This brief tutorial shows students and new users how to install OpenVAS on Ubuntu 18.04 | 16.04.
OpenVAS, short for Open Vulnerability Assessment System, is a full-featured vulnerability scanner for the uninitiated. It provides unauthenticated, authenticated testing, performance tuning for large-scale scans, and tools to implement any type of vulnerability test.
If you’re looking for an open-source alternative to Nessus and Qualys Guard, OpenVAS might be something you might want to consider. With its robust and intuitive admin web portal, you can perform scans efficiently.
For more about OpenVAS, please check its homepage.
When you’re ready to install OpenVAS, follow the steps below:
Update Ubuntu
Before installing packages on Ubuntu, you must first update the system. To do that, run the commands below:
sudo apt update sudo apt dist-upgrade
After updating Ubuntu, continue below with installing OpenVAS.
Install and Configure OpenVAS
By default, OpenVAS is not available in the Ubuntu repositories. You’ll have to add its repository to your system to install it.
To add its repository, run the commands below:
sudo apt-get install software-properties-common sudo add-apt-repository ppa:mrazavi/openvas
When you add the PPA above, it should display installation help as shown below:
*** Openvas 9 *** A set of packages for openvas 9 is included in this PPA. If you prefer to install them, you just have to install "openvas9" package (instead of "openvas" for the old version). Then, update scripts/data with the following commands: sudo apt install sqlite3 sudo greenbone-nvt-sync sudo greenbone-scapdata-sync sudo greenbone-certdata-sync sudo service openvas-scanner restart sudo service openvas-manager restart sudo openvasmd --migrate #only required when upgrading from an older version sudo openvasmd --rebuild --progress Please note that the default port number of the web interface for the new packages are changed to 4000. So, to access the web interface for version 9, go to https://localhost:4000. Use "admin" as username and password. You can change the web interface port number by modifying /etc/default/openvas-gsa. Then, restart its service by issuing "sudo service openvas-gsa restart". To enable pdf reports: sudo apt install texlive-latex-extra --no-install-recommends sudo apt install texlive-fonts-recommended --no-install-recommends To install openvas-nasl utility: sudo apt install libopenvas9-dev
Use the help message above to complete the setup.
After adding the repository, update Ubuntu archives and install OpenVAS with the following command:
sudo apt-get update sudo apt-get install openvas9
During the installation, you will be asked to configure the Redis database for OpenVAS as shown below:
┌─────────────────────────┤ Configuring openvas9-scanner ├────|
│
│ Openvas scanner require redis database to store data.
It will connect to the database with a unix socket at /var/run/redis/redis.sock.│ │
│ If you agree, the installation process will enable redis unix socket at this address automatically,|
by updateing /etc/redis/redis.conf. │ │
│ Otherwise, you have to manually update your /etc/redis/redis.conf.|
│
│ Do you want to enable redis unix socket in /etc/redis/redis.conf? |
<Yes> <No>
Click on the Yes button to finish the installation.
To adhere to the help message above, install these packages below:
The SQLite 3 database package stores the Common Vulnerabilities and Exposures (CVE) data and some other packages for the PDF report to work.
sudo apt install sqlite3 sudo apt install texlive-latex-extra --no-install-recommends sudo apt install texlive-fonts-recommended sudo apt install libopenvas9-dev
After installing the packages above, run the commands below to download the Network Vulnerability Tests from OpenVAS Feed and sync security content automation protocol data and cert vulnerability data using the commands below:
sudo greenbone-nvt-sync sudo greenbone-scapdata-sync sudo greenbone-certdata-sync
After that, restart the OpenVAS scanner, OpenVAS GSA, and OpenVAS Manager with the following command:
sudo service openvas-scanner restart sudo service openvas-manager restart sudo service openvas-gsa restart
To validate if the OpenVAS service is running, run the commands below:
sudo service openvas-scanner status
It should display a similar message as shown below:
openvas-scanner.service - LSB: remote network security auditor - scanner
Loaded: loaded (/etc/init.d/openvas-scanner; generated)
Active: active (running) since Tue 2020-03-10 10:19:30 CDT; 19s ago
Docs: man:systemd-sysv-generator(8)
Process: 23051 ExecStop=/etc/init.d/openvas-scanner stop (code=exited, status=0/SUCCESS)
Process: 23059 ExecStart=/etc/init.d/openvas-scanner start (code=exited, status=0/SUCCESS)
Tasks: 1 (limit: 4666)
CGroup: /system.slice/openvas-scanner.service
└─23066 openvassd: Waiting for incoming connections
Mar 10 10:19:30 ubuntu1804 systemd[1]: Stopped LSB: remote network security auditor - scanner.
Mar 10 10:19:30 ubuntu1804 systemd[1]: Starting LSB: remote network security auditor - scanner.
Mar 10 10:19:30 ubuntu1804 systemd[1]: Started LSB: remote network security auditor - scanner.
Finally, rebuild the OpenVAS database so the manager can access the NVT data downloaded previously.
sudo openvasmd --rebuild --progress
Finally, open your web browser and browse to the server hostname or IP address followed by port 4000
https://localhost:4000
That will open the OpenVAS portal. Login with the default username and password:
Username: admin Password admin
To change the admin password, use the commands below:
sudo openvasmd --user=admin --new-password=admin@321
That should do it!
Log on to the portal and begin setting up your environment.
Conclusion:
This post showed you how to install and configure OpenVAS on Ubuntu 18.04 | 16.04. If you find any error, please report it in the comment form below.
Thanks,
Leave a Reply