greenbone sync problem

[answerz0r]

Please help me with greenbone-scapdata-sync and greenbone-certdata-sync i have reponse: Network is unreachable (101) and connection timed out (101) every time im trying to do that. Im trying to do that because i have an error when trying to launch openvas on browser (SCAP and/or CERT database missing on OMP server).

only command greenbone-nvt-sync worked but with --curl --verbose (nothing more cant work).

Help pls

[fabionitto]

Have you checked your firewall?

[answerz0r]

I have no firewall and i tried using internet from my cellphone hotspot and normal wifi or cable. Errors:

root@kali:~# greenbone-scapdata-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101) rsync error: error in socket IO (code 10) at clientserver.c(125) [Receiver=3.1.2] root@kali:~# greenbone-nvt-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101) rsync error: error in socket IO (code 10) at clientserver.c(125) [Receiver=3.1.2] root@kali:~# openvas-feed-update [>] Updating OpenVAS feeds [] [1/3] Updating: NVT rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101) rsync error: error in socket IO (code 10) at clientserver.c(125) [Receiver=3.1.2] [] [2/3] Updating: Scap Data rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101) rsync error: error in socket IO (code 10) at clientserver.c(125) [Receiver=3.1.2] [*] [3/3] Updating: Cert Data rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101) rsync error: error in socket IO (code 10) at clientserver.c(125) [Receiver=3.1.2] root@kali:~# greenbone- greenbone-certdata-sync greenbone-nvt-sync greenbone-scapdata-sync root@kali:~# greenbone-certdata-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101) rsync error: error in socket IO (code 10) at clientserver.c(125) [Receiver=3.1.2]

also check setup show me that info:

root@kali:~# openvas-check-setup openvas-check-setup 2.3.7 Test completeness and readiness of OpenVAS-9

Please report us any non-detected problems and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

Use the parameter --server to skip checks for client tools like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ... OK: OpenVAS Scanner is present in version 5.1.1. OK: redis-server is present in version v=4.0.10. OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock. OK: redis-server configuration is OK and redis-server is running. OK: NVT collection in /var/lib/openvas/plugins contains 46013 NVTs. WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner. SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html). OK: The NVT cache in /var/cache/openvas contains 46013 files for 46013 NVTs. Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 7.0.2. OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db. OK: Access rights for the OpenVAS Manager database are correct. OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled. OK: OpenVAS Manager database is at revision 184. OK: OpenVAS Manager expects database at revision 184. OK: Database schema is up to date. OK: OpenVAS Manager database contains information about 46009 NVTs. OK: At least one user exists. ERROR: No OpenVAS SCAP database found. (Tried: /var/lib/openvas/scap-data/scap.db) FIX: Run a SCAP synchronization script like greenbone-scapdata-sync.

ERROR: Your OpenVAS-9 installation is not yet complete!

Please follow the instructions marked with FIX above and run this script again.

If you think this result is wrong, please report your observation and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

Ofcourse thats dont work as you can see above

[mikesplain]

I just tested and connectivity is working fine. This generally happens when there's an issue like a firewall (as @fabionitto mentioned above). I don't think this is our docker container's issue at the moment :(

[answerz0r]

Tu ani you for answers. I will try what i can do nad i will lat you know what happens ;)

[ethhack]

Currently receiving the following, and have been since last evening:

[root@scanner:~# greenbone-certdata-sync rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection refused (111) rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101)

followed by:

[root@scanner:~# greenbone-scapdata-sync rsync: safe_read failed to read 1 bytes [Receiver]: Connection timed out (110) rsync error: error in rsync protocol data stream (code 12) at io.c(285) [Receiver=3.1.2]

[riccardo-brazzale]

Hello, I've a new installation on debian, syncing certdata and scapdata give me these errors: rsync: failed to connect to feed.openvas.org (89.146.224.58): Connection timed out (110)s: rsync: failed to connect to feed.openvas.org (2a01:130:2000:127::d1): Network is unreachable (101) rsync error: error in socket IO (code 10) at clientserver.c(125) [Receiver=3.1.2]

[ethhack]

I ended up cheating it.

