Hello,
I have an installation where I’m not being able to sync the NVT feed.
It is a VMware virtual host configured to have full internet access. Something that I have validated with third parties’ infrastructure with outbound connections to the ports 80, 443,8000, 53000 as well as the rsync port 873.
As you can see below, port 873 is detected as open for feed.community.greenbone.net:
$ nmap -p 873 feed.community.greenbone.net -Pn
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( [https://nmap.org] ) at 2022-03-08 14:06 CET
Nmap scan report for feed.community.greenbone.net (45.135.106.143)
Host is up (0.026s latency).
Other addresses for feed.community.greenbone.net (not scanned): 2a0e:6b40:20:106:20c:29ff:fe7f:d2ae
PORT STATE SERVICE
873/tcp open rsync
Nmap done: 1 IP address (1 host up) scanned in 0.25 seconds
Once trying to connect using nc I get the following message, so I validate that I’m able to reach the feed service:
$ nc -vvv feed.community.greenbone.net 873
Warning: Inverse name lookup failed for `45.135.106.143'
feed.community.greenbone.net [45.135.106.143] 873 (rsync) open
@RSYNCD: 31.0
Greenbone community feed server - [http://feed.community.greenbone.net/]
This service is hosted by Greenbone Networks - [http://www.greenbone.net/]
All transactions are logged.
If you have any questions, please use the Greenbone community portal.
See [https://community.greenbone.net] for details.
By using this service you agree to our terms and conditions.
Only one sync per time, otherwise the source ip will be temporarily blocked.
^CExiting.
Total received bytes: 450
Total sent bytes: 0
But once trying to sync with rsync using the regular command I get the following error:
(...)
Greenbone community feed server - [http://feed.community.greenbone.net/]
This service is hosted by Greenbone Networks - [http://www.greenbone.net/]
All transactions are logged.
If you have any questions, please use the Greenbone community portal.
See [https://community.greenbone.net] for details.
By using this service you agree to our terms and conditions.
Only one sync per time, otherwise the source ip will be temporarily blocked.
receiving incremental file list
rsync: [receiver] read error: Connection reset by peer (104)
rsync error: error in socket IO (code 10) at io.c(784) [receiver=3.2.3]
rsync: connection unexpectedly closed (44 bytes received so far) [generator]
rsync error: error in rsync protocol data stream (code 12) at io.c(228) [generator=3.2.3]
I have validated that with other 3rd parties rsync services I have no problem. It’s just with the Greenbone one.
I know from this post: [General connection problems to feed server - #29 by tgurr] that there is a 24h antiabuse blacklist. But I have stopped the sync for several days and I’m still facing the same problem.
Does anyone know what could be happening here?
Thank you very much
Regards