Thursday, May 16, 2013

HOWTO : OpenVAS on Ubuntu Desktop 12.04 LTS

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

Step 1 :

At the time of this writing, the "stable" is version 5 while the "nightly builds" is version 6.

sudo add-apt-repository ppa:openvas/stable

or

sudo add-apt-repository ppa:openvas/nightly

sudo apt-get update
sudo apt-get install openvas-scanner openvas-manager openvas-administrator greenbone-security-assistant openvas-cli openvas-check-setup gsd

sudo apt-get install xsltproc sqlite3


Step 2 :

sudo openvas-mkcert

It will generate the following :

- Certification authority:
  Certificate = /var/lib/openvas/CA/cacert.pem
  Private key = /var/lib/openvas/private/CA/cakey.pem

- OpenVAS Server :
  Certificate = /var/lib/openvas/CA/servercert.pem
  Private key = /var/lib/openvas/private/CA/serverkey.pem

To sync the Network Vulnerability Tests (NVT) feed :

sudo openvas-nvt-sync

If you are using OpenVAS 6, you also need to sync the SCAP data :

sudo openvas-scapdata-sync

After that you have to create a client certificate using the openvas-mkcert-client tool. If -n is specified the tool doesn’t ask any questions and creates a certificate for the user "om". The -i parameter installs the certificate to be used with the OpenVAS manager.

sudo openvas-mkcert-client -n om -i

Before going further, stop the following services :

sudo /etc/init.d/openvas-scanner stop
sudo /etc/init.d/openvas-manager stop
sudo /etc/init.d/openvas-administrator stop
sudo /etc/init.d/greenbone-security-assistant stop


It needs some time to fully start it, please be patient :

sudo openvassd

Migrate and rebuild the databases. It needs some time to finish :

sudo openvasmd --migrate
sudo openvasmd --rebuild

sudo killall openvassd


To start it again but wait for some seconds before doing so as it need some time to shut down for the previous command :

sudo /etc/init.d/openvas-scanner start
sudo /etc/init.d/openvas-manager start
sudo /etc/init.d/openvas-administrator restart
sudo /etc/init.d/greenbone-security-assistant restart


To create a user "admin" with the role of "Admin" :

sudo openvasad -c add_user -n admin -r Admin

You will be asked for the password. You need to use this username and password to login to the OpenVAS.

Step 3 :

Check if your setup is correct or not.

Stable builds -
sudo openvas-check-setup

or

Nightly builds -
sudo openvas-check-setup --v6

Step 4 :

To run it. Point the Firefox to :

https://localhost:9392/

Step 5 :

To update it.

sudo openvas-nvt-sync

Step 6 (Optional) :

To start it manually instead of auto-run.

Start script -
sudo -sH
nano /etc/init.d/openvas-start


Append the following to the file :

sudo /etc/init.d/openvas-scanner start
sudo /etc/init.d/openvas-manager start
sudo /etc/init.d/openvas-administrator restart
sudo /etc/init.d/greenbone-security-assistant restart


chmod +x /etc/init.d/openvas-start

Stop script -

sudo -sH
nano /etc/init.d/openvas-stop


Append the following to the file :

sudo /etc/init.d/openvas-scanner stop
sudo /etc/init.d/openvas-manager stop
sudo /etc/init.d/openvas-administrator stop
sudo /etc/init.d/greenbone-security-assistant stop


chmod +x /etc/init.d/openvas-stop

sudo update-rc.d openvas-scanner disable
sudo update-rc.d openvas-manager disable
sudo update-rc.d openvas-administrator disable
sudo update-rc.d greenbone-security-assistant disable


To start the services :

sudo /etc/init.d/openvas-start

To stop the services :

sudo /etc/init.d/openvas-stop

That's all! See you.