Fyrie
January 5, 2026, 7:44pm
1
Hello,
I’ve been trying to use the guide here Greenbone Community Containers - Greenbone Community Documentation and pull the greenbone community edition containers. However, I kept getting blocked by our firewall. It’s flagging these urls for malware:
registry.community.greenbone.net/v2/community/ospd-openvas/blobs/sha256:020e041493246da558b770e67afa242ccf2cc8af069d9960b81143cabfc1682f
registry.community.greenbone.net/v2/community/ospd-openvas/blobs/sha256:42bb0d65d3fede8d86eaaf3b67c3561fc0a9c9fe1445b9fc1bdadf008e7e89ba
registry.community.greenbone.net/v2/community/openvas-scanner/blobs/sha256:020e041493246da558b770e67afa242ccf2cc8af069d9960b81143cabfc1682f
If it’s false positive, are their any alternative mirrors or sites I can use?
Fyrie
January 5, 2026, 8:58pm
2
Additional info:
We are using Zscaler and it defines PY/Impacket.A and E64/ABApplication.PUM as threats in their threat library and has classified it as malware.
rippledj
January 6, 2026, 2:42am
3
Many endpoint and malware scanners flag Impacket a malware. It is a legitimate security tool often used for testing Windows Kerberos secuirity and AD environments. However, it has been also used in a significant number of cyber attacks. If Zscaler is using an inbound content proxy then mirrors may also be blocked because it operates inline to inspect downloads and block malware. Your firewall may need a rule exception to allow downloads.
lInda6
January 6, 2026, 6:02am
4
Impacket in the containers sets off Zscaler, but it’s not malicious.
Mirrors won’t help; you’ll need to pull outside of Zscaler or create a firewall/proxy allowlist for certain greenbone URLs.
1 Like
Fyrie
January 6, 2026, 5:12pm
5
Thank you both. I appreciate the quick feedbacks. I’ll request my IT team to exclude this.