Page 1 of 3 123 LastLast
Results 1 to 10 of 23

Thread: How To: openVAS 4.0

  1. #1
    cprofitt's Avatar
    cprofitt is offline νόησις νοήσεως - nóesis noéseos
    Join Date
    Oct 2006
    Location
    平静
    Beans
    1,450
    Distro
    Ubuntu Development Release

    How To: openVAS 4.0

    I have worked over the last three days to get openVAS 4.0 working on Ubuntu Server 11.04. I have a feeling that the same process would work for 10.04 and 10.10 if the repository is changed.

    Here is what I did to get the server up and running.

    Step 1: Configure OBS Repository
    PHP Code:
    sudo apt-get -y install python-software-properties
    sudo add
    -apt-repository "deb http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_11.04/ ./" 
    Other repositories are:

    10.04
    10.10
    You have to remove the 'source' entry in /etc/apt/sources.list


    sudo nano /etc/apt/sources.list
    Now you can continue adding the repository
    sudo apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys BED1E87979EAFD54
    sudo apt-get update
    Step 2: Quick-Install OpenVAS
    sudo apt-get -y install greenbone-security-assistant gsd openvas-cli openvas-manager openvas-scanner openvas-administrator sqlite3 xsltproc
    Step 3: Quick-Start OpenVAS
    test -e /var/lib/openvas/CA/cacert.pem || sudo openvas-mkcert -q
    sudo openvas-nvt-sync
    test -e /var/lib/openvas/users/om || sudo openvas-mkcert-client -n om -i
    sudo /etc/init.d/openvas-manager stop
    sudo /etc/init.d/openvas-scanner stop
    sudo touch sudo touch /var/lib/openvas/mgr/tasks.db
    sudo chmod 600 /var/lib/openvas/mgr/tasks.db
    sudo openvassd
    sudo openvasmd --migrate
    sudo openvasmd --rebuild
    sudo killall openvassd
    sleep 15
    sudo /etc/init.d/openvas-scanner start
    sudo /etc/init.d/openvas-manager start
    sudo /etc/init.d/openvas-administrator restart
    test -e /var/lib/openvas/users/admin || sudo openvasad -c add_user -n admin -r Admin
    sudo gsad
    Add the components to startup by adding them to the rc.local file
    sudo nano /etc/rc.local
    add the following:
    openvassd
    openvasad
    openvasmd
    gsad
    The next post will explore making use of the base system.

    Part 2
    Part 3
    Part 4
    Last edited by cprofitt; July 5th, 2011 at 07:15 PM. Reason: added additional how to information

  2. #2
    Join Date
    Feb 2011
    Location
    new york state
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: How To: openVAS 4.0

    hi there dont know if this will help I am also struggling with it on ubuntu 10.10 but have got it to work fine with this http://www.blackbuntu.com after trying this on ubutnu 10.10 it fails I cant get a key
    Code:
    bobweaver@bobweaver-Compaq-Presario-CQ60-Notebook-PC:~$ sudo apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys BED1E87979EAFD54
    Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver hkp://keys.gnupg.net --recv-keys BED1E87979EAFD54
    gpg: requesting key 79EAFD54 from hkp server keys.gnupg.net
    gpg: keyserver timed out
    gpg: keyserver receive failed: keyserver error
    bobweaver@bobweaver-Compaq-Presario-CQ60-Notebook-PC
    Last edited by josephmills; May 10th, 2011 at 09:07 PM.
    Power tends to corrupt, and absolute power corrupts absolutely. Great men are almost always bad men, even when they exercise influence and not authority

  3. #3
    cprofitt's Avatar
    cprofitt is offline νόησις νοήσεως - nóesis noéseos
    Join Date
    Oct 2006
    Location
    平静
    Beans
    1,450
    Distro
    Ubuntu Development Release

    Re: How To: openVAS 4.0

    Odd about the key -- not sure why that is happening.

    I have it working now consistently with what I posted on 11.04.

  4. #4
    Join Date
    Feb 2011
    Location
    new york state
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: How To: openVAS 4.0

    it was my firewall the settings where to high would not let any other thing in. works great thanks
    Power tends to corrupt, and absolute power corrupts absolutely. Great men are almost always bad men, even when they exercise influence and not authority

  5. #5
    Join Date
    Dec 2004
    Beans
    4

    Re: How To: openVAS 4.0

    Great howto! Thanks!

    Quote Originally Posted by cprofitt View Post
    The next post will explore making use of the base system.
    I can't wait!

