April 25, 2012

OpenVAS on Ubuntu 12.04 LTS

   After getting my results during scanning I was looking for good free vulnerable scanner. Of course, one of the most popular scanners was OpenVAS version 4. It is a fork of Nessus, which became commercial. Now I 'm going to tell you about installation on my Ubuntu 12.04.
   Firstly, I tried to follow instruction on openvas.org. Unfortunately, I could not add repository and had no time to try understand my mistake. Well, I went to their repository by browser, download files: libmicrohttpd10_0.9.19, libopenvas4_4.0.6, greenbone-security-assistant_2.0.1, openvas-scanner_3.2.5, openvas-manager_2.0.4, openvas-cli_1.1.4, openvas-admin_1.1.2, gsd_1.2.1. I can't but mention that it is recommended to install sqlite3, xsltproc. Their was no directory for Ubuntu 12.04, but I successfully used deb packages for Ubuntu 11.10
   Well, I made setup by using ubuntu software center. You should setup libmicrohttpd10_0.9.19 and libopenvas4_4.0.6 first, then the order is no matter. During reading their web-site I found very useful script - openvas-check-setup. After installation, I executed it with sudo. It found and fixed problems. Every time I followed script's advices. By the order, they were:
1. openvas-nvt-sync - synced nvt.
2. openvas-mkcert-client -n om -i - client certificate creation.
3. openvasmd --rebuild
4. openvassd - downloaded all plugins, it took nearly an hour.
5. after 4 again made openvasmd --rebuild
6. openvasad -c 'add_user' -n root -r Admin - admin account creation. Don't forget your password
7. during gsad setup it was a mistake - it will not work without libqt4-webkit. I installed it by sudo apt-get install libqt4-webkit.
8. Then I started services, they occupied such ports:
openvassd - scanner used 9391
openvasmd - manager used 9390
openvasad - administrative tool used 9393
gsad - desktop interface used 443.

   Well, then I connected to my OpenVAS by browser - - greenbone security desktop(gsad).
   In conclusion, I would like to thanks OpenVAS developers with such useful and easy configured security analizer. My next post will be about using OpenVAS during my security audit and results which I will get.

No comments:

Post a Comment