Michael, Thank you for the reply and information. I am however running a PostgreSQL backend.
Since everything else works and I don't see what I am missing really, I am reluctant to mess with things at this moment. I might give it a try later but looking at my schedule and vacaction planning, I don't see much time for it in the coming weeks. Thijs Stuurman Security Operations Center | KPN Internedservices [email protected] | [email protected] T: +31(0)299476185 | M: +31(0)624366778 PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 W: https://www.internedservices.nl | L: http://nl.linkedin.com/in/thijsstuurman -----Oorspronkelijk bericht----- Van: [email protected] [mailto:[email protected]] Verzonden: donderdag 8 juni 2017 22:16 Aan: Thijs Stuurman <[email protected]> CC: [email protected] Onderwerp: RE: [Openvas-discuss] SCAP / CERT Databases missing Dear Thijs, thank you for reaching back. I am sorry for the missing field on WebGUI, i have currently no OpenVAS installation at hand to try out. We go an alternate way for this later. Here is a guide, that covers the recreation of a clean CERT DB: ---------------------------------------------------------------- Please run the following commands as root user: service openvas-manager stop mkdir /var/lib/openvas/cert-data/bak mv /var/lib/openvas/cert-data/cert.db /var/lib/openvas/cert-data/bak/ mv /var/lib/openvas/cert-data/timestamp* /var/lib/openvas/cert-data/bak/ service openvas-manager start Now we would need to trigger a Feedsync. By that, a new cert.db file (and the timestamp files) will be created. (please check with: ' ls -lah /var/lib/openvas/cert-data/cert.db ') Please asure the feedsync has completed before taking next steps! After the Feedsync has completed, please run the following commands, preferable via copy&paste: chmod 640 /var/lib/openvas/cert-data/cert.db sqlite3 /var/lib/openvas/cert-data/cert.db 'PRAGMA journal_mode=WAL' Now reboot the machine and see if the problem has solved. If so, we would next go and remove the ../bak folder like this: cd /var/lib/openvas/cert-data rm -r bak Explanation: Withing this guide, we backup the current state, and remove the db from it's original location. The scanner will then think he has this db missing and therefore creates a new one. This process is triggered by running a feedupdate. With a newly created certs.db the problem should be gone. Cheers, Michael. On 08.06.2017 10:52, Thijs Stuurman wrote: > Michael, > > Outputs: > > """ > > ~# ls -lah /opt/openvas/var/lib/openvas/cert-data/ > /opt/openvas/var/lib/openvas/scap-data/ > > /opt/openvas/var/lib/openvas/cert-data/: > > total 35M > > drwxr-xr-x 2 root root 4.0K May 11 16:49 . > > drwxr-xr-x 10 root root 4.0K May 10 10:12 .. > > -rw-r--r-- 1 root root 1.4M Nov 29 2016 CB-K13.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 CB-K13.xml.asc > > -rw-r--r-- 1 root root 4.6M Jan 25 09:59 CB-K14.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 CB-K14.xml.asc > > -rw-r--r-- 1 root root 5.9M Jan 25 09:59 CB-K15.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 CB-K15.xml.asc > > -rw-r--r-- 1 root root 7.9M Jan 25 09:59 CB-K16.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 CB-K16.xml.asc > > -rw-r--r-- 1 root root 551K Jan 25 09:59 CB-K17.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 CB-K17.xml.asc > > -rw-r--r-- 1 root root 25K May 11 16:49 cert.db > > -rw-r--r-- 1 root root 1.1K Sep 20 2016 COPYING > > -rw-r--r-- 1 root root 181 May 11 08:08 COPYING.asc > > -rw-r--r-- 1 root root 3.0K Sep 20 2016 dfn-cert-2008.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2008.xml.asc > > -rw-r--r-- 1 root root 662K Sep 20 2016 dfn-cert-2009.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2009.xml.asc > > -rw-r--r-- 1 root root 1.4M Sep 20 2016 dfn-cert-2010.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2010.xml.asc > > -rw-r--r-- 1 root root 1.6M Sep 20 2016 dfn-cert-2011.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2011.xml.asc > > -rw-r--r-- 1 root root 1.7M Sep 20 2016 dfn-cert-2012.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2012.xml.asc > > -rw-r--r-- 1 root root 1.6M Nov 7 2016 dfn-cert-2013.