Greenbone/OpenVAS

Greenbone/OpenVAS Vulnerability Scanner

Following on with my last post regarding security, for those that are trying to install OpenVAS on Ubuntu 16.04, here’s a decent article. I did not write it, but copied it from http://olivermarshall.net/how-to-install-openvas-9-on-ubuntu-16/ in an effort to save myself some time in the future if I lose the link. Please check out the original article and give kudos to the author.

 

How to install OpenVAS 9 on Ubuntu 16 LTS

How to install OpenVAS 9 on Ubuntu 16 LTS

OpenVAS 9 is the latest version of the most well-known open source vulnerability scanner. OpenVAS allows easy scanning of networks with support for a number of vulnerability feeds, both commercial and community driven. Version 9 adds to the list of features and, above all, includes a newer interface with a reduced chance of making your eyeballs bleed.

Here’s my rough, but pretty ready, guide on how to install OpenVAS 9 on to Ubuntu 16.04.2 LTS (Long Term Support).

  1. Install Ubuntu 16 LTS in your VM of choice. OpenVAS is processor intensive so the more oompf you can give it the better.
  2. Once it’s ready, update your sources and apply any upgrades to the OS, with a reboot for good measure.
  3. Install the requirements for OpenVAS 9.
  4. Next you’ll need to add the OpenVAS source to your list of apt sources and tell apt to update it’s uber-database.
  5. Now we get serious and get OpenVAS settled in to place.
  6. With OpenVAS in place we need to make sure that its feeds are up to date. This is where you go and get a cup of tea as this can take 30 mins or more.
  7. With the feeds in place lets just be cautious and restart the scanner and manager services and also rebuild the OpenVAS databases. I’m not sure if this is still needed in v9, but hey-ho, let’s roll with it.
  8. The following two lines are needed for PDF reporting. We’ll install the texlive bits and also the font kit. If you are seeing blank PDF reports in OpenVAS 9 then it’s likely you’ve missed the font kit line below.
  9. Install the OpenVAS 9 dev stuff if you need to.
  10. With OpenVAS now running on your box you need to just allow TCP port 4000 through the firewall. If you haven’t already enabled it then you should, so lets do that now.
  11. So, with OpenVAS ready, the firewall suitably firewalled, you can point your browser to https://serverip:4000 and log in with the user admin and password admin.