mikesplain / openvas-docker

A Docker container for Openvas
MIT License
768 stars 305 forks source link

Cant update #162

Closed Noname2244 closed 5 years ago

Noname2244 commented 6 years ago

root@9d347a932612:/# greenbone-nvt-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Cannot assign requested address (99) rsync error: error in socket IO (code 10) at clientserver.c(128) [Receiver=3.1.1]

also ping isnt availble in the container.

mikesplain commented 6 years ago

Are you still facing this issue? You can install ping in the container by execing into it and apt update && apt install iputils-ping as normal.

Noname2244 commented 6 years ago

:root /$ ping 89.146.224.58 PING 89.146.224.58 (89.146.224.58) 56(84) bytes of data. 64 bytes from 89.146.224.58: icmp_seq=1 ttl=50 time=38.7 ms 64 bytes from 89.146.224.58: icmp_seq=2 ttl=50 time=38.1 ms 64 bytes from 89.146.224.58: icmp_seq=3 ttl=50 time=38.3 ms ^C --- 89.146.224.58 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 38.196/38.453/38.784/0.333 ms

Noname2244 commented 6 years ago

Ip connectivity is fine, still cant update tho

root@9d347a932612:/# greenbone-nvt-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Cannot assign requested address (99) rsync error: error in socket IO (code 10) at clientserver.c(128) [Receiver=3.1.1] root@9d347a932612:/# greenbone-nvt-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Cannot assign requested address (99) rsync error: error in socket IO (code 10) at clientserver.c(128) [Receiver=3.1.1] root@9d347a932612:/# greenbone-nvt-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Cannot assign requested address (99) rsync error: error in socket IO (code 10) at clientserver.c(128) [Receiver=3.1.1] root@9d347a932612:/# greenbone-certdata-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Cannot assign requested address (99) rsync error: error in socket IO (code 10) at clientserver.c(128) [Receiver=3.1.1] root@9d347a932612:/# greenbone-scapdata-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Cannot assign requested address (99) rsync error: error in socket IO (code 10) at clientserver.c(128) [Receiver=3.1.1]

silentbreaksec commented 6 years ago

Try it with curl instead of wget...that worked for me.

greenbone-nvt-sync --curl --verbose

Noname2244 commented 6 years ago

That solved the NVT update , thanx!

Noname2244 commented 6 years ago

Any other workaround for the other syncs? greenbone-certdata-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Cannot assign requested address (99) rsync error: error in socket IO (code 10) at clientserver.c(128) [Receiver=3.1.1]

bannsec commented 6 years ago

Running scap sync manually seems to work for me: /usr/sbin/greenbone-scapdata-sync

DOEResearch commented 6 years ago

I am having the same problem. I tried /usr/sbin/greenbone-certdata-sync and scapdata with --curl and wget with no luck. I tried pinging the IP on two separate computers/networks with a connection refused. Is the server down or flooded?

pchamo commented 5 years ago

This issue is still present. Only greenbone-nvt-sync works. The other two scripts fail:

[root@ovmgr]# greenbone-certdata-sync --curl --verbose rsync: did not see server greeting rsync error: error starting client-server protocol (code 5) at main.c(1648) [Receiver=3.1.2]

[root@ovmgr]# greenbone-scapdata-sync --curl --verbose rsync: did not see server greeting rsync error: error starting client-server protocol (code 5) at main.c(1648) [Receiver=3.1.2]

Is there any workaround?

Thank you.

jmcarranza commented 5 years ago

I'm behind a corporate proxy and I had to open TCP port 873 on our firewall, then set the environment variable RSYNC_PROXY=my-proxy:8080

pchamo commented 5 years ago

It's not a firewall issue. It seems that only the NVT feed is available in the openvas demo version! Thank you.

jmcarranza commented 5 years ago

I use the open source version and I can update all the feeds that way.

pchamo commented 5 years ago

Look at this please: [root@ovmgr ~]# telnet feed.openvas.org 873 Trying 89.146.224.58... Connected to feed.openvas.org. Escape character is '^]'. Connection closed by foreign host.

I tried at home and it worked! Thank you. I need to see what's wrong with the firewall.

lundbergaj commented 5 years ago

I had this problem with a recent install, and running the nvt update would work using --wget, but the scap or cert updates wouldn't work with anything I could find. Looking around, I found this discussion: http://lists.wald.intevation.org/pipermail/openvas-discuss/2018-September/012190.html The writer notes that at least for some machines, the update script connected to the server twice, causing it to be blocked. Adding a sleep 5 after the FEED_SERVER_SERVER test in all three scripts made them all work for me. If you're having trouble with the scripts getting rejected, try adding a sleep 5 to them.

Syphontwo commented 5 years ago

Adding a sleep 5 after the FEED_SERVER_SERVER test in all three scripts made them all work for me. If you're having trouble with the scripts getting rejected, try adding a sleep 5 to them.

I added a sleep 5 to greenbone-scapdata-sync and greenbone-certdata-sync immediately after the line

FEED_VERSION_SERVER=`cat $FEED_INFO_TEMP_DIR/timestamp`

unfortunately this had no effect.

/usr/sbin/greenbone-scapdata-sync --curl --verbose
rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110)
rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]

As others reported, the NVT database connection works no problem. One person mentioned that these databases are not available in the open source version, but another said it was. Do we have any official word or documentation on the availability?

I'm behind a corporate proxy and I had to open TCP port 873 on our firewall, then set the environment variable RSYNC_PROXY=my-proxy:8080

This is my next step, but i won't be able to get to it for a while. I may try another location without the firewall and see if that's the issue.

later edit

I was digging around the script and pulled the command just to try and run the feed once without the rest of the script running to rule out the "double connection" issue mentioned in a previous comment.

eval /usr/bin/rsync -ltvrP --delete --exclude scap.db --exclude "private/" "rsync://feed.openvas.org:/scap-data" "/var/lib/openvas/scap-data"

Appears that the access method in the script for this feed is simply not working. I tried running the same command, but using the nvt feed script connection information and got the same failure.

eval /usr/bin/rsync -ltvrP "rsync://feed.openvas.org:/nvt-feed/plugin_feed_info.inc" "/tmp/tmp.RYNsYXaRDo"

The NVT feed is only working with the curl command.

curl http://dl.greenbone.net/community-nvt-feed-current.tar.bz2 -o /tmp/greenbone-nvt-sync.kyzS0LrVFC/openvas-feed-2019-03-21-3435.tar.bz2

Unfortunately, the SCAP and CERT scripts do not appear to support curl as they are.

UPDATE According to a moderator on the greenbone site, there is no way to update SCAP and CERT databases via HTTP, meaning you must use the RSYNC. https://community.greenbone.net/t/offline-updates-for-greenbone-sec-mgr-virtual-machine-community/151

isweluiz commented 5 years ago

I have the same problem

fredairic[bot] commented 5 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 30 days if no further activity occurs. Thank you for your contributions.

bannsec commented 5 years ago

Bumping this to keep it open as it is still an issue.

On Tue, May 21, 2019, 7:20 AM fredairic[bot] notifications@github.com wrote:

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 30 days if no further activity occurs. Thank you for your contributions.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/mikesplain/openvas-docker/issues/162?email_source=notifications&email_token=AB2HPYEPFR2V45DIZP4BWJLPWPLG3A5CNFSM4EVA7ALKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODV3SZPA#issuecomment-494349500, or mute the thread https://github.com/notifications/unsubscribe-auth/AB2HPYHBPC4KSKXNODVMPUTPWPLG3ANCNFSM4EVA7ALA .

fredairic[bot] commented 5 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 30 days if no further activity occurs. Thank you for your contributions.

bannsec commented 5 years ago

Bumping as this is still an issue over a year later.

fredairic[bot] commented 5 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 30 days if no further activity occurs. Thank you for your contributions.

fredairic[bot] commented 5 years ago

This issue has been automatically closed because it has not had recent activity. Issue creator may reopen if the issue still exists. Thank you for your contributions.

