Setup Repository:
Issue the following command in the terminal to install atomic repo.
# wget -q -O - http://www.atomicorp.com/installers/atomic |sh
Accept the license Agreement.
Atomic Free Unsupported Archive installer, version 2.0.12BY INSTALLING THIS SOFTWARE AND BY USING ANY AND ALL SOFTWARE PROVIDED BY ATOMICORP LIMITED YOU ACKNOWLEDGE AND AGREE:THIS SOFTWARE AND ALL SOFTWARE PROVIDED IN THIS REPOSITORY IS PROVIDED BY ATOMICORP LIMITED AS IS, IS UNSUPPORTED AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ATOMICORP LIMITED, THE COPYRIGHT OWNER OR ANY CONTRIBUTOR TO ANY AND ALL SOFTWARE PROVIDED BY OR PUBLISHED IN THIS REPOSITORY BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.==================================================================== THIS SOFTWARE IS UNSUPPORTED. IF YOU REQUIRE SUPPORTED SOFWARE PLEASE SEE THE URL BELOW TO PURCHASE A NUCLEUS LICENSE AND DO NOT PROCEED WITH INSTALLING THIS PACKAGE. ====================================================================For supported software packages please purchase a Nucleus license: https://www.atomicorp.com/products/nucleus.html All atomic repository rpms are UNSUPPORTED. Do you agree to these terms? (yes/no) [Default: yes] yesConfiguring the [atomic] yum archive for this systemInstalling the Atomic GPG key: OK Downloading atomic-release-1.0-19.el7.art.noarch.rpm: OKThe Atomic Rocket Turtle archive has now been installed and configured for your system The following channels are available: atomic - [ACTIVATED] - contains the stable tree of ART packages atomic-testing - [DISABLED] - contains the testing tree of ART packages atomic-bleeding - [DISABLED] - contains the development tree of ART packages
System Repo (Only for RHEL):
OpenVAS installation requires additional packages to be downloaded from internet, if your system does not have Redhat subscription you need to setup the CentOS repository.
# vi /etc/yum.repos.d/centos.repo
Add the following lines.
[CentOS]
name=centos
baseurl=http://mirror.centos.org/centos/7/os/x86_64/
enabled=1
gpgcheck=0
PS: CentOS machines do not requires the above repo setup, system automatically creates it during the installation.
Install & Setup OpenVAS:
Issue the following command to install OpenVAS.
# yum -y install openvas
Once the installation is completed, start the OpenVAS setup.
# openvas-setup
Setup will start to download the latest database from internet, Upon completion, setup would ask you to configure listening ip address.
Step 2: Configure GSAD
The Greenbone Security Assistant is a Web Based front end
for managing scans. By default it is configured to only allow
connections from localhost.
Allow connections from any IP? [Default: yes]
Restarting gsad (via systemctl): [ OK ]
Configure admin user.
Step 3: Choose the GSAD admin users password. The admin user is used to configure accounts, Update NVT's manually, and manage roles. Enter administrator username [Default: admin] : admin Enter Administrator Password: Verify Administrator Password:
Once completed, you would see the following message.
Setup complete, you can now access GSAD at:
Disable Iptables.
# systemctl stop iptables.service
Create Certificate for OpenVAS manager.
# openvas-mkcert-client -n om -i
You do not require to enter any information, it will automatically creates for you.
…………………..++++++
………………………..++++++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [DE]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server’s hostname) []:Email Address []:Using configuration from /tmp/openvas-mkcert-client.2827/stdC.cnf
Check that the request matches the signature
Signature ok
The Subject’s Distinguished Name is as follows
countryName :PRINTABLE:’DE’
localityName :PRINTABLE:’Berlin’
commonName :PRINTABLE:’om’
Certificate is to be certified until Aug 5 19:43:32 2015 GMT (365 days)Write out database with 1 new entries
Data Base Updated
Your client certificates are in /tmp/openvas-mkcert-client.2827 .You will have to copy them by hand.
Now Rebuild the OpenVAS database (If required)
# openvasmd --rebuild
Once Completed, Start the OpenVAS manager.
# openvasmd
Open your browser and point to https://your-ip-address:9392. Login as admin using the password created by you.
You can start the quick scan by entering ip address in the quick scan field.
After that you would the see immediate task like below. currently 98% scanning is completed
Click on the task to view the details of the scan, details will be like below. Once the scan is completed, click on “Date” to see the report.
In report page you have option to download the report in multiple format like pdf, html,xml, etc,.. or you can click on the each Vulnerability to see the full information.
Actual report will look like below.
That’s All, Place your valuable comments below.
I did this and after a reboot I tried opening in the OpenVAS WebPage and that did not work. I started the service and that did not work. I killed all services and restarted them and no dice. What did you do to get openvas to work after a reboot?
You will need to restart the OpenVAS services again. Run openvas-check-system command it will show you which services need to be restarted and which commands needed to start them.
Would it not be better just to add 9392 to the iptables rather than taking down your entire firewall? That seems like the opposite of what you should be doing if you are security aware…
Disabling IPTables is to allow openvas to scan all network port of target.
well done for the great tutorial.
I suggest to disable firewalld and also SELinux as otherwise all reports will be empty
Where is the default configuration file since it’s not in the /etc/openvas with all the other configurations. There is only openvassd.conf not openvasd.conf or is this the new main conf file? There are no port or IP service settings in there though.
Dear Chris,
OpenVAS lacks in official documentation, this was written purely on practical which will atleast scan for vulnerabilies.
Hey guys,
yum -y install openvas
On CentOS 7 throws:
Error: Package: 1:nikto-2.1.5-10.el7.noarch (epel)
Requires: perl(LW2)
Any advise?
Thanks.
Check for Perl package in epel
yum –disablerepo=epel install openvas fixes my issue.
You forgot to mention you need to install the EPEL repo, or you’ll run into dep problems with openvas-smb.
rpm -Uvh http://mirror.umd.edu/fedora/epel/7/x86_64/e/epel-release-7-5.noarch.rpm should fix that issue.
Pour info, si vous obtenez “Error” quand vous lancez un scan, et que le openvas-check-setup vous dit que le serveur redis-server ne tourne pas et que vous devez le fixer, vous avez ceci à faire:
1. Désactiver SELinux, vi /etc/selinux/config -> disabled
2. echo “unixsocket /tmp/redis.sock” >> /etc/redis.conf
3. systemctl enable redis.service