Ive recently setup the greenbone suite of tools onto an EC2 instance, after some amount of troubleshooting, I managed to get everything up and running with the help of the forums, and some walkthrough’s. I am very happy with the product. I have done some amount of searching and I am still trying to find something a bit concrete on what the exact requirements are to run a remote scanner. I like seemingly a lot of people have plans to run the remote scanner on a pi, and attach that to some infra somewhere to keep tabs on it, or to do an assessment.
My question: what is the most basic requirement for running a remote scanner on a pi or something like it? I wanted to try to run this on alpine, and I see there is some packages, but do you need to run gsa, gvmd, etc, or can the scanner run by itself and communicate back to the EC2 where those apps are running? Has anyone spotted a good walkthrough for this use case? from my limited knowledge I guess its just the ospd and gvm tools?
For doing a simple scan you need to install ospd-openvas and do the vulnerability management on your own by talking to the daemon via osp. But this isn’t an easy task.
To run the full GVM stack you should have at least 4GB of RAM. If it is a single user machine and you don’t want to download a report during a scan less memory might be sufficient. The scan is cpu intensive and having several cores will improve the speed. Using a Rpi 3 should work but I would strongly suggest to choose a Rpi 4.
Oh and be careful with alpine. It uses a different C library which is not tested at all. It will create some headaches for you.
To get the openvas scanner to even build you also seem to need to have gvm-tools installed. Is it right, that i am better off to just install the near complete stack except gsa to get the two sides to communicate with each other here? once the install is complete on the pi(3 in my case), generate the certificates and use those to connect to it from GSA on my EC2?
I am planning to use some ssh reverse tunnel magic to get the connection to the EC2 working from the pi, but I am also not clear on how to connect the tcp port to the unix socket here. have I misunderstood how this works?
I had a shot at using alpine, but almost immediately I had errors that I was not prepared to deal with, so I resorted to running it on headless ubuntu.
Have you got any comments on running a swapfile, I have set up a 10gb swap on my pi in the hopes of alleviating the ram issues.
gvm-tools is not required to build or even run openvas scanner. See https://github.com/greenbone/openvas-scanner/blob/master/INSTALL.md#prerequisites-for-openvas