The Open Vulnerability Assessment System (OpenVAS) is one of the most important and useful Open Source solution for vulnerability scanning and vulnerability management. Vulnerability scanning is one of the crucial phases in penetration testing that helps to discover vulnerable items that might be the cause of some serious break down. So, OpenVAS provides us with its effective tools for Penetration testing to ensure that we are not vulnerable to known threats.
OpenVAS is widely used by a number of peoples in the World including security experts and common users who used this all in one suite of tools that works together to run the test against client computers using its own database of known weaknesses and exploits.
So, in today’s article we will show you its installation and configuration setup on Linux CentOS 7 to make sure that how well your servers are protected against the attacks.
We will be using CentOS Linux 7 (Core) to setup OpenVAS with basic installation of system packages. While the hardware resources in this VM are 2 GB RAM and 2 CPUs.
Once your Linux VM with CentOS 7 is ready, let’s login with root credentials to update your system using below command.
# yum update
Setup Atomicorp Repository
Now, we will setup the Atomicorp repository freely available from the best known Atomic Secured for Linux that protects from thousands of risks and vulnerabilities automatically.
Let’s issue the following command to get it installed on your centos server.
~]# wget -q -O - http://www.atomicorp.com/installers/atomic |sh
This will installs the Atomic Free Unsupported Archive installer, version 2.0.14.
To proceed forward choose the Default option as "Yes" to agree to the Atomicorp terms. Then the system will configure the "atomic" yum archive for the operating system, to agree this once again type "Yes" to Enable its repository. After that the Atomic Rocket Turtle archive will be installed and configured for your system as you can see in the snapshot.
Now we will run the simple yum command to install OpenVAS using its pre configured atomic repository.
~]# yum install openvas
The system will process to check and resolve its dependencies and will show the transaction summary with list of all its dependent packages that will be installed. To proceed the installation type "Y" to continue.
Transaction Summary =============================================== Install 1 Package (+157 Dependent packages) Upgrade ( 1 Dependent package) Total download size: 57 M Is this ok [y/d/N]: y
The process will end up after after installing OpenVAS and its dependent packages.
After successful installation of OpenVAS, now we will run its setup to configure its different parameters tha will start to download the latest database from internet.
So, first of all run its setup command in the terminal as shown.
Step 1: Updating NVT, CERT and Scap DB
The first step of OpenVAS setup will to update NVT, CERT and SCAP data as shown in below image.
Here we will choose the default option, that will take couple of minutes while downloading the data and building its database. So, it better to wait and let the process complete without any interruption.
Step 2: Configure GSAD
In this step we will configure the IP address settings for GSAD which is Greenbone Security Assistant a Web Based front end for managing scans. So, we will choose the default settings here to allow connections from any IP.
Step 3: Choose the GSAD admin users password
This is the last step of OpenVAS setup where we will setup the user name and password for GSAD that will be used to configure account.
Login to Greenbone Security Assistant
After GSAD setup is complete, we will access its GUI from any web browser by giving server's IP or FQDN with addition to its default port.
You be directed to its login page, let's provide your credentials that you configured in previous step.
Welcome to Greenbone Security Assistant
Congratulations! We have successfully setup OpenVAS with Greenbone Security Assistance, by using this dashboard the basic guide lines are already provided from Scanning IP address, while we can configure it to use its different available features choosing from the top bar.
Starting Your Fisrt Scan
Now in order to scan your host or IP we put the IP or Host name on the top right side, and click on the "Start Scan button". But, you will not be able to run any scans as you’ll get this error on your report as shown below.
To resolve this issue we need to make few changes in the redis configuration file, that can be done by issuing the following command.
# echo "unixsocket /tmp/redis.sock" >> /etc/redis.conf # sed -i 's/enforcing/disabled/g' /etc/selinux/config /etc/selinux/config # systemctl enable redis.service ln -s '/usr/lib/systemd/system/redis.service' '/etc/systemd/system/multi-user.target.wants/redis.service' # shutdown -r 0
Once the server is back after reboot, rescan your host or IP from the Greenbone Security Assistant Dashboard by providing the login details first.
Now can see the progress bar , it might take few minutes to complete the scan. Once the Host/IP scan is complete click on the scan completion date to see the report as shown below.
Now have a fully functional OpenVAS server set up for scanning your hosts to spot vulnerabilities and highlight areas to focus on when you are hardening your server.
If you still face any issue while doing its setup or running your scans, feel free to get back to us as we feel pleasure to assist you.