  6. #6
    Join Date
    Aug 2006
    Beans
    3

    Re: How To: openVAS 4.0

    I followed the above instructions to the T and I am still getting a protocol error when connecting the openvas-client to the server. I have no idea what is wrong at this point. I have tried everything from the default install and setting up with the ubuntu repos to compiling it myself and I'm still getting the same error.

  7. #7
    Join Date
    Dec 2004
    Beans
    4

    Re: How To: openVAS 4.0

    Quote Originally Posted by crypiejay View Post
    I followed the above instructions to the T and I am still getting a protocol error when connecting the openvas-client to the server. I have no idea what is wrong at this point. I have tried everything from the default install and setting up with the ubuntu repos to compiling it myself and I'm still getting the same error.
    Try to change the openvas-client portnumber to: 9391 on the login screen, it helped me.

  8. #8
    cprofitt's Avatar
    cprofitt is offline νόησις νοήσεως - nóesis noéseos
    Join Date
    Oct 2006
    Location
    平静
    Beans
    1,450
    Distro
    Ubuntu Development Release

    Re: How To: openVAS 4.0

    --- part 2 ---

    Open a web browser and go to your server

    You will be prompted for a login


    Login with the admin user you created in the setup.

    After login you will be greeted with a screen that looks like this.



    The first step to get your system scanning is to define your targets. You can not setup any tasks until those are setup. Click 'Targets'.


    Now you can fill out as many targets as you like. Targets can be dns names, a single IP address or a range of IP addresses.

    New Target

    For creating a new target the dialog offers these entries. Hit the button "Create Target" to submit the new target. The list of targets will be updated.
    Note on Hosts:

    • The hosts parameter is a comma-separated list of values. Each value can be
      • an IPv4 address (e.g. 192.168.13.1)
      • a hostname (e.g. myhost1.domain)
      • an IPv4 address range in long format (e.g. 192.168.1.116-192.168.1.124)
      • an IPv4 address range in short format (e.g. 192.168.1.116-124)
      • an IPv4 address range in CIDR notation (e.g. 192.168.13.0/24)
      • an IPv6 address (e.g. fe80::222:64ff:fe76:4cea/64).

      These options can be mixed (e.g. 192.168.13.1, myhost2.domain, 192.168.13.0/24).
    • The netmask in CIDR notation is limited to 20 (4095 hosts).
    • The Scanner currently expects IPv6 addresses to name a single host, and always replaces the netmasks of IPv6 addresses with 128.
    Once you have created your targets your screen should look like this:


    Now you need to setup new tasks that make use of your 'targets'.

    Attached Images Attached Images

  9. #9
    cprofitt's Avatar
    cprofitt is offline νόησις νοήσεως - nóesis noéseos
    Join Date
    Oct 2006
    Location
    平静
    Beans
    1,450
    Distro
    Ubuntu Development Release

    Re: How To: openVAS 4.0

    Once you have entered your targets and chosen the scan type you are unable to modify the scan type. To choose a new scan type for a target you would have to create a new task. (we will cover schedules later as well).

    Once you have created your target list you can click on targets to get to your list.



    From here you can run the task, restart the task, stop the task, delete the task, view reports associated with the task and edit the task. As stated previously you can not change the scan type for the target when editing.



    Be warned that running large IP address ranges can take a significant amount of time. the /24 scan I did took 5 hours and 37 minutes to complete. The task will refresh on a schedule if you choose that option.


    When the run is complete you will be able to view a summary or detailed report. Also, note the run button turned in to a pause button.



    The summary view will show you the overall security risk level that machine has (High above). You can then drill down and get more detail by clicking on the blue magnifying glass.



    This view shows you the summary of how many 'vulnerabilities' the scanner found at each level. To get even more detail you again click the magnifying glass.

    (continued)
    Attached Images Attached Images
    Last edited by cprofitt; May 17th, 2011 at 05:29 PM.

  10. #10
    cprofitt's Avatar
    cprofitt is offline νόησις νοήσεως - nóesis noéseos
    Join Date
    Oct 2006
    Location
    平静
    Beans
    1,450
    Distro
    Ubuntu Development Release

    Re: How To: openVAS 4.0

    --- part 4 ---
    The next level of detail shows high and medium items and presents options to download reports. The PDF generation has not worked for me, but HTML has.




    For me this tool has worked to make me more aware of potential issues. You have to be careful to read the 'vulnerabilities' because I have found some of them to not be applicable because the server is not actually running the service selected.
    Attached Images Attached Images

Page 1 of 3 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •