Greenbone/OpenVAS Vulnerability Scanner
Following on with my last post regarding security, for those that are trying to install OpenVAS on Ubuntu 16.04, here’s a decent article. I did not write it, but copied it from http://olivermarshall.net/how-to-install-openvas-9-on-ubuntu-16/ in an effort to save myself some time in the future if I lose the link. Please check out the original article and give kudos to the author.
OpenVAS 9 is the latest version of the most well-known open source vulnerability scanner. OpenVAS allows easy scanning of networks with support for a number of vulnerability feeds, both commercial and community driven. Version 9 adds to the list of features and, above all, includes a newer interface with a reduced chance of making your eyeballs bleed.
Here’s my rough, but pretty ready, guide on how to install OpenVAS 9 on to Ubuntu 16.04.2 LTS (Long Term Support).
- Install Ubuntu 16 LTS in your VM of choice. OpenVAS is processor intensive so the more oompf you can give it the better.
- Once it’s ready, update your sources and apply any upgrades to the OS, with a reboot for good measure.
123sudo apt-get updatesudo apt-get upgradesudo reboot
- Install the requirements for OpenVAS 9.
123sudo apt-get install python-software-propertiessudo apt-get install sqlite3sudo apt-get install software-properties-common
- Next you’ll need to add the OpenVAS source to your list of apt sources and tell apt to update it’s uber-database.
12sudo add-apt-repository ppa:mrazavi/openvassudo apt-get update
- Now we get serious and get OpenVAS settled in to place.
1sudo apt-get install openvas9
- With OpenVAS in place we need to make sure that its feeds are up to date. This is where you go and get a cup of tea as this can take 30 mins or more.
123sudo greenbone-nvt-syncsudo greenbone-scapdata-syncsudo greenbone-certdata-sync
- With the feeds in place lets just be cautious and restart the scanner and manager services and also rebuild the OpenVAS databases. I’m not sure if this is still needed in v9, but hey-ho, let’s roll with it.
123sudo service openvas-scanner restartsudo service openvas-manager restartsudo openvasmd –rebuild –progress
- The following two lines are needed for PDF reporting. We’ll install the texlive bits and also the font kit. If you are seeing blank PDF reports in OpenVAS 9 then it’s likely you’ve missed the font kit line below.
12sudo apt-get install texlive-latex-extra –no-install-recommendssudo apt-get install texlive-fonts-recommended
- Install the OpenVAS 9 dev stuff if you need to.
1sudo apt-get install libopenvas9-dev
- With OpenVAS now running on your box you need to just allow TCP port 4000 through the firewall. If you haven’t already enabled it then you should, so lets do that now.
123sudo ufw allow sshsudo ufw allow 4000/tcpsudo ufw enable
- So, with OpenVAS ready, the firewall suitably firewalled, you can point your browser to https://serverip:4000 and log in with the user admin and password admin.