) mv /var/lib/docker/volumes/gvm-data.org /var/lib/docker/volumes/gvm-data
7) run docker command to start gvm
8) let it update all the nvts, cert and scap data
9) left it alone for about an hour or so (saw this in the last line of logs : "md main:MESSAGE:2021-04-28 15h07.26 utc:407: update_nvt_cache_retry: rebuild successful")
10) checked the reports and all were ok
11) ran a new scan and checked the report - also ok

Joshua Schmitt
@pixelsquared
hmmm
Joshua Schmitt
@pixelsquared
@markdesilva Ok I think the newest version of master will now upgrade without issue
but I am still double checking that everything is working right
Mark De Silva
@markdesilva
@pixelsquared GVM is ok for me now, scanners latest master are using 21.04 after the latest pull and their scans are ok as well. Thanks!
Marshall Hallenbeck
@Marshall-Hallenbeck
I keep getting "Updating NVTs...
rsync: [Receiver] failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: [Receiver] failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Cannot assign requested address (99)
rsync error: error in socket IO (code 10) at clientserver.c(137) [Receiver=3.2.3]" as an error
This was previously working ,was something updated that borked the update URL? when I navigate to that it just redirs to their homepage
Austin Songer
@austinsonger
Austin Songer
@austinsonger
Josef Fröhle
@Dexus
Hallo, Hello, Hola!
Josef Fröhle
@Dexus
@austinsonger Is this server still in use?
Austin Songer
@austinsonger
Yes it's still in use. But lately it's been quiet, so I don't check as often.
Thomas
@RandomInsomnia_twitter
Hi Guys. Where can I read up on the meaning of the new version/release tags / branches (, -data, -full, -data-full) in the repository? Any discussion threads or something where there's some clue on the rationale behind this? Any github issue tracker number to follow up on?
Eduardo Ellery
@EduardoEllery_twitter

Hi! I'd like to say that the comentation might be wrong! When I start with this:

docker run --detach --publish 8080:9392

I can't access, however, if I use like this:

docker run --detach --publish 9392:9392

It works! Am I right or misunderstood something?

Documentation here: https://securecompliance.gitbook.io/projects/openvas-greenbone-deployment-full-guide/deploying-greenbone-gvm-gsa-with-openvas

Thomas
@RandomInsomnia_twitter
Hi Eduardo! The port you exchanged for 9392 is the port mapped from the docker host to port 9392 inside the gvm container. Probably you have another container already using/mapping port 8080. Have you checked the docker/host logs for errors? Check output of "sudo netstat -tnlp|grep 8080" on the host for port 8080, as well as the output of "docker ps" (do "docker ps|grep 8080" or "sudo docker ps|grep 8080")
eduardoellery
@eduardoellery

Hi Eduardo! The port you exchanged for 9392 is the port mapped from the docker host to port 9392 inside the gvm container. Probably you have another container already using/mapping port 8080. Have you checked the docker/host logs for errors? Check output of "sudo netstat -tnlp|grep 8080" on the host for port 8080, as well as the output of "docker ps" (do "docker ps|grep 8080" or "sudo docker ps|grep 8080")

It was the only container running in my machine and one friend send the following command, that worked for me:
docker run -d -p 9392:9392 -p 9390:9390 -e PASSWORD="mypass" -v /gvm/data:/data --name gvm securecompliance/gvm:latest

eduardoellery
@eduardoellery

Do you guys recognize any solution for this error?

There is this moment that a few errors appears:

Downloading data TAR to speed up first sync...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:04 --:--:-- 0curl: (6) Could not resolve host: vulndata.securecompliance.solutions
Extracting data TAR...
tar: can't open '/tmp/data.tar.xz': No such file or directory
cp: cannot stat '/tmp/data/nvt-feed/': No such file or directory
cp: cannot stat '/tmp/data/gvmd-data/
': No such file or directory
cp: cannot stat '/tmp/data/scap-data/': No such file or directory
cp: cannot stat '/tmp/data/cert-data/
': No such file or directory
rm: cannot remove '/tmp/data.tar.xz': No such file or directory
Updating NVTs...

ncalsteveg
@ncalsteveg
I have been trying to setup openvas using docker compose. I seem to have everything working, everything starts seems to be going good. The issue I am running into is that there are no port lists or scans configured. Is this the expected behavior of this implementation, meaning there is an additional step to sync those, or does this sound like a problem. When I got into administration feed status the GVMD_DATA does show processing and once complete it now says the status is 12 Days old