stewiem2000 commented 4 years ago

I found through tcpdump'ing that, for example, greenbone-certdata-sync executes rsync more than once and, on our system/network at least, the next rsync-call's SYN gets received before the first's FIN/ACK comes back — thus the server probably thinks there are multiple connections from the same IP (which is blocked). Simply adding a "sleep 1;" after (the error checking) of each/all rsync commands resolved this issue for me.

pakoota commented 4 years ago

Try it with curl instead of wget...that worked for me.

greenbone-nvt-sync --curl --verbose

Great. Thanks. Solved.

acosonic commented 4 years ago

Same problem now...

acosonic commented 4 years ago

Same problem now...

Still no changes, tried curl, tried everything...

Power-G commented 4 years ago

Me too...

dimazarno commented 4 years ago

same here

MarksenDE commented 4 years ago

Any update about this issue? I have the same problem ...

Sunnyvij commented 4 years ago

It is not working with Curl or wget or just direct install greenbone ..... Try the other link : greenbone-nvt-sync --rsync stil does not work all they are saying on there support channel is to use rsync... Whats is the problem here ..

rforberger commented 4 years ago

I think they changed the rsync mirror from feed.openvas.org to feed.community.greenbone.net. Not 100% sure though. I just downloaded the most recent container image from hub.docker.com, but it looks like it's still using feed.openvas.org....

mkopec3 commented 3 years ago

I think they changed the rsync mirror from feed.openvas.org to feed.community.greenbone.net. Not 100% sure though. I just downloaded the most recent container image from hub.docker.com, but it looks like it's still using feed.openvas.org....

It seems so. Solved it by: root@3b8d28ae4ccf:/# echo "45.135.106.142 feed.community.greenbone.net feed.openvas.org" >> /etc/hosts

jfortier-haptiq commented 3 years ago

@mkopec3 thanks so much, just realized my scanner has not been updating, when I went to find out why, just getting timeouts. I suppose if I upgrade the build this likely won't be an issue.

zitstif commented 3 years ago

@mkopec3 Thanks for that one liner!

infra-ray commented 3 years ago

I think they changed the rsync mirror from feed.openvas.org to feed.community.greenbone.net. Not 100% sure though. I just downloaded the most recent container image from hub.docker.com, but it looks like it's still using feed.openvas.org....

It seems so. Solved it by: root@3b8d28ae4ccf:/# echo "45.135.106.142 feed.community.greenbone.net feed.openvas.org" >> /etc/hosts

Thanks. It really helps me.

sailslack commented 3 years ago

I think they changed the rsync mirror from feed.openvas.org to feed.community.greenbone.net. Not 100% sure though. I just downloaded the most recent container image from hub.docker.com, but it looks like it's still using feed.openvas.org....

It seems so. Solved it by: root@3b8d28ae4ccf:/# echo "45.135.106.142 feed.community.greenbone.net feed.openvas.org" >> /etc/hosts

Thanks. It really helps me.

It worked for me too. Many thanks.

makarov20211221 commented 3 years ago

I think they changed the rsync mirror from feed.openvas.org to feed.community.greenbone.net. Not 100% sure though. I just downloaded the most recent container image from hub.docker.com, but it looks like it's still using feed.openvas.org....

It seems so. Solved it by: root@3b8d28ae4ccf:/# echo "45.135.106.142 feed.community.greenbone.net feed.openvas.org" >> /etc/hosts

Works well. Thank you !

makarov20211221 commented 2 years ago

root@232289daebe0:/# echo "45.135.106.142 feed.community.greenbone.net feed.openvas.org" >> /etc/hosts root@232289daebe0:/# greenbone-nvt-sync rsync: failed to connect to feed.openvas.org (45.135.106.142): Connection refused (111) rsync: failed to connect to feed.openvas.org (45.135.106.142): Connection refused (111) rsync error: error in socket IO (code 10) at clientserver.c(128) [Receiver=3.1.1]

ImPerec777 commented 2 years ago

Try to change ip to 45.135.106.143 : echo "45.135.106.143 feed.community.greenbone.net feed.openvas.org" >> /etc/hosts