Feed Sync issues with GSE 20.08

Hello community,

I have installed OpenVAS 20.08 from source on Ubuntu 20.04 from this link https://www.libellux.com/openvas/#configuration-files and it is running really good, scanning, pdf reports, everything works just great.

Ubuntu 20.04 runs under a VM with the following resources (6 vCPU, 8GB RAM, 100GB Disk)

I am facing issues when trying to update feed from terminal. The process used is the following:

  1. sudo systemctl stop openvas-scanner

  2. sudo systemctl stop openvas-manager

  3. sudo greenbone-nvt-sync (first issue here) also with openvas-feed-update

When i come to this part I have the following output in the console:

Resolving dl.greenbone.net (dl.greenbone.net)… 89.146.224.58, 2a01:130:2000:127::d1

Connecting with dl.greenbone.net (dl.greenbone.net)[89.146.224.58]:80… failed: Connection timed out.

Connecting with dl.greenbone.net (dl.greenbone.net)[2a01:130:2000:127::d1]:80… failed: Network is unreachable.

I have also tried with sudo greenbone-nvt-sync —rsync and get the following output

rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110)

rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101)

rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]

I have checked this post: Failed greenbone-certdata-sync (Connection timed out (110))

and performed a netcat in the ubuntu server to see rsync to the address 89.146.224.58 and get nothing as response

nc 89.146.224.58

I have checked my firewall and the request (syn) is going out okay but have no syn-ack or ack or rst-ack (no response from the ip address) (attaching image)
netcat 2

netcat

My firewall has no inspection, or any filter (web filter, ips, app control, nothing), just a typical nat for going to internet from our ip public

Another thing that I got it from this post: Rsync: failed to connect to feed.openvas.org

When trying with this command (greenbone-nvt-sync) the response I get is from dl.greenbone.net (dl.greenbone.net), however if I try with rsync (greenbone-nvt-sync —rsync) the response is from feed.openvas.org even tho the ip address is the same in both cases 89.146.224.58

After watching that netcat only shows the syn packet, runned againg the greenbone-nvt-sync —rsync and got the following sequences from my firewall…only syn packets to the destination and dns (to resolve feed.openvas.org which is okay)

sniffer

Also red this post: Greenbone-nvt-sync doesn't complete (Ubuntu-20.04) to check GVM versions and found the following
gsad version: 7.0.3
gmvd version: 20.08
openvasmd version: 7.0.3
openvas-nasl version: 20.8.0

And one additional information: only IPv4 works with my service provider…don’t have any IPv6 address

Can you please suggest me a solution or a workaround? (maybe downloading feed via .xml and installing directly)

Thank you for your responses!

Best regards,

Andres

1 Like

It seems you mixing different old and actual software releases here, please build the 20.08 release again.
The Sync-Script is EoL and discontinued, please check other links.

1 Like

Thank you very much @Lukas …after following the post, and replacing the url, it started downloading the feeds!

Please note that this is not required if you have build GVM-20.08 as this release already includes the sync script pointing at the updated feed server.

If you had to change the URL you probably have some older sync scripts in your PATH which takes precedence over the updated ones from GVM-20.08.

I would strongly suggest to check how you have build your setup and to remove remains / leftovers from your old installation (at least the sync scripts are still the ones from an older GVM installation if you had to change the URL).

If the suggestion isn’t followed you might get into trouble into the future due to using outdated sync scripts not getting any updates.

3 Likes

Hi @cfi

Thank you for the recommendation. Will follow this

Best regards,

1 Like

Hello,

If you had to change the URL you probably have some older sync scripts in your PATH which takes precedence over the updated ones from GVM-20.08.

I have installed the latest version, it was working okay for updating the feeds, however somehow, it changed again and whenever I’m trying to sync it redirects to the old ip address.

Screen Shot 2020-12-16 at 11.28.42

Can you please guide me where is the path to change the feed url as this post suggest? I missed the file

Than you!

Andres

Hello,

I’ve found the path, but something happened, the url was correct but when I checked the version, it went back to gsad and gmvd were a previous version and not the one that was reinstalled (20.08)…is it normal? with a feed sync is it possible to “downgrade” to a previous version?

Thank you!

No it is not, the feed does not include any ELF binaries or Shell-Scripts.

If you mix components you should re-install your system with a actual version.

2 Likes

@andyway hello, did add a section under OpenVAS how-to run cronjob, been working for me without any issues so far. You’ll find it here: https://www.libellux.com/openvas/#scheduled-jobs

Best regards,
Fredrik

1 Like

Sorry for having to mention it here again, but please don’t call it OpenVAS anymore. Please don’t use the term openvas for anything of our code besides the scanner application. It just creates additional confusion. The whole thing with GSA, gsad, gvmd, ospd-openvas, openvas, … is called GVM.

Might be a good idea to rename the website https://www.openvas.org/ as using it out of old habit

Sorry @bricks if I came of as rude. However, I’ve been using GVM (OpenVAS) for a long time and writing tutorials for it. I’ve seen people and the community referring to it as OpenVAS way more than GVM. Also my Google Analytics for my website gives most hit on OpenVAS than GVM. My tip, and i’m not being rude, is to go through the websites you guys manages and make it more clear for the community of the terms - rather then reminding people on the forums what to call it, as they do it for a reason.

Best regards,
Fredrik

Anyone let me know the resolution of this error i m getting below error

Connecting to dl.greenbone.net (dl.greenbone.net)|89.146.224.58|:80… failed: Connection timed out.

Hi, dl.greenbone.net has been shut down nearly two years ago. It is very very likely you are using a completely outdated version of our software.

2 Likes