since we migrated our openvas from a Kali VM to a Ubuntu one, we have huge performance problems with scans.
Results of the scans are ok but the scan duration is weird.
The openvas VM is behind a firewall but all is opened and no packet were dropped
- Targets are behind a firewall but all is opened and no packet were dropped
- logs at the standard level show no errors and we don’t know how to determine which parts of the scans cause this slowness.
- Scan configurations are the same for the 2 VMs:
- Target(s): All IANA assigned TCP and UDP (11318 ports)
- Alive Test: Consider Alive
- Scan Config: Full and fast
- Maximum concurrently executed NVTs per host: 4
- Maximum concurrently scanned hosts: 20
Case 1, 1 host scanned:
- Kali VM: scan duration: 21 minutes
- Ubuntu VM: scan duration: 2 hours
Case 2: 55 hosts:
- Kali VM: scan duration : 3 h
- Ubuntu VM: scan duration: 1 day, 2:29 h
Kali VM configuration:
- Version Kali : 2021.3
- RAM : 8GB
- CPU : 1
- Openvas version : 20.08.1~git (package kali)
- PostgreSQL: 13.4 (Debian 13.4-3)
- Installation method: kali package
Ubuntu configuration (new VM)
- Ubuntu 20.04.1 LTS (5.4.0-73-generic)
- RAM : 16GB
- CPU : 2
- OpenVAS : Version 21.04.0 (package git-218d6fa01-gsa-21.04)
- Greenbone Security Assistant 21.04.0~git-218d6fa01-gsa-21.04
- Greenbone Vulnerability Manager 21.4.0~git-c287c174-gvmd-21.04
- OpenVAS 21.4.1~git-7d6eff81-openvas-21.04 (gvm-libs 21.4.1~git-83cf2)
- Installation method:
- Dump of the pg database from the kali version and gvmd migration at the end
One strange thing noticed on gsa: Scanner preferences for all scan configs are empty
I don’t know where to investigate more and if it is an hardware or sofware problem.
Any help or suggestion is welcome.