I would like your help as I am trying to access GVM web interface through internet.
It is a fresh GVM installation on a fresh Kali running on AWS.
I already modified /lib/systemd/system/greenbone-security-assistant.service and set ExecStart=/usr/sbin/gsad --foreground --listen 0.0.0.0 --port 9392 (screenshot 1) but web interface is not accessible (Screenshot 2).
When I am connected with RDP to the server, I am able to connect to web interface, that means that the service is running.
AWS security group is configured to allow all traffic so this should not be an issue too.
Do you have any idea why I cannot connect?
That is more a problem of your distribution and AWS configuration then GVM.
Please get back to your OS/AWS Administrator and ask him how to route a IP to your VPC instance.
Kali is running on a linux EC2 natively in VPC. Not in a VM host.
I start RDP and ping from my home computer hitting Kaliās public IP.
I also tried connection from another EC2 in the same VPC hitting Kaliās private IP. RDP and ping are successful but web interface is not. Kaliās security group allows all traffic coming from VPC.
And you changed the default AWS firewall to allow that Kali non standard port inbound ?
You need to debug on your Linux machine the situation with tcpdump. There is nothing more anyone here can do with your network setup, that is definitive not a GVM issue.
Hi!
Sorry for late reply.
I ran the command and received:
$ ss -na | grep 9392
tcp LISTEN 0 4096 127.0.0.1:9392 0.0.0.0:*
tcp ESTAB 0 0 127.0.0.1:9392 127.0.0.1:59148
tcp ESTAB 0 0 127.0.0.1:59148 127.0.0.1:9392
Next, I changed the contents of /lib/systemd/system/greenbone-security-assistant.service listening IP to 0.0.0.0 and port to 443, and rebooted the VPS. On Kali, after a fresh install, I always have to reboot the machine after installation to get GBCE available on any IP/Port, even if I donāt reconfigure, and starting the services via sudo gvm-stop then sudo gvm-start doesnāt work.
Thank you for your answer. I have rebooted the system a lot of times and start the service afterwards but did not help.
I noticed a difference of my ss result and yours.
My ss:
tcp LISTEN 0 4096 127.0.0.1:9392 0.0.0.0:*
Your ss:
tcp LISTEN 0 4096 0.0.0.0:443 0.0.0.0:*
My result still have localhost IP while yours have 0.0.0.0. Did you make any other change?
No, I didnāt make any other changes. I literally just spun up a Kali Linux server on Linode, updated the repos, installed GVM, ran the setup, checked the setup, modified /lib/systemd/system/greenbone-security-assistant.service with ālisten 0.0.0.0 --port 443, rebooted, and accessed the web-interface over https://.
It does look like you have a problem with the installation though since your service is not listening on all IP addresses. You mentioned that you installed RDP, did you make any other changes that could impact this? I suggest working backward to just start with only SSH access to a fresh installation of Kali on a VPS and get that working first.
Also, I see a couple of versions of Kali available on the AWS marketplace. Are you using the official one?
I changed the port to 443.
ExecStart=/usr/sbin/gsad --foreground --listen 0.0.0.0 --port 443
Even when I am connected via RDP to Kali and hit localhost address in the browser, web panel still responds to port 9392.
I rebooted system and completely turned off and on again, the behaviour did not change. It still responds to 9392.