Manually rsync'd the files for scap and cert to a local box, then scp'd them to the proper places on my openvas host.

Manually created the db files as follows:

sqlite3 -noheader -bail /var/lib/openvas/scap-data/scap.db < /usr/share/openvas/scap/scap_db_init.sql

sqlite3 -noheader -bail /var/lib/openvas/cert-data/cert.db < /usr/share/openvas/cert/cert_db_init.sql

Then I modified the greenbone-scapdata-sync and greenbone-certdata-sync scripts and changed ENABLED=0 and RERESH_ONLY=1 and ran them, so that it would repopulate the db's from the files.

Not optimal and will be painful every time I need to update, but it DID work.

[fredairic[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 30 days if no further activity occurs. Thank you for your contributions.

[calve]

fwiw you can run both those scripts with --refresh arguments to avoid modifying it by hand

[daniejstriata]

What port is needed to be open for the rsync? 873?

[ilovesusu]

您好， 我在debian上进行了新安装，同步certdata和scapdata给我这些错误： rsync：无法连接到feed.openvas.org（89.146.224.58）：连接超时（110）s： rsync：连接失败to feed.openvas.org（2a01：130：2000：127 :: d1）：网络无法访问（101） rsync错误：clientserver.c上的套接字IO（代码10）中的错误（125）[Receiver = 3.1.2]

$cat /usr/bin/openvas-feed-update

!/bin/bash

echo "Updating OpenVas Feeds" greenbone-nvt-sync greenbone-scapdata-sync greenbone-certdata-sync --wget

it work

[kevinchugh]

greenbone-scapdata-sync --wget worked for me FWIW after getting the rsync connection refused error

[fredairic[bot]]

This issue has been automatically closed because it has not had recent activity. Issue creator may reopen if the issue still exists. Thank you for your contributions.

[leandro92correia]

This problem is cause by NAT when you're using a virtual machine. This problem can be fixed by changing the network connection to "BRIDGE MODE".

After just type the command "greenbone-scapdata-sync" as below.

┌─[✗]─[root@parrot]─[/home/leandro] └──╼ #greenbone-scapdata-sync Greenbone community feed server - http://feed.community.greenbone.net/ This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the Greenbone community portal. See https://community.greenbone.net for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be temporarily blocked.