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2013.xml.asc > > -rw-r--r-- 1 root root 1.5M Apr 13 08:53 dfn-cert-2014.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2014.xml.asc > > -rw-r--r-- 1 root root 2.0M May 10 07:52 dfn-cert-2015.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2015.xml.asc > > -rw-r--r-- 1 root root 2.6M May 11 08:08 dfn-cert-2016.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2016.xml.asc > > -rw-r--r-- 1 root root 1.1M May 11 08:08 dfn-cert-2017.xml > > -rw-r--r-- 1 root root 181 May 11 08:08 dfn-cert-2017.xml.asc > > -rw-r--r-- 1 root root 2.0K May 11 08:08 sha1sums > > -rw-r--r-- 1 root root 13 May 11 08:08 timestamp > > -rw-r--r-- 1 root root 181 May 11 08:08 timestamp.asc > > /opt/openvas/var/lib/openvas/scap-data/: > > total 554M > > drwxr-xr-x 3 root root 4.0K May 11 08:05 . > > drwxr-xr-x 10 root root 4.0K May 10 10:12 .. > > -rw-r--r-- 1 root root 1.5K May 11 08:03 COPYING > > -rw-r--r-- 1 root root 181 May 11 08:03 COPYING.asc > > -rw-r--r-- 1 root root 19M May 4 09:07 nvdcve-2.0-2002.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2002.xml.asc > > -rw-r--r-- 1 root root 5.5M May 2 23:47 nvdcve-2.0-2003.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2003.xml.asc > > -rw-r--r-- 1 root root 12M May 2 23:46 nvdcve-2.0-2004.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2004.xml.asc > > -rw-r--r-- 1 root root 18M May 2 23:45 nvdcve-2.0-2005.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2005.xml.asc > > -rw-r--r-- 1 root root 27M May 2 23:43 nvdcve-2.0-2006.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2006.xml.asc > > -rw-r--r-- 1 root root 25M May 2 23:41 nvdcve-2.0-2007.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2007.xml.asc > > -rw-r--r-- 1 root root 31M May 2 23:38 nvdcve-2.0-2008.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2008.xml.asc > > -rw-r--r-- 1 root root 31M May 2 23:35 nvdcve-2.0-2009.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2009.xml.asc > > -rw-r--r-- 1 root root 45M May 10 09:12 nvdcve-2.0-2010.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2010.xml.asc > > -rw-r--r-- 1 root root 109M May 2 23:29 nvdcve-2.0-2011.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2011.xml.asc > > -rw-r--r-- 1 root root 42M May 2 23:25 nvdcve-2.0-2012.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2012.xml.asc > > -rw-r--r-- 1 root root 44M May 3 08:39 nvdcve-2.0-2013.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2013.xml.asc > > -rw-r--r-- 1 root root 40M May 10 09:09 nvdcve-2.0-2014.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2014.xml.asc > > -rw-r--r-- 1 root root 31M May 10 09:06 nvdcve-2.0-2015.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2015.xml.asc > > -rw-r--r-- 1 root root 36M May 10 09:03 nvdcve-2.0-2016.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2016.xml.asc > > -rw-r--r-- 1 root root 8.7M May 10 09:00 nvdcve-2.0-2017.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 nvdcve-2.0-2017.xml.asc > > -rw-r--r-- 1 root root 37M May 10 06:52 > official-cpe-dictionary_v2.2.xml > > -rw-r--r-- 1 root root 181 May 11 08:03 > official-cpe-dictionary_v2.2.xml.asc > > drwxr-xr-x 3 root root 4.0K Oct 15 2015 oval > > -rw-r--r-- 1 root root 3.9K May 11 08:03 sha1sums > > -rw-r--r-- 1 root root 21 Sep 20 2016 status > > -rw-r--r-- 1 root root 198 Sep 20 2016 status.asc > > -rw-r--r-- 1 root root 13 May 11 08:03 timestamp > > -rw-r--r-- 1 root root 181 May 11 08:03 timestamp.asc > > """ > > Feed status: > > Right now I am only missing the CERT information, haven’t tried to get > it working any further since my last email on it. > > I only update before I start montlhy scans so it might be a bit behind > at the moment. > > Btw, “you can also manually trigger these updates via WebGUI > (available under "Administration", where you also add users, create > groups, roles, etc.).”, under Administration I only see the options > Users, Groups, Roles, LDAP and Radius. > > Thijs Stuurman > > Security Operations Center | KPN Internedservices > > [email protected] | [email protected] > > T: +31(0)299476185 | M: +31(0)624366778 > > PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) > > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > W: https://www.internedservices.nl | L: > http://nl.linkedin.com/in/thijsstuurman > > -----Oorspronkelijk bericht----- > Van: [email protected] > [mailto:[email protected]] > Verzonden: woensdag 7 juni 2017 18:07 > Aan: Thijs Stuurman <[email protected]> > CC: [email protected] > Onderwerp: Re: [Openvas-discuss] SCAP / CERT Databases missing > > Hello, > > could you guys please cd into these directories: > > /var/lib/openvas/cert-data/ > > /var/lib/openvas/scap-data/ > > ..and do an 'ls -lah' in there each. Please log the output and send it > over within your next message. > > The SCAP and CERT Databases however, are rewritten at feed sync stage, > you can also manually trigger these updates via WebGUI (available > under "Administration", where you also add users, create groups, > roles, etc.). > > Each SCAP and CERT have an entry there, with a Button that allows > manually syncing. But before syncing, i would suggest to capture the > 'ls -lah' output and send it over to us. > > Cheers, > > Michael. > > On 19.05.2017 10:04, Thijs Stuurman wrote: > >> Panos, > >> > >> Nope! > >> > >> I recently went from 8 to 9 and also had issues with the SCAP and > CERT > >> database errors. > >> > >> Turned out the scripts wanted to change my database but had no > rights > >> to make the changes .. I eventually fixed that and got rid of the > >> errors but I do not see any data. > >> > >> To be honest I gave up for now, not sure if missing it really makes > a > >> big deal for me. (what am I missing really? Someone let me know if I > > >> should care) > >> > >> Thijs Stuurman > >> > >> Security Operations Center | KPN Internedservices > >> > >> [email protected] | [email protected] > >> > >> T: +31(0)299476185 | M: +31(0)624366778 > >> > >> PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/ [1] [1]) > >> > >> Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > >> > >> W: https://www.internedservices.nl [2] [2] | L: > >> http://nl.linkedin.com/in/thijsstuurman [3] [3] > >> > >> VAN: Openvas-discuss > >> [mailto:[email protected]] NAMENS > ?a?a???t?? > >> ?e??t??? > >> VERZONDEN: woensdag 17 mei 2017 16:40 > >> AAN: [email protected]; > >> [email protected] > >> ONDERWERP: [Openvas-discuss] SCAP / CERT Databases missing > >> > >> Dear All, > >> > >> I have latest versions of kali (4.9.0) and OpenVas (9.0) on a USB > >> stick with persistence. > >> > >> Everything is setup and running, EXCEPT the fact that I get a > warning > >> in GSA that SCAP or CERT databases are empty. Followed the > >> instructions for the corresponding feed syncs, but no change > >> whatsoever… > >> > >> Any ideas? > >> > >> Thanks in advance, > >> > >> Panos > >> > >> PANAGIOTIS LEONTIOS > >> > >> Business Engineer | Project Manager | Consultant > >> > >> BEng, DIC, MSc, MBA, IRCA Lead Auditor > >> > >> M: +30 6977 976269 > >> > >> E: [email protected] > >> > >> B: pleontios.wordpress.com [4] > >> > >> L: www.linkedin.com/in/leontios [4] [5] > >> > >> T: @pleontios [6] > >> > >> > >> > >> Links: > >> ------ > >> [1] https://pgp.surfnet.nl/ [1] > >> [2] https://www.internedservices.nl/ [5] > >> [3] http://nl.linkedin.com/in/thijsstuurman [3] > >> [4] http://pleontios.wordpress.com/ [6] > >> [5] http://www.linkedin.com/in/leontios [4] > >> [6] https://twitter.com/pleontios [7] > >> > >> _______________________________________________ > >> Openvas-discuss mailing list > >> [email protected] > >> > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-dis > [8] > >> cuss > > > > Links: > ------ > [1] https://pgp.surfnet.nl/ > [2] https://www.internedservices.nl > [3] http://nl.linkedin.com/in/thijsstuurman > [4] http://www.linkedin.com/in/leontios > [5] https://www.internedservices.nl/ > [6] http://pleontios.wordpress.com/ > [7] https://twitter.com/pleontios > [8] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-dis _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
