Hello community,
I have installed OpenVAS 20.08 from source on Ubuntu 20.04 from this link https://www.libellux.com/openvas/#configuration-files and it is running really good, scanning, pdf reports, everything works just great.
Ubuntu 20.04 runs under a VM with the following resources (6 vCPU, 8GB RAM, 100GB Disk)
I am facing issues when trying to update feed from terminal. The process used is the following:
-
sudo systemctl stop openvas-scanner
-
sudo systemctl stop openvas-manager
-
sudo greenbone-nvt-sync (first issue here) also with openvas-feed-update
When i come to this part I have the following output in the console:
Resolving dl.greenbone.net (dl.greenbone.net)… 89.146.224.58, 2a01:130:2000:127::d1
Connecting with dl.greenbone.net (dl.greenbone.net)[89.146.224.58]:80… failed: Connection timed out.
Connecting with dl.greenbone.net (dl.greenbone.net)[2a01:130:2000:127::d1]:80… failed: Network is unreachable.
I have also tried with sudo greenbone-nvt-sync —rsync and get the following output
rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110)
rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
I have checked this post: Failed greenbone-certdata-sync (Connection timed out (110))
and performed a netcat in the ubuntu server to see rsync to the address 89.146.224.58 and get nothing as response
nc 89.146.224.58
I have checked my firewall and the request (syn) is going out okay but have no syn-ack or ack or rst-ack (no response from the ip address) (attaching image)
My firewall has no inspection, or any filter (web filter, ips, app control, nothing), just a typical nat for going to internet from our ip public
Another thing that I got it from this post: Rsync: failed to connect to feed.openvas.org
When trying with this command (greenbone-nvt-sync) the response I get is from dl.greenbone.net (dl.greenbone.net), however if I try with rsync (greenbone-nvt-sync —rsync) the response is from feed.openvas.org even tho the ip address is the same in both cases 89.146.224.58
After watching that netcat only shows the syn packet, runned againg the greenbone-nvt-sync —rsync and got the following sequences from my firewall…only syn packets to the destination and dns (to resolve feed.openvas.org which is okay)
Also red this post: Greenbone-nvt-sync doesn't complete (Ubuntu-20.04) to check GVM versions and found the following
gsad version: 7.0.3
gmvd version: 20.08
openvasmd version: 7.0.3
openvas-nasl version: 20.8.0
And one additional information: only IPv4 works with my service provider…don’t have any IPv6 address
Can you please suggest me a solution or a workaround? (maybe downloading feed via .xml and installing directly)
Thank you for your responses!
Best regards,
Andres