I have a pretty stable build, following the https://greenbone.github.io/docs/latest/22.4/source-build/index.html article as closely as possible. However, I’m running into the issue where boreas finds 0 hosts. Initially, I had an “Operation not permitted” error message because I somehow forgot the “Setting up sudo for Scanning” section.
Here’s what I used to get:
==> /var/log/gvm/openvas.log <==
sd main:MESSAGE:2022-12-27 02h25.58 utc:2038: Vulnerability scan 8b3b7e47-77f3-4387-8178-4938f21794e2 started: Target has 254 hosts: 192.168.30.0/24, with max_hosts = 15 and max_checks = 4
libgvm boreas:WARNING:2022-12-27 02h25.58 utc:2038: set_socket: failed to open ICMPV4 socket: Operation not permitted
libgvm boreas:WARNING:2022-12-27 02h25.58 utc:2038: start_alive_detection. Boreas could not initialise alive detection. Boreas was not able to open a new socket. Exit Boreas.
sd main:MESSAGE:2022-12-27 02h25.59 utc:2038: Vulnerability scan 8b3b7e47-77f3-4387-8178-4938f21794e2 finished in 5 seconds: 0 alive hosts of 254
I resolved that by adding the gvm user to the sudoers file and re-ran openvas. Here’s what I see in the log files now:
==> /var/log/gvm/openvas.log <==
sd main:MESSAGE:2022-12-27 02h39.45 utc:3866: openvas 22.4.0 started
sd main:MESSAGE:2022-12-27 02h39.45 utc:3866: attack_network_init: INIT MQTT: SUCCESS
sd main:MESSAGE:2022-12-27 02h39.49 utc:3866: Vulnerability scan 59292eac-de10-4337-83f9-95deda21c42e started: Target has 254 hosts: 192.168.30.0/24, with max_hosts = 15 and max_checks = 4
libgvm boreas:MESSAGE:2022-12-27 02h39.49 utc:3866: Alive scan 59292eac-de10-4337-83f9-95deda21c42e started: Target has 254 hosts
libgvm boreas:MESSAGE:2022-12-27 02h39.55 utc:3866: Alive scan 59292eac-de10-4337-83f9-95deda21c42e finished in 6 seconds: 0 alive hosts of 254.
sd main:MESSAGE:2022-12-27 02h39.56 utc:3866: Vulnerability scan 59292eac-de10-4337-83f9-95deda21c42e finished in 11 seconds: 0 alive hosts of 254
==> /var/log/gvm/ospd-openvas.log <==
OSPD[2604] 2022-12-27 02:39:57,261: INFO: (ospd.ospd) 59292eac-de10-4337-83f9-95deda21c42e: Host scan finished.
OSPD[2604] 2022-12-27 02:39:57,267: INFO: (ospd.ospd) 59292eac-de10-4337-83f9-95deda21c42e: Scan finished.
I’m not actually seeing any error messages, but somehow it’s still coming back as 0 hosts. Nmap is able to see several hosts:
Discovered open port 80/tcp on 192.168.30.1
Discovered open port 22/tcp on 192.168.30.46
Discovered open port 3389/tcp on 192.168.30.60
Discovered open port 21/tcp on 192.168.30.46
Discovered open port 135/tcp on 192.168.30.60
Discovered open port 445/tcp on 192.168.30.60
Discovered open port 5432/tcp on 192.168.30.46
Discovered open port 8443/tcp on 192.168.30.1
Discovered open port 7443/tcp on 192.168.30.1
Discovered open port 139/tcp on 192.168.30.10
Discovered open port 53/tcp on 192.168.30.10
Discovered open port 135/tcp on 192.168.30.10
Discovered open port 445/tcp on 192.168.30.10
Discovered open port 49154/tcp on 192.168.30.10
Discovered open port 8082/tcp on 192.168.30.1
My primary OS here is macOS Ventura and I’m running this openvas image with the following:
docker run -d -p 9392:9392 --name openvas openvas
UI loads up, all of the services are running fine:
mosquitto.service - Mosquitto MQTT Broker
Loaded: loaded (/usr/lib/systemd/system/mosquitto.service, disabled)
Active: active (running)
redis-server@openvas.service - Advanced key-value store (openvas)
Loaded: loaded (/usr/lib/systemd/system/redis-server@.service, disabled)
Active: active (running)
postgresql@14-main.service - PostgreSQL Cluster 14-main
Loaded: loaded (/usr/lib/systemd/system/postgresql@.service, disabled)
Active: active (running)
notus-scanner.service - Notus Scanner
Loaded: loaded (/etc/systemd/system/notus-scanner.service, disabled)
Active: active (running)
ospd-openvas.service - OSPd Wrapper for the OpenVAS Scanner (ospd-openvas)
Loaded: loaded (/etc/systemd/system/ospd-openvas.service, disabled)
Active: active (running)
gvmd.service - Greenbone Vulnerability Manager daemon (gvmd) 36" 02:34 27-Dec-22
Loaded: loaded (/etc/systemd/system/gvmd.service, disabled)
Active: active (running)
gsad.service - Greenbone Security Assistant daemon (gsad)
Loaded: loaded (/etc/systemd/system/gsad.service, disabled)
Active: active (running)
Not sure what I’m missing. No error messages, no alive hosts, a bit lost on where to go from here. I do understand there is an official openvas docker setup out there, but I am 99% close to finalizing this setup for other reasons.
Any help would be greatly appreciated.