Hi again!
Finally I got it back working!
open /var/log/openvas/openvasmd.logand look for errors like:
lib serv:WARNING:2017-05-21 20h44.26 UTC:8032: Failed to
gnutls_bye: Error in the push function.
lib serv:WARNING:2017-05-21 20h44.26 UTC:8028:
openvas_server_verify: the certificate is not trusted
lib serv:WARNING:2017-05-21 20h44.26 UTC:8028:
openvas_server_verify: the certificate has expired
I renewed the internal certificates and reconfigured my scanner. Now it
is working fine again!
The strange thing is that the diagnostic script openvas-check-setup.sh
says: "It seems like your OpenVAS-8 installation is OK."
Thanks for your help!
On 30.05.2017 14:53, r.m6 wrote:
>
> Dear Thijs,
>
> many thanks for your help!
>
> I used the command "openvas-nvt-sync --wget" and this downloaded the
> complete feed:
>
> [i] Download complete
> [i] Checking dir: ok
> [i] Checking MD5 checksum: ok
>
> ....but did not solve the problem. Still "Rebuilding NVT cache...
> failed." after starting "openvasmd --rebuild --progress -v".
>
> The system is a dedicated VM for this openVAS instance. Diskspace is
> not an issue at all.
> I also tried (according your thankful advise) to remove the CACHE
> from /var/cache/openvas/. Unfortunately no success.
>
> The WEB GUI works properly. But as soon as I try to manually start a
> task, there is a red section displayed above the openVAS task list:
>
> Results of last operation
>
> Operation:
>
>
>
> Start Task
>
> Status code:
>
>
>
> 503
>
> Status message:
>
>
>
> Service temporarily down
>
>
> Would really be great if you have any other hints for me!
>
>
>
> On 29.05.2017 16:14, Thijs Stuurman wrote:
>> R.m6,
>>
>> I got those same messages on OpenVAS9 about those 2 duplicates but it
>> doesn't seem to be an issue for me:
>>
>> lib nvticache:WARNING:2017-05-29 10h31.52 utc:14473: NVT
>> 2008/spysweeper_corp_installed.nasl with duplicate OID
>> 1.3.6.1.4.1.25623.1.0.80046 will be replaced with
>> spysweeper_corp_installed.nasl
>> lib nvticache:WARNING:2017-05-29 10h31.54 utc:14473: NVT
>> 2009/gb_fsecure_prdts_detect_win.nasl with duplicate OID
>> 1.3.6.1.4.1.25623.1.0.800355 will be replaced with
>> gb_fsecure_prdts_detect_win.nasl
>> lib nvticache:WARNING:2017-05-29 10h31.55 utc:14473: NVT
>> spysweeper_corp_installed.nasl with duplicate OID
>> 1.3.6.1.4.1.25623.1.0.80046 will be replaced with
>> 2008/spysweeper_corp_installed.nasl
>> lib nvticache:WARNING:2017-05-29 10h31.57 utc:14473: NVT
>> gb_fsecure_prdts_detect_win.nasl with duplicate OID
>> 1.3.6.1.4.1.25623.1.0.800355 will be replaced with
>> 2009/gb_fsecure_prdts_detect_win.nasl
>>
>> *(do not know why it gets logged twice in my case)
>> I am on the same feed version as you: 201705150749
>>
>> The 503 message probably indicates the HTTP error 503 which means Service
>> Unavailable.
>> Try refreshing it all with a fresh full wget of the nvt's instead of rsync
>> using: openvas-nvt-sync --wget
>> Than rebuild again after that.
>>
>>
>> Thijs Stuurman
>> Security Operations Center | KPN Internedservices
>> thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com
>> T: +31(0)299476185 | M: +31(0)624366778
>> PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/)
>> Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048
>>
>> W: https://www.internedservices.nl | L:
>> http://nl.linkedin.com/in/thijsstuurman
>>
>>
>>
>>
>> -----Oorspronkelijk bericht-----
>> Van: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org]
>> Namens r.m6
>> Verzonden: maandag 29 mei 2017 15:13
>> Aan: openvas-discuss@wald.intevation.org
>> Onderwerp: [Openvas-discuss] Rebuilding NVT cache... failed
>>
>> Dear openVAS community,
>>
>> I have been using openVAS 8 successfully for a year now (Ubuntu 16.04
>> Server). Since last week, the service is broken (Web GUI shows “Status
>> code: 503” ). On the commandline (sudo openvasmd --rebuild
>> --progress -v) I am experiencing the ERROR: “Rebuilding NVT cache...
>> failed.”
>> Sync seems to be uptodate (sudo openvas-nvt-sync): “Feed is already current,
>> no synchronization necessary.”
>>
>> The log /var/log/openvas/openvassd.messages shows:
>> [Fri May 26 11:30:41 2017][6043] NVT with duplicate OID
>> 1.3.6.1.4.1.25623.1.0.80046 will be replaced with
>> 2008/spysweeper_corp_installed.nasl
>> [Fri May 26 11:31:04 2017][6043] NVT with duplicate OID
>> 1.3.6.1.4.1.25623.1.0.800355 will be replaced with
>> gb_fsecure_prdts_detect_win.nasl
>>
>> openvas-check-setup says: "It seems like your OpenVAS-8 installation is OK."
>>
>> If I compare NVT to the other 2 feeds, NVT is "much" older:
>> NVT is 201705150749
>> SCAP is 201705290801
>> CERT 201705290806
>>
>> Does anyone else see the same problem?
>> Can somebody give me a hint how to resolve this problem?
>>
>> Many thanks in advance!
>>
>> _______________________________________________
>> Openvas-discuss mailing list
>> Openvas-discuss@wald.intevation.org
>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
>
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
