I can’t finish setting up my OpenVAS because of this issue.
Where in the setup does need to be done? Is there a set of instructions?
Thank you!
Hi,
Where can I check to see if my IP has been banned? I have my own public IP address but we are within the university so I don’t know if it traffic gets routed through some common proxy or something.
Thank you.
I’m similar, I have a dedicated public IP and have been trying to install openvas for lessons. I fear I have ran setup a few too many times… I would like to also check if my IP is banned, please.
Thank you for the people who is working hard to solve this problem (Lukas, DeeAnn, etc.). Hopefully it can get back to normal soon. I really enjoy using this service.
5 Likes
Thanks for all working on the issue, appreciate how frustrating these things can be.
I’m wondering if I sync incorrectly, I do it manually once a month running…
greenbone-nvt-sync
greenbone-certdata-sync
greenbone-scrapdata-sync
Although a bit slower, the first two commands worked without issue, but the last one is timing out with "rsync: [Receiver] failed to connect to feed.community.greenbone.net Network is unreachable (101) error in socket IO (code 10) at clientserver.c(137) [Receiver=3.2.3]
Is that expected at the moment? More to the point should i not be running all three, one after another, once per month?
To enable SYN COOKIES, you must have access to /etc/sysctl.conf. To see if you have it enabled, enter sysctl -n net.ipv4.tcp_syncookies. This will show if it is either enabled or not. However, the main issue are the rsync feeds. Please be patient as Greenbone fixes this issue.
1 Like
Thank you @roma. I tried earlier and it managed to update for my the main gvm, but the 2 remote scanners failed for updating.
Will wait for a resolution from GB.
Is there any other way of updating the SCAP db, etc.?
Please look Lukas post here: Still no feed update - #40 by Lukas
Saw this, checked that my machines are resolving feed.community.greenbone.net correctly to the new IP address (45.135.106.143), but it still won’t sync. Same ‘connection timed out’ message.
I strongly encourage you to consider CloudFlare for CDN. They have a free tier that I think you can still use for basic CDN capabilities. I run an MSSP and we stand CloudFlare up in front of websites and WebApps all the time to improve site performance and security.
Welcome jeffleder to our community!
Thanks for the advise. We are in the process evaluating different solutions, CDN like cloudflare is one them. We want to fix this persistently, so it may take some time to the final solution (as we already are in the end-of-year business noise).
3 Likes
Hi,
Lukas checked that my IP had been blocked though I can’t imagine why. We do feed updates once a day at 10.30pm SGT, no simultaneous connections. I also have 2 remote scanners with their own IP addresses which I think are not blocked but even those can’t refresh he feeds.
@markdesilva do the unblocked box runs now? Maybe our defense went wrong, I am not sure about that, as things are complicated. Anyway, we will delete any wrongly blocked adresses, so please provide theses adresses too.
Sorry again, we are extremely unhappe ourselves with the situation, and will need some time to fix all issues. But as I heard from the tech guys, we are on a good way.
Hi,
Been trying to do a feed update and previously I was getting “connection timed out”, now I’m getting this:
@ERROR: max connections (100) reached – try again later
rsync error: error starting client-server protocol (code 5) at main.c(1814) [Receiver=3.2.3]
Its been that way for awhile now.
Will message you privately my IPs.
Thank you.
We optimized the settings, if you get this wait some minutes and try again. I limited the amount of rsyncs per module to prevent overloading the server.
data-objects, nvt-feed, scap-data, cert-data = 200 simultaneous connections right now per module.
Total 800 connections.
Thanks Lukas, I’ve started an update for the gvm and the remote scanners, no error as yet.