Internal Errigal Collaboration Wiki

User Tools

Site Tools

Trace: aws supportrequestpageticket_management company_overview greenbone_security_assistant
toolsandtechnologies:greenbone_security_assistant

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
toolsandtechnologies:greenbone_security_assistant [2022/04/08 18:30] – [Feed Status] 10.91.120.28toolsandtechnologies:greenbone_security_assistant [2023/05/11 14:11] (current) – Added sample run command list aryan
Line 3: Line 3:
 ===== Details ===== ===== Details =====
  
-<del>Accessible at [[https://10.91.130.9/feedstatus|Greenbone GSA]]</del> +Accessible at [[http://10.91.130.9:8080/|Greenbone]]
-- Moved to [[http://10.91.130.9:9392/feedstatus|Greenbone GSA Feed Status 21.4.3]] +
- +
-2021/12/21 -  Version 20.08.0~git-fdd51705e-gsa-20.08+
  
 ==== Feed Status ==== ==== Feed Status ====
  
-Visible at the feed status page +Visible at [[http://10.91.130.9:8080/feed|feed status page]]
- +
-{{:toolsandtechnologies:greenbone_security_assistant_-_feed_status.jpg?400|}} +
- +
-Manual updates currently (2021/12)+
  
 +=== To update/refresh the feeds (when they become outdated):===
   - Login to server as ubuntu@   - Login to server as ubuntu@
-  - sudo su gvm +  - Run `docker restart openvas` 
-  - cd /opt/gvm +  - Wait for the feeds to update and Greenbone to stand up
-  - ./manual-greenbone-feed-sync.sh +
- +
-Logging is recorded in gvm@errigal-openvas:/opt/gvm/gvm_log +
- +
- +
----- +
-  *  cat manual-sync.log  +
-  * 2021-12-21 16:16:43 Start GVM_DATA Sync +
-  * 2021-12-21 16:16:43 Start SCAP Sync +
-  * 2021-12-21 16:16:43 Start CERT Sync +
-  * 2021-12-21 16:16:43 Start CERT NVT Sync +
-  * 2021-12-21 16:16:43 Completed CERT NVT Sync +
----- +
- +
  
 +Run `docker logs greenbone -f` to follow logs.
  
 === New Install / Initial execution === === New Install / Initial execution ===
  
-On install, the feeds can sometimes be wiped, so the following commands should be executed +Follow the instructions with the persistent volume here: https://immauss.github.io/openvas/
- +
----- +
-  * sudo su gvm +
-  *  +
-  * greenbone-feed-sync --type GVMD_DATA +
-  * greenbone-scapdata-sync +
-  * greenbone-certdata-sync +
-  * greenbone-nvt-sync --rsync +
----- +
- +
-this should create a feeds folder at /var/lib/gvm as follows +
- +
----- +
-  * scap-data +
-  * cert-data +
-  * data-objects +
----- +
- +
- +
-=== Scanner Connection problems === +
- +
-Could not connect to Scanner+
  
 +10/May - instructions contains were
 +Start the container with a persistent volume:
  
 <WRAP center round box 60%> <WRAP center round box 60%>
-md manage:WARNING:2022-02-16 21h55.57 UTC:3858146: Could not connect to Scanner at /opt/gvm/var/run/ospd.sock +docker run --detach --publish 8080:9392 -e PASSWORD="Your admin password here" --volume openvas:/data --name openvas immauss/openvas
-md manage:WARNING:2022-02-16 21h55.57 UTC:3858146: OSP start_scan 1a77266d-fa7e-428e-b25c-2a2f8fa16ca3: Could not connect to Scanner+
 </WRAP> </WRAP>
  
 +You can use whatever --name you’d like but for the sake of this guide we’re using openvas.
  
-IssueThe installation places the ospd.sock file at a different location than the expected /opt/gvm/var/run/ospd.sock+The --publish 8080:9392 option will port forward 8080 on the host to 9392 (the container web interface port) in the docker containerPort 8080 was chosen only to avoid conflicts with any existing OpenVAS/GVM installation. You can change 8080 to any available port that you`d like.
  
-Resolution is to update the location as follows+Note, the current startup parameters are
  
-  gvmd --get-scanners +<code> 
-  gvmd --modify-scanner=08b69003-5fc2-4037-a479-93b440211c73 --scanner-host=/opt/gvm/var/run/ospd.sock+docker run --name=openvas \ 
 + --env=PASSWORD=ozzrules \ 
 + --volume=openvas:/data \ 
 + -p 8080:9392 \ 
 + --restart=no \ 
 + --runtime=runc \ 
 + --detach=true \ 
 + immauss/openvas 
 +</code>
  
  
-The scanner UUID is the value returned by the gvmd --get-scanners response for the Openvas default scanner +----
- +
-as per  +
- +
-* 08b69003-5fc2-4037-a479-93b440211c73  OpenVAS  /opt/gvm/var/run/ospd.sock  0  OpenVAS Default +
- +
-=== Feeds aging === +
- +
-* check the /var/lib/gvm folder for a feed-status.lock file. If this exists then no feed updates will happen. Remove file and re-run the syncs again +
- +
- +
-Found additional/alternative set of commands, just documenting for now +
- +
---- +
-* sudo su gvm +
-* /usr/local/bin/greenbone-nvt-sync +
-* greenbone-scapdata-sync +
-* greenbone-certdata-sync +
- +
-=== Report Monitoring === +
  
-== Tasks ==+=== Uppdate ===
  
 +Ref: [[https://docs.docker.com/get-started/03_updating_app/|Update docker Container]]
  
 +To upgrade Greenbone, you must upgrade the docker image and then restart the container.
  
 +<code>
 +docker ps
 +docker pull [docker_image]        immauss/openvas 
 +docker stop <the-container-id>    openvas
 +docker rm <the-container-id>      openvas
 +docker run [add parameters as above]
 +</code>
  
 +Sample Upgrade Command history
  
 +<code>
 +docker ps
 +docker pull  immauss/openvas 
 +docker stop openvas
 +docker rm openvas
 +docker run  --name=openvas --env=PASSWORD=ozzrules --volume=openvas:/data -p 8080:9392 --restart=no --runtime=runc --detach=true immauss/openvas
 +docker ps
 +docker logs -f openvas
 +</code>
toolsandtechnologies/greenbone_security_assistant.1649439037.txt.gz · Last modified: 2022/04/08 18:30 by 10.91.120.28

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki