Operating system:
Ubuntu Bionic Kernel: (‘uname -a’)
Linux vagrant 4.15.0-143-generic #147-Ubuntu SMP Wed Apr 14 16:10:11 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux Installation method / source:
From source
I have successfully build GVM 21.04 from source.
Everything appears to work but the scanning results are suspicious.
I have a legacy GVM 9.0.1 reference system.
When I am using the following configuration
Target: Single IP / All TCP and Nmap top 100 UDP
Scan confg: Full and Fast
Scanner: OpenVAS Default
As I mentioned the GVM 21 tool chain gives me only 5 results:
CGI Scanning Consolidation
Hostname Determination Reporting
HTTP Security Headers Detection
OS Detection Consolidation and Reporting
Traceroute
It does not match my expectation from what I get for the seemingly identical setup in GVM 9 which gives me in total 131 vulnerabilities.
Do you have the services up and running ?
I am running as a local user:
ospd-scanner
gvmd
gsad
What does the log give you on every service ?
As per the logs these are working fine.
Any permission issues ?
I did configure the sudo setup so that openvas can be run as root. I also check the openvas processes being spawned and they are indeed running as ‘root’. As far as I can tell there are no permission issues.
I managed to make some progress on my own by debugging into the issue some more.
For me the issue appears to be caused by the interaction with the Vagrant VM.
I noticed that for some network interfaces the this_host call seems to return null or an empty string and at least some NASL scripts don’t handle that which causes the entire scan to fail.
I made progress by setting the source interface on the task itself to get past this issue.
But I also noticed that when I do set the interface explicitly GVM gives me a deprecation warning.