Single IP scan takes ages

[karnamonkster]

Describe the question Single IP scan takes ages with default configs

Environment - Virtual Machine (NAT) VMware Workstation v16

• OS: Ubuntu
• Version 20.04

Additional context Is there a way to tune it to work fine scanning the public IPs these IPs are reachable from the VM where this setup is hosted.

[libellux]

Hello @karnamonkster is this in regard to GVM or ClamAV?

[karnamonkster]

Hi, This is in regards to GVM Sorry for missing out on the detailed setup

Greenbone Vulnerability Manager 21.4.4
Manager DB revision 242

OSP Server for openvas: 21.4.3
OSP: 21.4.4
OSPd OpenVAS: 21.4.4

Greenbone Security Assistant 21.4.3

[libellux]

Hey thanks @karnamonkster so you're running a single scan and it takes ages and may I ask what type of scan you do so I can try reproduce it? As myself running the default wizard scan I've not had any problems in regard to performance. A tip would be to look through the default scanner and uncheck fields you do not want to scan if thats the case - but the default scan shouldn't be a performance issue. If you like I can run a test tomorrow (need to update the website anyway) and re-install the same version as you mentioned above and run whatever test you're running.

Edit: And also when you say ages, how long times are we speaking about? Just to make sure there's no firewall issues.

[karnamonkster]

Hello , Thanks for responding, I ran a scan with default scan config with “full and fast” This server is publicly reachable but PING disabled serving a web service on 8443.

[libellux]

Hello @karnamonkster I've just ran a test (full and fast) with max 4 concurrently executed NVTs per host (it took 14 minutes). I haven't applied much resouces to my virtual machine. However, if you try increase the cpu threads to your VM i'm pretty sure you may also increase the number of NVTs running at the same time. You can set this when you create a new task.

[karnamonkster]

Hi @libellux This is my VM configuration used which took the scan for 53 minutes. admin@ubuntu:~$ lscpu Architecture: x86_64 CPU op-mode(s): 32-bit, 64-bit Byte Order: Little Endian Address sizes: 45 bits physical, 48 bits virtual CPU(s): 4 On-line CPU(s) list: 0-3 Thread(s) per core: 1 Core(s) per socket: 1 Socket(s): 4 NUMA node(s): 1 Vendor ID: GenuineIntel CPU family: 6 Model: 140 Model name: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz Stepping: 1 CPU MHz: 2419.200 BogoMIPS: 4838.40 Hypervisor vendor: VMware Virtualization type: full What do you suggest about the number of NVTs i should run? My guess is not more than 4 :(

[libellux]

Hello @karnamonkster I wouldn't set more than 4 with the VM setup you've posted above. I run my VM with this setup and did the full and fast scan and it took 14 minutes (with 4 GB memory). Cannot really say why your scan would take 53 minutes. Maybe worth checking the network speed between your host and the external target.

Architecture:                    x86_64
CPU op-mode(s):                  32-bit, 64-bit
Byte Order:                      Little Endian
Address sizes:                   43 bits physical, 48 bits virtual
CPU(s):                          2
On-line CPU(s) list:             0,1
Thread(s) per core:              1
Core(s) per socket:              2
Socket(s):                       1
NUMA node(s):                    1
Vendor ID:                       AuthenticAMD
CPU family:                      21
Model:                           2
Model name:                      AMD Opteron(tm) Processor 6378
Stepping:                        0
CPU MHz:                         2400.000
BogoMIPS:                        4800.00
Hypervisor vendor:               VMware
Virtualization type:             full