How to Install OpenVAS on Ubuntu 16.04 / Ubuntu 14.04

1

OpenVASOpenVAS known as Open Vulnerability Assessment System is an open source vulnerability suite to run the test against servers for known vulnerabilities using the database (Network Vulnerability Tests), OpenVAS is a free software, its components are released under GNU General Public License (GNU GPL). Here is the small guide to install OpenVAS on Ubuntu 16.04 / Ubuntu 14.04.

Setup Repository:

Offical OpenVAS packages are available on launchpad. Issue the following command to add OpenVAS PPA on your machine.

sudo add-apt-repository ppa:mrazavi/openvas

Update your system repository cache.

sudo apt-get update

Install & Setup OpenVAS:

OpenVAS repository includes newer packages for OpenVAS 9. If you do not mention the version name in apt-get install command, you may end up installing OpenVAS 8 instead of OpenVAS 9 on your system.

### OpenVAS 9 ###

sudo apt-get install -y openvas9

### OpenVAS 8 ###

sudo apt-get install -y openvas
OpenVAS 8 is only tested on Ubuntu 16.04  and Ubuntu 14.04.

During the package installation, let the installer automatically configure Redis database for OpenVAS scanner.

How to Install OpenVAS on Ubuntu 16.04 - Configuring OpenVAS Scanner
How to Install OpenVAS on Ubuntu 16.04 – Configuring OpenVAS Scanner

Upon completion of installation. You would need to download a set of NVT’s (Network Vulnerability Tests) from OpenVAS Feed service. To begin the download, execute the following command.

### OpenVAS 9 ###

sudo greenbone-nvt-sync

### OpenVAS 8 ###

sudo openvas-nvt-sync

Upon completion, run following command to download and update our security content automation protocol data (SCAP).

### OpenVAS 9 ###

sudo greenbone-scapdata-sync

### OpenVAS 8 ###

sudo openvas-scapdata-sync

This will take longer time, but not more than 30 minutes (Depends on your internet connection).

Download certdata as well.

### OpenVAS 9 ###

sudo greenbone-certdata-sync

### OpenVAS 8 ###

sudo openvas-certdata-sync

This will also take some time to complete, but lesser than what it takes for downloading SCAP data.

Restart the OpenVAS scanner and OpenVAS Manager.

sudo service openvas-scanner restart
sudo service openvas-manager restart

Now Rebuild the OpenVAS database.

sudo openvasmd --rebuild --progress

Working with OpenVAS Web Interface:

In OpenVAS 9, default port number of the web interface is 4000. So, to access the web interface for version 9, go to,

https://your-ip-addr-ess:4000

To access the web interface of OpenVAS 8, go to

https://your-ip-addr-ess

Change Interface Port Number (Optional) – Ubuntu 16.04:

You can change the port number of web interface by editing /etc/default/openvas-gsa.

PORT_NUMBER=4000

Restart the openvas-gsa service to take an effect of the port number change.

sudo service openvas-gsa restart

Once Completed, Start the OpenVAS Manager.

openvasmd

Run the first security scan:

OpenVAS 9:

OpenVAS 8:

That’s All, Place your valuable comments below.

You might also like

  • Dean Stickells

    Thanks for the great tutorial but please can anyone help? – I get OpenVAS up and running real easy and start a scan which seems to go well. However, I have resorted to rebuilding it from scratch several times because I keep hitting a brick well (generally after a reboot) where the “openvasmd
    –rebuild –progress” hangs after a short while (literally for hours until I give up) or, the “openvas-scanner” service keeps timing out on start. I’m no LINUX export so maybe I am missing something simple but it’s driving me mad 🙁

    I would post logs but I cant seem to find any with any relevant help or information – the best I can get is this;

    administrator@ovas01:~$ systemctl status openvas-scanner.service
    ● openvas-scanner.service – LSB: remote network security auditor – scanner
    Loaded: loaded (/etc/init.d/openvas-scanner; bad; vendor preset: enabled)
    Active: failed (Result: timeout) since Thu 2017-05-25 14:56:19 BST; 16min ago
    Docs: man:systemd-sysv-generator(8)
    Process: 1565 ExecStart=/etc/init.d/openvas-scanner start (code=killed, signal=TERM)
    Tasks: 2
    Memory: 5.0M
    CPU: 25ms
    CGroup: /system.slice/openvas-scanner.service
    ├─1297 /usr/sbin/openvassd
    └─1571 /usr/sbin/openvassd

    May 25 14:51:19 ovas01 systemd[1]: Starting LSB: remote network security auditor – scanner…
    May 25 14:56:19 ovas01 systemd[1]: openvas-scanner.service: Start operation timed out. Terminating.
    May 25 14:56:19 ovas01 systemd[1]: Failed to start LSB: remote network security auditor – scanner.
    May 25 14:56:19 ovas01 systemd[1]: openvas-scanner.service: Unit entered failed state.
    May 25 14:56:19 ovas01 systemd[1]: openvas-scanner.service: Failed with result ‘timeout’.

    Thanks in advance!

Shares
Close