Today you will learn how to install OpenVAS.
OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.
The scanner obtains the tests for detecting vulnerabilities from a feed that has a long history and daily updates.
OpenVAS has been developed and driven forward by the company Greenbone Networks since 2006. As part of the commercial vulnerability management product family Greenbone Enterprise Appliance, the scanner forms the Greenbone Vulnerability Management together with other Open Source modules.
Before installing packages on Ubuntu it’s recommended that you first update the system. To do that run the commands below:
sudo apt update sudo apt dist-upgrade
After updating Ubuntu, continue below with installing OpenVAS.
By default, OpenVAS is not available in the Ubuntu repositories. To install it, you’ll have to add its repository to your system.
To add its repository, run the commands below:
sudo apt-get install software-properties-common sudo add-apt-repository ppa:mrazavi/openvas
When you add the PPA above, it should display installation help as shown below:
sudo apt install sqlite3 sudo greenbone-nvt-sync sudo greenbone-scapdata-sync sudo greenbone-certdata-sync sudo service openvas-scanner restart sudo service openvas-manager restart sudo openvasmd --migrate #only required when upgrading from an older version sudo openvasmd --rebuild --progress Please note that the default port number of the web interface for the new packages are changed to 4000. So, to access the web interface for version 9, go to https://localhost:4000. Use "admin" as username and password. You can change the web interface port number by modifying /etc/default/openvas-gsa. Then, restart its service by issuing "sudo service openvas-gsa restart". To enable pdf reports: sudo apt install texlive-latex-extra --no-install-recommends sudo apt install texlive-fonts-recommended --no-install-recommends To install openvas-nasl utility: sudo apt install libopenvas9-dev Use the help message above to complete the setup.
Use the help message above to complete the setup.
After adding the repository, update Ubuntu archives and install OpenVAS with the following command:
sudo apt-get update sudo apt-get install openvas9
During the installation, you will be asked to configure Redis database for OpenVAS as shown below:
┌─────────────────────────┤ Configuring openvas9-scanner ├────| │ │ Openvas scanner require redis database to store data. It will connect to the database with a unix socket at /var/run/redis/redis.sock.│ │ │ If you agree, the installation process will enable redis unix socket at this address automatically,| by updateing /etc/redis/redis.conf. │ │ │ Otherwise, you have to manually update your /etc/redis/redis.conf.| │ │ Do you want to enable redis unix socket in /etc/redis/redis.conf? | <Yes> <No>
Click on the Yes button to finish the installation.
To adhere to the help message above, install these packages below:
The SQLite 3 database package stores the Common Vulnerabilities and Exposures (CVE) data and some other packages for the PDF report to work
sudo apt install sqlite3 sudo apt install texlive-latex-extra --no-install-recommends sudo apt install texlive-fonts-recommended sudo apt install libopenvas9-dev
After installing the packages above, run the commands below to download the Network Vulnerability Tests from OpenVAS Feed and sync security content automation protocol data and cert vulnerability data using the commands below:
sudo greenbone-nvt-sync sudo greenbone-scapdata-sync sudo greenbone-certdata-sync
After that, restart the OpenVAS scanner, OpenVAS GSA and OpenVAS Manager with the following command:
sudo service openvas-scanner restart sudo service openvas-manager restart sudo service openvas-gsa restart
Finally, rebuild the OpenVAS database, so the manager can access the NVT data downloaded previously.
sudo openvasmd --rebuild --progress
Finally, open your web browser and browse to the server hostname or IP address followed by port 4000
That will open OpenVAS portal. Login with the default username and password:
Username: admin Password admin
To change the admin password, use the commands below:
sudo openvasmd --user=unixcop --new-password=unixcop@123