vulnerability scan with openvas

We can install an OpenVas vulnerability scanner on Linux. You can use it to scan your infrastructure. You can also scan vulnerability with OpenVas on Linux.

OpenVas is a full-featured vulnerability scanner that can help us to scan our infrastructure including network, servers, and much more. The OpenVas is developed and maintained by Greenbone Networks.

Check Out: Check Hardware Information, Block Devices, and FileSystems On Linux

How To Install Openvas Vulnerability Scanner On CentOS 7/8:

You have to run the below command to start the installation and it will add some GPG keys & install the repository.

wget -q -O - http://www.atomicorp.com/installers/atomic |sh

Write “Yes” and Enter. it will start the process as you can see below. 

Do you agree to these terms? (yes/no) [Default: yes] yes
Configuring the [atomic] repo archive for this system
Installing the Atomic GPG keys: OK
Downloading atomic-release-1.0-21.el8.art.noarch.rpm: Verifying... ################################# [100%]
Preparing... ################################# [100%]
Updating / installing...
1:atomic-release-1.0-21.el8.art ################################# [100%]
OK
Enable repo by default? (yes/no) [Default: yes]:
The Atomic repo has now been installed and configured for your system
The following channels are available:
atomic - [ACTIVATED] - contains the stable tree of ART packages
atomic-testing - [DISABLED] - contains the testing tree of ART packages
atomic-bleeding - [DISABLED] - contains the development tree of ART packages

Once the repository enabled and now we have to install the OpenVas package using the below commands.

yum install openvas -y

We will start the OpenVas setup installation with the below command and follow the instructions. you can also use it to stop it with openvas-stop command.

Check Out: How To Configure Master Kubernetes With Worker Node On Linux

openvas-setup

Openvas Setup, Version: 4.0.1

Redirecting to /bin/systemctl restart redis.service
Created symlink from /etc/systemd/system/multi-user.target.wants/redis.service to /usr/lib/systemd/system/redis.service.

Step 1: Update NVT, CERT, and SCAP data
Please note this step could take some time.
Once completed, this will be updated automatically every 24 hours

Select download method

* wget (NVT download only)
* curl (NVT download only)
* rsync

Note: If rsync requires a proxy, you should define that before this step.

Downloader [Default: rsync]

If you want to define the proxy, you can do that. I’m taking as default and Enter. It will start updating the package like NVT.

This process will take a few minutes to get complete. In the middle of the installation, it will ask you to set an administrator password. 

Step 2: Choose the GSAD admin users password.
The admin user is used to configure accounts,
Update NVT's manually, and manage roles.

Enter administrator username [Default: admin] :

Enter Administrator Password: 
Verify Administrator Password:

Setup complete, you can now access GSAD at:
https://<IP>:9392

Redirecting to /bin/systemctl restart gsad.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openvas-scanner.service to /usr/lib/systemd/system/openvas-scanner.service.
Created symlink from /etc/systemd/system/openvas-manager.service to /usr/lib/systemd/system/gvmd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/gvmd.service to /usr/lib/systemd/system/gvmd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/gsad.service to /usr/lib/systemd/system/gsad.service.

You can check the service using the below command.

[[email protected] ~]# systemctl status gsad
● gsad.service - Greenbone Security Assistant (OpenVAS)
Loaded: loaded (/usr/lib/systemd/system/gsad.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2020-07-03 11:34:42 PDT; 1min 16s ago
Main PID: 41605 (gsad)
Tasks: 4
CGroup: /system.slice/gsad.service
├─41605 /usr/sbin/gsad
└─41606 /usr/sbin/gsad

You need to open the 9392 port in the firewall rules to access it on the browser.

firewall-cmd --permanent --add-port=9392/tcp
firewall-cmd --reload

Check Out: How To Install Node.js And NPM On Ubuntu 19.10

Now try to open it with your https://IP:9392 on the browser if it’s not opening, you need to run the below commands and restart the service.  

[[email protected] ~]# echo 'OPTIONS="--listen=0.0.0.0 --port=9392"' > /etc/sysconfig/gsad
[[email protected] ~]# systemctl restart gsad

Once you hit this URL: https://192.168.185.136:9392 and it will not open with HTTP protocol. on the browser.

Now login with your credentials that you have created at the time of installation. 

install openvas scanner

We can perform scanning here. you can anything here in your infrastructure. 

openvas scanner linux

That’s it.

LEAVE A REPLY

Please enter your comment!
Please enter your name here