I have just finished setup gvm on kali linux purple and able to login to the UI. I tried to follow the doc by adding a target using the IP, whenever I run scan I get
Blockquote
Failed to find config ‘daba56c8-73ec-11df-a475-002264764cea’
could you please use the search with this term to find appropriate help. There are many messages about this topic. Most of the time you just need to patient until the data from the feed has been loaded finally. This can take a long time up to hours.
Thanks bricks I searched but did not find the appropriate answer. I reran this morning at 7AM Preformatted textsudo greenbone-feed-sync --type nvt
it finished 10 minutes later, waited until now, which is 4 PM more than 7 hours, when I try a target I get the exact same error.
Alos, when I try to run the 2nd sync sudo greenbone-feed-sync --type scap
I get
Blockquote
Failed to acquire lock, waiting for 5 sends and will retry
Please check the Feed Status page in the web interface if the feed data is loaded currently. The feed sync consists of downloading the data via the greenbone-feed-sync script and loading of the data by the daemons. Most likely if you get a locked message from greenbone-feed-sync the daemons are currently loading the data already. Loading the data can take a lot of time up to several hours. Especially for the initial first sync.
It was also mentioned in a few existing topics that enough resources in form of RAM and CPU needs to be assigned to the VM. Not sure about the exact details but i wouldn’t even start with less then 4 Cores and 4-6 GB of RAM.
Youupi, now status for all Feeds are current and scan for the target worked like a charm. Thanks for the hint about feeds, it really took a lot of time.
By the way, can I target a subnet lets say my home office machines inside a subnet 10.10.1.0 so Greenbone scans all existing machines inside instead of defining targets one by one?
Such a pain!
Same error on freshly installed Debian and following the Greenbone docker approach.
A million possible fixes, but none seem to work effectively.
Suggestion: create VMs (HyperV, VNware, VirtualBox, …) that actually work out of the gate.
Most of the time the fix is to be patient and wait until the feed data has been loaded. Take a look at the logs especially at the gvmd logs to follow what’s going on actually. I’ve written a lot about that in the build from source guide.
After 8 hours the Feed status was current for all, but still got the error.
Then I performed an update of the containers as per guide. Some existed, some got recreated, but it also looked like some where installed for a first time.
The feed updates didn’t take that long and all of a sudden I was able to create Tasks.
Hi,
I’ve been looking at this topic and some other articles, because I’m having this issues, but seems that the problem is not with feeds sync, because those from what I can see are synced, but still no scan configs. Looking at the gvmd.log, there’s a thing that might be the issue, I got this log always:
md main:MESSAGE:2023-12-04 16h32.14 utc:2180: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage: INFO:2023-12-04 16h32.20 UTC:2249: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
So it seems it never starts. I’ve got the feed status like this shown in the attached picture.
You are still missing the NVT feed, without any NVTs you can´t scan anything. I would check your network and any IDS/IPS … it looks like your firewall or network security device is blocking the feed sync from the vulnerability checks due to matching signatures.
I am really not sure if this is true. The missing origin and version may just be a bug while loading the feed information from the scanner. Personally I would just try to scan a target.
Hi, thanks for the replies.
First, trying to start a scan it’s not possible, as I’ve got the message that there are no scan configs and I cannot create them.
After that I went to scan configs, but nothing there. Stopped the service and started again, went to scan configs and nothing there.
Also, after that the error started again, as you can see in the screenshot.
Following the information at https://greenbone.github.io/docs/latest/22.4/source-build/index.html#vulnerability-tests-data you can find the message Updating VTs in database ... done (X VTs). in the logs of your screenshot. That means all VTs have been loaded. Sadly gvmd and ospd-openvas got restarted directly afterwards. After restarting the whole process of loading the VTs needs to be done again!
You can check your file system if the required scan config has been downloaded from the feed. Try running find /var/lib/gvm/data-objects/ -name "*daba56c8-73ec-11df-a475-002264764cea*.xml". This command should print a file if the scan config has been found.
If the file is available you can try to enforce gvmd to reload the data objects by running sudo -u gvm gvmd --rebuild-gvmd-data=all (when using the source build) or sudo -u _gvm gvmd --rebuild-gvmd-data=all (when using Kali Linux).
Thanks for the inputs. Finally I got it working. The problem was this one:
$ sudo -u gvm gvmd --rebuild-gvmd-data=all
Failed to rebuild gvmd data: Feed owner not set or invalid while rebuilding configs.
So I was able to use this command:
gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value gvmd --get-users --verbose | grep admin | awk '{print $2}' but had first to get the user id and then run on that user id.
Now I’ve got the scan configs.