Hello,
I have a docker container OpenVAS on a Windows Machine , running in Docker Desktop. When I run a scan and look at the report it says Error Messages “NVT timed out after 320 seconds” . In my last scan there were 720 of them. I am running unauthenticated scans. Please help to fix this. What is the best way of using Greenbone, with docker, from source, on a linux machine ,etc ? Thank you.
You need a full Linux kernel. The Windows Kernel does not provide the full low-level functions to be able to execute a scan. Either via Hypervisor or native.
I thought all instances of Greenbone will have same functionality? If this is the case , that I need full blown Linux install , can you share the correct and best way for installing so I can have full functionality and provide best resources? I want to follow a guide for the installation. Thank you.
You are free to report the missing functionality here:
It´s not a GNU/Linux system, you just need a Linux Kernel with all kernel functions.
You can give WSL2 a try, that has a full 4.x Kernel.
I think Lukas may be referring to the fact that your host system running Docker does not meet the minimum requirements for running Docker. See: Install Docker Desktop on Windows | Docker Documentation
its not cause of WSL1, i mean it may present its own challenges ( though it has worked in my limited use of it for one off OpenVAS scans) because I’m am also encountering the same error for most of the NVTs the equivlaent of scanning a /24 on restricted internal network segnemnts that the Greenbone’ Subnet whitelisted on the ACLs . I think its catching on some rate limiting kicking in either on the target host or possibly the firewall its traversing. Because we have a fully licensed paid Greenbone CENO VM instance hosted on a dedicated GreenboneOS VM on on prem cloud and its giving the same error on getting only a few IPs into a 200 ip scan that hybridizes the discovery scan, system discovery scan and host discovery scan profiles and adds a handful more configs.
By comparison i also have Kali running on W11 on WSL1 ( because of the VPN traversal issues with connectivity for WSL2. I only use it for quick scans of host 1 to maybe ad dozen hosts at a time but it works like a charm usually off WSL1, to my understanding containerized environments do have a full kernel, they just share the kernel and between the containers.