Why does GVM 22.4.1 have half of the scan capabiliities GVM 20.08 had?

deajan · April 16, 2023, 12:09pm

Hello,

I’m a long time openvas user, and just built my new GVM 22.4.1 from scratch using the instructions from the official docs.
While doing so, I noticed that the scan configs are incomplete, missing most vulnerability families and even misses the nasl port scanner, rendering the scan configs useless for me.

Of course my feeds are up-to-date on the GVM22 build, but all scans I am trying find zero results.

Here’s a comparaison of GVM 22.4.1 and 20.08:

I’ve also tried to import my scan config from GVM20 into the newer GVM22, but I endup with the same number of vulnerability families.

GVM20 show it can check about 96k NVTs whereas GVM22 can check about 46K NVTs only with that configuration.

What happened to GVM ? Did I miss something about the feeds ?
Thanks for any clarification.

cfi · April 18, 2023, 8:04am

It looks like the installation is missing all Notus Scanner based Local Security Checks used since 22.04:

Please try to verify your setup around Notus scanner (e.g. was the notus data feed synced, notus scanner wasn’t installed, …) based on the official docs.

deajan · April 21, 2023, 3:00pm

Thank you for your answer.
Although notus was installed properly and running and the notus files present on disk, a greenbone-feed-sync --type all and some coffee resolved the issue for me.
Sorry for the noise.

deajan · May 11, 2023, 8:20am

Sorry, I meant greenbone-nvt-sync --type all or even greenbone-nvt-sync --type notus

immauss · May 11, 2023, 8:50am

As this has come up elsewhere @bricks , could you please confirm something for me.

I can not find in the installation docs or in the “–help” for the greenbone-nvt-sync or the greenbone-feed-sync an option to sync data specific to notus. In fact, the “–type” option is not listed in the --help for the nvt-sync at all, though the script does run seeming to ignore the option.

Thanks,
Scott

bricks · May 11, 2023, 9:06am

The new greenbone-feed-sync script has the option --type notus. Otherwise you need to use greenbone-nvt-sync to download both the nasl and notus files from the feed.

bricks · May 11, 2023, 9:23am

To clarify the situation, there are currently three sync scripts:

greenbone-nvt-sync shipped with openvas-scanner to download nasl and notus files without a --type argument. It’s a shell script.
greenbone-feed-sync shipped with gvmd to download scap, cert and gvmd data (has a --type argument). It’s a shell script. There are also greenbone-scapdata-sync, greenbone-certdata-sync which just call greenbone-feed-sync with the desired --type argument.
greenbone-feed-sync a new separated Python script that replaces all the previous ones. It has a --type argument with a lot of options.

The first two mentioned shell based scripts are deprecated in favor of the latter one.

immauss · May 11, 2023, 9:31am

awesome!!
Thanks @bricks