dgiorgio / gvm-docker

Greenbone Vulnerability Management for Docker - based on git source code.
BSD 3-Clause "New" or "Revised" License
39 stars 21 forks source link

Display 'No SCAP database found' in SecInfo #9

Open coderkk opened 3 years ago

coderkk commented 3 years ago

I have deployed the gvm-docker, but it has show 'No SCAP database found'. And I look at the logs, it show there have some errors there when connect to feed.community.greenbone.net.

Update GVMD_DATA
rsync: failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Cannot assign requested address (99)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
Update SCAP
rsync: failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Cannot assign requested address (99)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
Update CERT
rsync: failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Cannot assign requested address (99)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
gvmd - starting...
md manage:MESSAGE:2021-02-24 06h40.27 utc:81: No SCAP database found
md manage:MESSAGE:2021-02-24 06h40.27 utc:81: No CERT database found
md   main:MESSAGE:2021-02-24 06h40.28 utc:83:    Greenbone Vulnerability Manager version 20.08.1 (DB revision 233)
md manage:   INFO:2021-02-24 06h40.28 utc:83:    Getting users.

Anyone have this issue to solve it? Thanks

dgiorgio commented 3 years ago

Hello, most likely, there is some synchronization occurring at the same time. Checks the openvas container.

This is a limitation of the Greenbone repository, where it only accepts one connection at a time. feed.community.greenbone.net

I am about to implement an improvement, that if any sync fails, it tries again.

an alternative is to use a private repository. https://github.com/dgiorgio/gvm-feed-server

eric-it6 commented 3 years ago

Hi, I have this problem too, because when starting the stack both containers (gvmd and ovenvas) try to sync.

The easiest way is to wait until gvmd or openvas have synced and then restart the other container.

I saw that you created a cronjob that runs a sync every 3 hours. Maybe you could set different fixed times for the syncs.

coderkk commented 3 years ago

Ok, I will try it. Thanks

eric-it6 commented 3 years ago

Enclosed still, in the cronjob of the gvmd container the Sync for GVMD_DATA is missing.

greenbone-feed-sync --type GVMD_DATA

coderkk commented 3 years ago

I have tried restart gvm_gvm-gvmd_1, the SCAP has synced. But after half and hour, it end with below log

noname.xml:436103: namespace error : Namespace prefix meta on item-metadata is not defined
data nvd-id="720895" status="FINAL" modification-date="2020-04-01T12:26:32.417Z"
                                                                               ^
error from daemon in stream: Error grabbing logs: unexpected EOF
dgiorgio commented 3 years ago

I did not detect the reported issue. The last images, had fixes and improvements of some problems related to cron and updates. Could you test the new images?

eric-it6 commented 2 years ago

Hello together,

I can't reproduce coderkk's problem either. But now i have another problem.

First of all I want to say that the images work great, thanks for the updates! But.. i have a question about the versions of the images. Sometimes you use Greenbone Version 21.4.3-X and sometimes the older Version 21.4.2-X. Is this how the versions appeared?

The reason why I ask, is that Greenbone says with every Scan thal I am using an EOL Scan Engine. More details:

Version of installed component:           21.4.2 (Installed component: openvas-libraries on OpenVAS <= 9, openvas-scanner on GVM >= 10)
Latest available openvas-scanner version: 21.4.3
Reference URL(s) for the latest available version: https://community.greenbone.net/t/gvm-21-04-stable-initial-release-2021-04-16/8942

I tried a clean install, with an empty database, but the log shows the following and NVTs are not present:

openvas: DEBUG: (ospd_openvas.daemon) Plugins feed file /usr/local/var/lib/openvas/plugins/plugin_feed_info.inc not found.

Maybe it is a problem of the old scan engine. Another question is, what is the difference between the images 'openvas' and 'openvas-scanner'? I see that you have added a new image, but it is exactly the same version as the 'openvas' image.

Would it be possible for you to update Openvas and GSA to the latest version (21.4.3)? This would help us a lot.

Many greetings and have a nice day.

eric-it6 commented 2 years ago

Nevermind, with the clean install the error is gone after 2-3 restarts of the contaiener.

But the vulnerability with the outdated version is still present.

eric-it6 commented 2 years ago

Hello me again,

wanted to give some feedback about a few tests.

The mail client you have installed works great, thanks for that!

The feed update still seems to hook in some places. Sometimes the NVT feed is not updated and synchronized only when the GVMD container is restarted. Maybe this is related to bugfixes in the Greenbone feed. Meanwhile the GVMD Data Feed is also too old and can not be updated.

If you find time, we would be very happy if you could update the images to the latest version.

Many greetings

cosmoportals commented 2 years ago

How can we trigger a manual feed update?