Hi folks.
I’m running the Greenbone Community Containers 22.4.
Host OS: Ubuntu 22.04
4 Cores, 8GB RAM, 60GB Disk
(The only modification I’ve made is that I have Nginx on the host as a reverse proxy in front of GSA for SSL - I doubt that’s the cause of the problem.)
Everything appeared to be working correctly.
However after updating the containers docker-compose -f docker-compose.yml -p greenbone-community-edition up -d scans are no longer completing and are just stuck “running”.
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f1004c008d24 greenbone/ospd-openvas:stable "/usr/local/bin/entr…" 2 days ago Up 24 hours greenbone-community-edition_ospd-openvas_1
ddc321ce7063 greenbone/notus-scanner:stable "/usr/local/bin/entr…" 2 days ago Up 2 days greenbone-community-edition_notus-scanner_1
e98b55424d66 greenbone/gvmd:stable "/usr/local/bin/entr…" 7 days ago Up 3 days greenbone-community-edition_gvmd_1
74985a1540ee greenbone/gsa:stable "/usr/local/bin/entr…" 11 days ago Up 3 days 127.0.0.1:9392->80/tcp greenbone-community-edition_gsa_1
9e86e4f91685 greenbone/redis-server "/bin/sh -c 'rm -f /…" 11 days ago Up 3 days greenbone-community-edition_redis-server_1
8edc7223de27 greenbone/mqtt-broker "/bin/sh -c 'mosquit…" 11 days ago Up 3 days 0.0.0.0:1883->1883/tcp, :::1883->1883/tcp greenbone-community-edition_mqtt-broker_1
7a468749a130 greenbone/pg-gvm:stable "/usr/local/bin/entr…" 5 weeks ago Up 3 days greenbone-community-edition_pg-gvm_1
Snippet from ospd-openvas log:
OSPD[6] 2022-11-24 22:00:48,146: INFO: (ospd.ospd) Currently 2 queued scans.
OSPD[6] 2022-11-24 22:00:48,293: INFO: (ospd.ospd) Starting scan 150503d6-df0b-4b89-b302-41a537bcf2c4.
OSPD[6] 2022-11-24 22:00:48,491: INFO: (ospd.ospd) Starting scan 8492ea02-2ad0-46df-8e85-351469b3d027.
OSPD[6] 2022-11-24 22:45:34,944: INFO: (ospd.ospd) 38762c49-ef0e-4487-a026-b9e68a2e3467: Host scan finished.
OSPD[6] 2022-11-24 22:45:34,947: INFO: (ospd.ospd) 38762c49-ef0e-4487-a026-b9e68a2e3467: Scan finished.
OSPD[6] 2022-11-24 23:59:41,595: INFO: (ospd.command.command) Scan fa7c8ed9-7a47-40c3-b2a0-837449d5d1a9 added to the queue in position 1.
OSPD[6] 2022-11-24 23:59:41,626: INFO: (ospd.command.command) Scan f4c49086-61f4-4498-89d5-16359bb716d3 added to the queue in position 1.
OSPD[6] 2022-11-24 23:59:46,319: INFO: (ospd.ospd) Currently 2 queued scans.
OSPD[6] 2022-11-24 23:59:46,447: INFO: (ospd.ospd) Starting scan fa7c8ed9-7a47-40c3-b2a0-837449d5d1a9.
OSPD[6] 2022-11-24 23:59:46,619: INFO: (ospd.ospd) Starting scan f4c49086-61f4-4498-89d5-16359bb716d3.
OSPD[6] 2022-11-25 00:46:02,369: ERROR: (ospd.server) Error sending data to the client. [Errno 32] Broken pipe
OSPD[6] 2022-11-25 00:50:37,246: ERROR: (ospd.server) Error sending data to the client. [Errno 32] Broken pipe
I’m scanning subnets typically /27 or /28 in size, mostly Windows server hosts. All scans are using the default “Full and fast” Scan config. Targets are using the “All IANA assigned TCP” port list - no authenticated scanning.
In openvas.log I’m seeing:
sd main:MESSAGE:2022-11-25 03h45.46 utc:631677: Vulnerability scan fa7c8ed9-7a47-40c3-b2a0-837449d5d1a9 finished for host <snip> in 10788.43 seconds
sd main:MESSAGE:2022-11-25 03h51.28 utc:520589: Running LSC via Notus for <snip>
sd main:MESSAGE:2022-11-25 03h51.38 utc:520589: Vulnerability scan fa7c8ed9-7a47-40c3-b2a0-837449d5d1a9 finished for host <snip> in 12625.63 seconds
The only thing I can think of is that some NVT is taking an excessive amount of time to run or something of that ilk but I’m unsure how to troubleshoot further.