Install OpenVAS – Open Vulnerability Assessment Scanner

- Advertisement -

Today you will learn how to install OpenVAS.

OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.
The scanner obtains the tests for detecting vulnerabilities from a feed that has a long history and daily updates.

OpenVAS has been developed and driven forward by the company Greenbone Networks since 2006. As part of the commercial vulnerability management product family Greenbone Enterprise Appliance, the scanner forms the Greenbone Vulnerability Management together with other Open Source modules.

Update Ubuntu

Before installing packages on Ubuntu it’s recommended that you first update the system. To do that run the commands below:

sudo apt update
sudo apt dist-upgrade

After updating Ubuntu, continue below with installing OpenVAS.

Install OpenVAS

By default, OpenVAS is not available in the Ubuntu repositories. To install it, you’ll have to add its repository to your system.

To add its repository, run the commands below:

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:mrazavi/openvas

When you add the PPA above, it should display installation help as shown below:

- Advertisement -
sudo apt install sqlite3
sudo greenbone-nvt-sync
sudo greenbone-scapdata-sync
sudo greenbone-certdata-sync

sudo service openvas-scanner restart
sudo service openvas-manager restart
sudo openvasmd --migrate #only required when upgrading from an older version
sudo openvasmd --rebuild --progress

Please note that the default port number of the web interface for the new packages 
are changed to 4000. So, to access the web interface for version 9, 
go to https://localhost:4000. Use "admin" as username and password.
You can change the web interface port number by modifying /etc/default/openvas-gsa. 
Then, restart its service by issuing "sudo service openvas-gsa restart".

To enable pdf reports:
sudo apt install texlive-latex-extra --no-install-recommends
sudo apt install texlive-fonts-recommended --no-install-recommends

To install openvas-nasl utility:
sudo apt install libopenvas9-dev
Use the help message above to complete the setup.

Use the help message above to complete the setup.

After adding the repository, update Ubuntu archives and install OpenVAS with the following command:

sudo apt-get update
sudo apt-get install openvas9

During the installation, you will be asked to configure Redis database for OpenVAS as shown below:

┌─────────────────────────┤ Configuring openvas9-scanner ├────|
│                                                                                   
│ Openvas scanner require redis database to store data. 
It will connect to the database with a unix socket at /var/run/redis/redis.sock.│                                                                                                                                          │ 
│ If you agree, the installation process will enable redis unix socket at this address automatically,|
 by updateing /etc/redis/redis.conf.  │                                                                                                                                         │ 
│ Otherwise, you have to manually update your /etc/redis/redis.conf.|
│                                                                    
│ Do you want to enable redis unix socket in /etc/redis/redis.conf? |

           <Yes>                      <No>

Click on the Yes button to finish the installation.

To adhere to the help message above, install these packages below:

The SQLite 3 database package stores the Common Vulnerabilities and Exposures (CVE) data and some other packages for the PDF report to work

sudo apt install sqlite3
sudo apt install texlive-latex-extra --no-install-recommends
sudo apt install texlive-fonts-recommended
sudo apt install libopenvas9-dev

After installing the packages above, run the commands below to download the Network Vulnerability Tests from OpenVAS Feed and sync security content automation protocol data and cert vulnerability data using the commands below:

sudo greenbone-nvt-sync
sudo greenbone-scapdata-sync
sudo greenbone-certdata-sync

After that, restart the OpenVAS scanner, OpenVAS GSA and OpenVAS Manager with the following command:

sudo service openvas-scanner restart
sudo service openvas-manager restart
sudo service openvas-gsa restart

Finally, rebuild the OpenVAS database, so the manager can access the NVT data downloaded previously.

sudo openvasmd --rebuild --progress

Finally, open your web browser and browse to the server hostname or IP address followed by port 4000

That will open OpenVAS portal. Login with the default username and password:

Username: admin
Password admin

To change the admin password, use the commands below:

sudo openvasmd --user=unixcop --new-password=unixcop@123

Install OpenVAS
Install OpenVAS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

Join us on Facebook

x