This week I was trying to get OpenVAS working in one of our old Ubuntu laptops. Ubuntu does come with some working packages, but a bit old using precise release. After a while I managed to get it working, these are the steps it took:
First, download the source codes from http://www.openvas.org/install-source.html (for this tutorial I'm using V5). Save the files on /opt/openvas/v5 (for example).
Decompress all the files, and *READ* the README file to check for dependencies. Once all of them cleared, just follow the install instructions for all packages:
cd <package name>; mkdir build; cd build; cmake .. && make && sudo make installNote: This line will install the contents on /usr/local. Personally I don't install the Greenbone security desktop as it's discontinued in later releases. Greenbone security assistant should be good enough.
sudo /usr/local/sbin/openvas-mkcert -n om -i
sudo /usr/local/sbin/openvas-mkcert-client -n om -i
Now, we need to download the plugins for OpenVAS - otherwise, scans are empty. According to our installation prefix, the plugin path should be /usr/local/var/lib/openvas/plugins:
sudo /usr/local/sbin/openvas-nvt-syncAlso we will update scap data - for vulnerabilities info. This should go to /usr/local/var/lib/openvas/scap-data.
sudo /usr/local/sbin/greenbone-scapdata-syncNow we launch the OpenVAS scanner daemon openvassd. At launch time it will load all the plugins we downloaded updating the nvt. If the plugin update went well, it will take a while loading plugins - if the message All plugins loaded appears right away then we updated the plugins in the wrong directory or they cannot be accessed.
The log /usr/local/var/log/openvas/openvassd.messages should show this message:
openvassd 3.3.1 started
Now let's run the manager daemon and update the NVT cache:
/usr/local/sbin/openvasmd -v --updateNow is one of the most troublesome moments. Checking the log /usr/local/var/log/openvas/openvasmd.log we can find what went wrong - almost every time I install it there's something not right. These are messages I found and how I solved them:
openvas_server_new: failed to set credentials key file -> re create the certificates
openvas_server_connect: failed to shake hands with server: The TLS connection was non-properly terminated. -> check you have the right gnutls version (you might have seen a warning after make
If you see these messages:
md main: INFO:2013-11-22 02h37.11 utc:6380: OpenVAS Manager
md main: INFO:2013-11-22 02h37.11 utc:6380: Set to connect to address 127.0.0.1 port 9391
md main: INFO:2013-11-22 02h37.11 utc:6380: Updating NVT cache.
GLib:WARNING:2013-11-22 02h37.13 utc:6380: g_strcompress: trailing \
Seems all went good ! Now let's launch the daemon:
sudo /usr/local/sbin/openvasmd -v
Check this is the content of the log:
md main: INFO:2013-11-22 02h44.01 utc:6399: OpenVAS Manager
md main: INFO:2013-11-22 02h44.02 utc:6400: Manager bound to address * port 9390
md main: INFO:2013-11-22 02h44.02 utc:6400: Set to connect to address 127.0.0.1 port 9391
lib auth:WARNING:2013-11-22 02h44.02 utc:6400: Authentication configuration could not be loaded.
Next is the OpenVAS administrator daemon - controls the OAP:
sudo /usr/local/sbin/openvasad
You might see the following warning in the log file /usr/local/var/log/openvas/openvasad.log but for this example this can be ignored - on other scenarios it would matter:
lib auth:WARNING:2013-11-25 15h00.36 SGT:30929: Authentication configuration could not be loaded.
Now it's time to launch the Greenbone security assistant. Launch the daemon with:
lib auth:WARNING:2013-11-25 15h00.36 SGT:30929: Authentication configuration could not be loaded.
Now it's time to launch the Greenbone security assistant. Launch the daemon with:
sudo /usr/local/sbin/gsad
And try to connect using https://<your openvas machine>. If you receive SSL errors and can't open the page, you can fall back to http version. Kill the gsad daemon and launch it like this:
sudo /usr/local/sbin/gsad --http-only
Now we need to create our user - i.e. openvasadmin. We can create it with this command:
sudo /usr/local/sbin/openvasad -c 'add_user' -n openvasadmin -r Admin
Enter the password, and try it our in Greenbone. For non Admin users you can also use the tool /usr/local/sbin/openvas-adduser
That's all !