Precursor: I am using OpenVAS/GSA on Kali GNU/Linux Rolling in VMWare
Running ‘apt-get install openvas’ returns: openvas is already the newest version (9.0.3kali1).
Looking in /var/lib/openvas/cert-data/ I have ‘CB-K13.xml’ and ‘CB-K14.xml’, but no ‘cert.db’
Running ‘openvas-feed-update’ updates NVT and SCAP, but CERT Data has the following issue (same issue if I run ‘greenbone-certdata-sync’ or ‘sudo greenbone-certdata-sync’ - doesn’t matter which one - CERT data won’t sync)
rsync: read error: Connection reset by peer (104)
rsync error: error in socketIO (code 10) at io.c(794) [receiver=3.1.3]
rsync: connection unexpectedly closed (612 bytes received so far) [generator]
rsync error: error in rsync protocol data stream (code 12) at io.c(235) [generator=3.1.3]
Running ‘openvas-check-setup’ - everything looks good except for the CERT data
I’ve tried restarting, rebuilding, removing/reinstalling, everything else works well in the platform, but CERT data is not syncing.
From reading around the community site and other locations where I’ve seen a similar issue, I read that I might need to check if ports 24 and/or 873 are open (outgoing from this host) for rsync/ssh. Is that a good next step for me to check?
Scan are running with no issues at all - the product is solid - I’m just wanting to make sure I get this aspect of the platform working, as - the more info I get about detected vulnerabilities, the better - IMHO.
Thank you all in advance for any assistance with my n00b question.
Nope only the RSYNC protocol is supported, you need to ensure that no 2nd session is active (NAT gateway or proxy) might block it due to keeping a session longer alive as it should be. Just connect your GCE installation DIRECT to the internet, not behind a NAT-gate, firewall or router