We provide a free service for a worldwide vulnerability management community, and we love doing so.
The very most of our community users are happy with the solution we provide them for free, including a daily updated feed with vulnerability tests. Amongst them are teachers, universities, security consultants, private users and many more.
On the other hand we have some users with other use cases, who run massive numbers feed-syncs. In the end this causes problems for all other users. To share just one of some examples: We do not believe that more than 10000 syncs per hour from a single IP is something which should be done, at least not without any communication with us.
We are sad to say that when someone runs i.e. a very large installation behind a proxy, and creates thousands of syncs per hour, we will have to block this IP to keep the service alive for all our fair users.
We are constantly improving our capability to keep our service running, and we are sure to improve our quality of service in the next weeks. We already put some new hardware in place. Anyway a fair use solves a lot of problems.
If you believe you might be blocked, please contact us, and we will will try to find a solution.
Please, I would like to verify that some IP from the 200.201.160.0/20 range is being blocked because I still cannot download the vulnerabilities (scap, nvt, cert) since Out/2021.
We have a total of 13 scanners that are updated at most once a month (monthly)
only. We don’t believe this is driving overuse, that is, we are not even close to the case " more than 10000 syncs per hour from a single IP"
We ask to verify the possibility of releasing our aforementioned range.
Thank you so much
Josemar
openvas-setup
[>] Updating OpenVAS feeds
[] [1/3] Updating: NVT
bad response from proxy – HTTP/1.1 502 Proxy Error ( Connection refused )
bad response from proxy – HTTP/1.1 502 Proxy Error ( Connection refused )
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
[] [2/3] Updating: Scap Data
bad response from proxy – HTTP/1.1 502 Proxy Error ( Connection refused )
bad response from proxy – HTTP/1.1 502 Proxy Error ( Connection refused )
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
[*] [3/3] Updating: Cert Data
bad response from proxy – HTTP/1.1 502 Proxy Error ( Connection refused )
bad response from proxy – HTTP/1.1 502 Proxy Error ( Connection refused )
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
We’ve checked and it doesn’t look like your IP range is being blocked, but it does look like you’re using an old version that is trying to reach a feed that no longer exists. The current release is GVM 21.04 and includes an updated openvas-scanner.
Also, the proxy may be an issue as the commercial product supports it (and usage of port 443) currently, but the community version does not. So please try syncing it without the proxy even after upgrading.
You can check the versions of the components here: New releases for GVM 20.08 and GVM 21.04 and please let us know after upgrading if that takes care of it. Thanks!
(edit to add- I may move some posts to a new thread later)
