Openvas --update-vt-info costs lots time. usually 60mins in my case. Is there any method to speed up the nvt loading? or can the openvas scanner skip the nvts loading after it was restarted by user? (I’m sure it loads all nvts in the first startup). or I have 3 scanners which are sharing one redis instance. Can I make the 3 scanners share the loaded nvts together in redis?
any suggestion are appreciated. thanks.
gsad: (‘gsad --version’) 21.4.3
gvmd: (‘gvmd --version’) 21.4.4
openvas-scanner: (‘openvas --version’, in older GVM versions < 11: ‘openvassd --version’) 21.4.3
Operating system: Ubuntu
Kernel: (‘uname -a’) Linux gvm-gvmd-7c6fd8dfb9-sfhgj 3.10.0-8126.96.36.199.h520.eulerosv2r7.x86_64 #1 SMP Wed Nov 25 18:33:06 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Installation method / source: source
The update via
openvas -u should not take 60 minutes. I suppose there is something wrong with your setup. For me a clean full load of all VTs into redis takes between 5 to 10 minutes.
But to answer your question about using the same redis instance for sharing data between several openvas scanners I would not recommend doing that. It might work in some cases but there is actually no code that ensures concurrent access of several openvas or ospd-openvas processes. Both services assume that only one instance of them is running at the same time. It will break and fail one way or another.
Thanks for your response. My scanner has a virtual machine with 6C 6G, but it still no lucky to speed up the loading. I have checked the metrics and found it has low usage of the resources. Any ideas to check the issue?
to be honest, I don’t know where to start looking. As @bricks said, it must be an issue in your setup. I have just tried, with signature check enabled, in my VM with 2C 4G:
$ time openvas -u
Personally I would start looking at the redis config.
for my case, it cost about 40-60 mins to load the 90k+ nvts. I’m wondering why the gap is so big.
Could be your I/O performance, hypervisor, block alignment of storage, and many more factors.
I would check with monitoring and performance tools how much I/O and CPU load each process have.
Thanks@Lukas, I switched from NFS to SSD. Now it can be loaded in 2mins.