Remote Scanner Deployment

GVM versions

gsad: Greenbone Security Assistant 21.4.3

gvmd: Greenbone Vulnerability Manager 21.4.4
Manager DB revision 242
Copyright (C) 2009-2021 Greenbone Networks GmbH

openvas-scanner: OpenVAS 21.4.3

gvm-libs: gvm-libs 21.4.3

Environment

Operating system: Ubuntu 20.04
**Kernel: ** 5.11.0-1028-azure #31~20.04.2-Ubuntu SMP Tue Jan 18 08:46:15 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

**Installation method / source: https://greenbone.github.io/docs/gvm-21.04/index.html **

Hi,
With the above information, i have been successfully in setting up a Master - Slave deployment using the OSP Scanner documentation (official documentation)

But this setup requires an incoming traffic from the MasterSlave on a port specified for adding the OSP scanner.
Can we configure the Slave OSP scanner to request/poll the Master for available tasks ? means SlaveMaster

Hi @jdhunt,

I’m bumping this for visibility to see if someone has insight.

Closing this issue, since we were able to figure it out.

@jdhunt Glad you were able to figure it out.

Would it be possible to post how you have figuring it out, otherwise a user having the same / a similar problem won’t be able to know how you have solved it.

Hope this explains -

  • Create a monitored SSH tunnel from Slave → Master on a specific port.
  • Using that SSH tunnel mapping the Slave scanner socket to Master (gvm).
  • On Master, create a scanner using that scanner socket path which links to the SLAVE socket.
  • For NVT Sync- Scanners only need NVTs so have them talk to Master’s NVT Plugins feed directory enabled with RSYNC service. So the scanner does not go to internet for GCF.
1 Like