receiving incremental file list ./ COPYING 1,719 100% 1.64MB/s 0:00:00 (xfr#1, to-chk=42/44) nvdcve-2.0-2002.xml 14,820,334 100% 2.38MB/s 0:00:05 (xfr#2, to-chk=41/44) nvdcve-2.0-2003.xml 4,197,029 100% 1.35MB/s 0:00:02 (xfr#3, to-chk=40/44) nvdcve-2.0-2004.xml 8,679,084 100% 1.60MB/s 0:00:05 (xfr#4, to-chk=39/44) nvdcve-2.0-2005.xml 14,238,109 100% 2.16MB/s 0:00:06 (xfr#5, to-chk=38/44) nvdcve-2.0-2006.xml 23,428,392 100% 1.40MB/s 0:00:15 (xfr#6, to-chk=37/44) nvdcve-2.0-2007.xml 22,162,674 100% 1.12MB/s 0:00:18 (xfr#7, to-chk=36/44) nvdcve-2.0-2008.xml 24,538,908 100% 1.35MB/s 0:00:17 (xfr#8, to-chk=35/44) nvdcve-2.0-2009.xml 21,654,296 100% 2.20MB/s 0:00:09 (xfr#9, to-chk=34/44) nvdcve-2.0-2010.xml 29,102,698 100% 1.18MB/s 0:00:23 (xfr#10, to-chk=33/44) nvdcve-2.0-2011.xml 61,489,525 100% 2.03MB/s 0:00:28 (xfr#11, to-chk=32/44) nvdcve-2.0-2012.xml 27,893,516 100% 1.16MB/s 0:00:22 (xfr#12, to-chk=31/44) nvdcve-2.0-2013.xml 29,216,956 100% 1.36MB/s 0:00:20 (xfr#13, to-chk=30/44) nvdcve-2.0-2014.xml 31,131,253 100% 851.75kB/s 0:00:35 (xfr#14, to-chk=29/44) nvdcve-2.0-2015.xml 29,248,665 100% 603.27kB/s 0:00:47 (xfr#15, to-chk=28/44) nvdcve-2.0-2016.xml 39,260,579 100% 1.35MB/s 0:00:27 (xfr#16, to-chk=27/44) nvdcve-2.0-2017.xml 54,691,072 100% 1.24MB/s 0:00:41 (xfr#17, to-chk=26/44) nvdcve-2.0-2018.xml 67,258,622 100% 1.44MB/s 0:00:44 (xfr#18, to-chk=25/44) nvdcve-2.0-2019.xml 64,449,634 100% 1.44MB/s 0:00:42 (xfr#19, to-chk=24/44) nvdcve-2.0-2020.xml 1,049,466 100% 613.69kB/s 0:00:01 (xfr#20, to-chk=23/44) official-cpe-dictionary_v2.2.xml 177,366,462 100% 1.30MB/s 0:02:10 (xfr#21, to-chk=22/44) sha1sums 2,096 100% 2.16kB/s 0:00:00 (xfr#22, to-chk=21/44) sha256sums 2,840 100% 2.93kB/s 0:00:00 (xfr#23, to-chk=20/44) sha256sums.asc 819 100% 0.84kB/s 0:00:00 (xfr#24, to-chk=19/44) timestamp 13 100% 0.01kB/s 0:00:00 (xfr#25, to-chk=18/44) oval/ oval/5.10/ oval/5.10/org.mitre.oval/ oval/5.10/org.mitre.oval/c/ oval/5.10/org.mitre.oval/c/oval.xml 268,150 100% 218.04kB/s 0:00:01 (xfr#26, to-chk=9/44) oval/5.10/org.mitre.oval/i/ oval/5.10/org.mitre.oval/i/oval.xml 9,480,204 100% 896.66kB/s 0:00:10 (xfr#27, to-chk=8/44) oval/5.10/org.mitre.oval/m/ oval/5.10/org.mitre.oval/m/oval.xml 143,834 100% 466.65kB/s 0:00:00 (xfr#28, to-chk=7/44) oval/5.10/org.mitre.oval/p/ oval/5.10/org.mitre.oval/p/oval.xml 90,911,155 100% 1.89MB/s 0:00:45 (xfr#29, to-chk=6/44) oval/5.10/org.mitre.oval/v/ oval/5.10/org.mitre.oval/v/family/ oval/5.10/org.mitre.oval/v/family/ios.xml 2,012,118 100% 1.80MB/s 0:00:01 (xfr#30, to-chk=4/44) oval/5.10/org.mitre.oval/v/family/macos.xml 453,775 100% 1.61MB/s 0:00:00 (xfr#31, to-chk=3/44) oval/5.10/org.mitre.oval/v/family/pixos.xml 10,014 100% 35.05kB/s 0:00:00 (xfr#32, to-chk=2/44) oval/5.10/org.mitre.oval/v/family/unix.xml 31,372,831 100% 1.12MB/s 0:00:26 (xfr#33, to-chk=1/44) oval/5.10/org.mitre.oval/v/family/windows.xml 51,773,463 100% 1.56MB/s 0:00:31 (xfr#34, to-chk=0/44)

sent 1,256 bytes received 932,540,415 bytes 1,420,474.75 bytes/sec total size is 932,310,305 speedup is 1.00 part 0 Done part 1 Done part 2 Done /usr/sbin/openvasmd

[hughesjs]

I'm having the same problem, it seems to work after I run the command a number of times, I've checked my firewall and IIDS and neither of those are interfering. Any ideas?