OpenVAS 9 is the latest version of the most well-known open source vulnerability scanner. OpenVAS allows easy scanning of networks with support for a number of vulnerability feeds, both commercial and community driven. Version 9 adds to the list of features and, above all, includes a newer interface with a reduced chance of making your eyeballs bleed.
Here’s my rough, but pretty ready, guide on how to install OpenVAS 9 on to Ubuntu 16.04.2 LTS (Long Term Support).
- Install Ubuntu 16 LTS in your VM of choice. OpenVAS is processor intensive so the more oompf you can give it the better.
- Once it’s ready, update your sources and apply any upgrades to the OS, with a reboot for good measure.
sudo apt-get update sudo apt-get upgrade sudo reboot
- Install the requirements for OpenVAS 9.
sudo apt-get install python-software-properties sudo apt-get install sqlite3 sudo apt-get install software-properties-common
- Next you’ll need to add the OpenVAS source to your list of apt sources and tell apt to update it’s uber-database.
sudo add-apt-repository ppa:mrazavi/openvas sudo apt-get update
- Now we get serious and get OpenVAS settled in to place.
sudo apt-get install openvas9
- With OpenVAS in place we need to make sure that its feeds are up to date. This is where you go and get a cup of tea as this can take 30 mins or more.
sudo greenbone-nvt-sync sudo greenbone-scapdata-sync sudo greenbone-certdata-sync
- With the feeds in place lets just be cautious and restart the scanner and manager services and also rebuild the OpenVAS databases. I’m not sure if this is still needed in v9, but hey-ho, let’s roll with it.
sudo service openvas-scanner restart sudo service openvas-manager restart sudo openvasmd --rebuild --progress
- The following two lines are needed for PDF reporting. We’ll install the texlive bits and also the font kit. If you are seeing blank PDF reports in OpenVAS 9 then it’s likely you’ve missed the font kit line below.
sudo apt-get install texlive-latex-extra --no-install-recommends sudo apt-get install texlive-fonts-recommended
- Install the OpenVAS 9 dev stuff if you need to.
sudo apt-get install libopenvas9-dev
- With OpenVASÂ now running on your box you need to just allow TCP port 4000 through the firewall. If you haven’t already enabled it then you should, so lets do that now.
sudo ufw allow ssh sudo ufw allow 4000/tcp sudo ufw enable
- So, with OpenVAS ready, the firewall suitably firewalled, you can point your browser to https://serverip:4000 and log in with the user admin and password admin.
If you can see anything I might have missed then let me know in the comments section below.
What is your reaction?
Strongly Agree
0
Agree
0
Meh
0
Disagree
0
Strongly Disagree
0