Install GVM 21.4.2 Ubuntu 20.04

pwk · January 11, 2022, 2:25pm

Hello @DeeAnn I’m using GVM 21.04 running on Ubuntu 20.04 for installation I followed steps from this link Greenbone Vulnerability Manager | Libellux

DeeAnn · January 11, 2022, 2:27pm

Cool and thanks! I’ll move it back into place.

(edit- done)

pwk · January 11, 2022, 3:38pm

I found out if I set the port for listening to 443 or 444 service is not starting. If I set the port to for example 8080 service is able to start… Is there any way hot to use port 443?
Thank you

libellux · January 15, 2022, 3:07pm

Hello @pwk yes you can set GSA to run behind NGINX proxy if you really need it to use port 443. I’ve had other people request to add the chapter back on how-to run GSA using NGINX proxy… if it’s something you want me to do… I’ll add it back to my documentation

safla · January 17, 2022, 4:21am

I can’t start GSAD, assumedly because I did not enter the right IP into the startup config. I’m installing this on a Hyper-V VM so what should this IP be? I tried both the LAN IP and my network’s public IP and neither works. Sorry for the noob question; I assume I am missing something.

libellux · January 17, 2022, 2:49pm

Hello @safla if you type ip addr in the console of the VM you should see the IP address for your virtual machine. Then set the systemd unit file (gsa) too: ExecStart=/usr/local/sbin/gsad --listen=YOUR_IP --port=9392

You’ll also have to reload the systemd control daemon sudo systemctl daemon-reload and then restart GSA.

safla · January 18, 2022, 1:40am

Is this not possible with a bridged network adapter? Typing ip addr only gives me the local IP address. Thanks for your patience.

pwk · January 24, 2022, 9:02am

Hello @libellux It’s not necessary to have it but it is like nice to have

pwk · January 24, 2022, 9:05am

I found another “Issue” I was not able to set the alert to send reports to the windows share. At the end I installed smbclient and it start working.
I’m not sure if this was the correct way how to solve it but it is working

libellux · March 8, 2022, 4:40pm

Have been busy with work lately so haven’t had time to update my GVM guide for awhile. Will do a revision of the guide starting this weekend to make sure its up-to-date and also include requests i’ve received from you readers. Thanks alot for your input.

libellux · March 28, 2022, 5:24pm

Made an revision for GVMD 21.4.5. No issues encountered so far.

flb · April 18, 2022, 6:06pm

Hi libellux!
I followed the installation step by step GVM 21.4.4 (this link: Greenbone Vulnerability Manager | Libellux | export GVM_VERSION=21.4.5 | export GVM_LIBS_VERSION=21.4.4) on Ubuntu 20.04.
It’s working, but it doesn’t update the version Version (show 21.4.3 on web interface. Feeds are updated, except GVMD_DATA: 20220128T1556 Too old (79 days) Please check the automatic synchronization of your system.):

Any Ideas?
Tankyou.

poccadmin · April 19, 2022, 3:49pm

I can confirm this issue as well and state that in my case, it appears that it just gets stuck at the update process. Removing the lockfile at /var/lib/gvm/feed-update.lock then resets the status display to show feeds with their expiry date before then resetting back to “Updating in progress” again. Here is a log snippet showing what happens when I delete the lockfile

md manage:WARNING:2022-04-19 15h45.46 UTC:16895: update_scap: No SCAP db present, rebuilding SCAP db from scratch
md manage:   INFO:2022-04-19 15h45.47 UTC:16895: update_scap: Updating data from feed
md manage:   INFO:2022-04-19 15h45.47 UTC:16895: Updating CPEs
md manage:WARNING:2022-04-19 15h45.52 UTC:16906: /usr/local/bin/greenbone-nvt-sync returned a non-zero exit code.
md manage:WARNING:2022-04-19 15h45.55 UTC:16935: /usr/local/bin/greenbone-nvt-sync returned a non-zero exit code.

libellux · April 23, 2022, 4:04pm

@flb the version shown in the about section is just a miss they’ve made with the latest release, nothing to worry about.

In regard to the GVMD_DATA I’m checking it now and if I find the issue i’ll update here cc: @poccadmin

libellux · April 23, 2022, 5:14pm

Cannot find any issue in regard to the GVMD data, maybe @DeeAnn or @bricks could help confirm if the latest version of the Greenbone Community gvmd Data Feed is: 20220128T1556

heewey · April 25, 2022, 8:13am

Hi @libellux

I had to correct install dependencies on Ubuntu Bullseye

libgcrypt-dev - correct version “libgcrypt20-dev”
libopenvas-dev - not exist anymore

and correct installation part for GVM component:

Use GVMD_RUN_DIR instead of GVM_RUN_DIR 4ad3fa76a
Use full path GVMD_PID_PATH for PID files a9be3d718

apt command here

sodo apt-get install -y cmake pkg-config gcc-mingw-w64 \
gnutls-bin libgnutls28-dev libxml2-dev libssh-dev libssl-dev libunistring-dev \
libldap2-dev libgcrypt20-dev libpcap-dev libgpgme-dev libradcli-dev libglib2.0-dev \
libksba-dev libical-dev libpq-dev libpopt-dev libnet1-dev \
libmicrohttpd-dev redis-server libhiredis-dev doxygen xsltproc uuid-dev \
graphviz bison postgresql postgresql-contrib postgresql-server-dev-all \
heimdal-dev xmltoman nmap npm nodejs virtualenv gnupg rsync yarnpkg \
python3-paramiko python3-lxml python3-defusedxml python3-pip python3-psutil \
python3-setuptools python3-packaging python3-wrapt python3-cffi python3-redis \
xmlstarlet texlive-fonts-recommended texlive-latex-extra perl-base xml-twig-tools

DeeAnn · April 26, 2022, 8:43am

Hi @libellux,

Yep, 20220128T1556 is the most recent gvmd Data Feed.

flb · April 26, 2022, 2:26pm

Thanks for the clarification, libellux.
Best regards.

juanmachado · April 28, 2022, 3:05pm

Is there any documentation available on how-to run GSA using NGINX proxy?
I’d love to have my vm running 21.4.4 answering in its ip (other than localhost) and on TCP 443 instead of 9392.

Thank you!

libellux · April 28, 2022, 3:55pm

You just need to for example set GSA to listen to your localhost then create a nginx proxy looking something like (this is on older conf I used to run):

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name openvas.example.com;

    allow 127.0.0.1;
    deny all;

    ssl_certificate /etc/nginx/ssl/openvas.example.com/500232/server.crt;
    ssl_certificate_key /etc/nginx/ssl/openvas.example.com/500232/server.key;

    ssl_protocols TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/nginx/dhparams.pem;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    index index.html index.htm index.php;

    charset utf-8;

    location / {
        proxy_set_header   Host             $http_host;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   REMOTE_HOST      $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header   X-FORWARDED-PROTOCOL $scheme;  
        proxy_pass https://127.0.0.1:4000;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/openvas.example.com-error.log error;

    location ~ /\.(?!well-known).* {
        deny all;
    }
}

And dont forget to add the redirect from port 80 to 443:

server {
    listen 80;
    listen [::]:80;

    server_name .openvas.example.com;
    return 301 https://$host$request_uri;
}