OPenvas扫描器安装时step1 是交换指导升级(nvt,cert,scap),这次升级后是自动升级24h升级一次,但第一次升级时选择默认的rsync升级时会出现同步失败的问题,导致openvas安装完后有很大模块和规则不是最新的从而会影响扫描结果。
问题:
如过选择默认的rsync升级,最后失败了。扫描结束会有这样的告警(告诉扫描者应该升级本地扫描引擎,版本低可能会影响扫描结果)
Report outdated / end-of-life Scan Engine / Environment (local)
Summary
This script checks and reports an outdated or end-of-life scan engine
for the following environments:
-
Greenbone Source Edition (GSE)
-
Greenbone Community Edition (GCE)
used for this scan.
NOTE: While this is not, in and of itself, a security vulnerability, a severity is reported to make you aware
of a possible decreased scan coverage or missing detection of vulnerabilities on the target due to e.g.:
-
missing functionalities
-
missing bugfixes
-
incompatibilities within the feed.
Detection Result
Installed GVM Libraries (gvm-libs) version: 10.0.0
Latest available GVM Libraries (gvm-libs) version: 10.0.2
Reference URL(s) for the latest available version: https://community.greenbone.net/t/gvm-11-stable-initial-release-2019-10-14/3674 / https://community.greenbone.net/t/gvm-10-old-stable-initial-release-2019-04-05/208
Detection Method
Details:
Report outdated / end-of-life Scan Engine / Environment (local) OID: 1.3.6.1.4.1.25623.1.0.108560
Version used:
2020-06-10T13:24:20Z
Solution
Solution Type:
Vendorfix
Update to the latest available stable release for your scan environment. Please check the
references for more information. If you’re using packages provided by your Linux distribution please contact the maintainer
of the used distribution / repository and request updated packages.
If you want to accept the risk of a possible decreased scan coverage or missing detection of vulnerabilities on the target you
can set a global override for this script as described in the linked manuals.
解决办法:按report中提示点击下载升级包、点击无反应。
我们openvas-setup 开始在设置一边openvas,这次别用默认的rsync,用wget 或者curl方法。