How to Install and Configure OpenVAS on Ubuntu 18.04 | 16.04

This brief tutorial shows students and new users how to install OpenVAS on Ubuntu 18.04 | 16.04.

For then uninitiated, OpenVAS, short for Open Vulnerability Assessment System, and is a full-featured vulnerability scanner. It provides unauthenticated, authenticated testing, performance tuning for large-scale scans and tools to implement any type of vulnerability test.

If you’re looking for an open source alternative to Nessus and QualysGuard, OpenVAS might be something you might want to consider. With its powerful and intuitive admin web portal, you’ll be able to perform scans easily.

For more about OpenVAS, please check its homepage.

When you’re ready to install OpenVAS, follow the steps below:

Step 1: Update Ubuntu

Before installing packages on Ubuntu it’s recommended that you first update the system. To do that run the commands below:

sudo apt update
sudo apt dist-upgrade

After updating Ubuntu, continue below with installing OpenVAS.

Step 2: Install and Configure OpenVAS

By default, OpenVAS is not available in the Ubuntu repositories. To install it, you’ll have to add its repository to your system.

To add its repository, run the commands below:

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:mrazavi/openvas

When you add the PPA above, it should display installation help as shown below:

*** Openvas 9 ***
A set of packages for openvas 9 is included in this PPA. If you prefer to install them,
 you just have to install "openvas9" package (instead of "openvas" for the old version). 
Then, update scripts/data with the following commands:

sudo apt install sqlite3
sudo greenbone-nvt-sync
sudo greenbone-scapdata-sync
sudo greenbone-certdata-sync

sudo service openvas-scanner restart
sudo service openvas-manager restart
sudo openvasmd --migrate #only required when upgrading from an older version
sudo openvasmd --rebuild --progress

Please note that the default port number of the web interface for the new packages 
are changed to 4000. So, to access the web interface for version 9, 
go to https://localhost:4000. Use "admin" as username and password.
You can change the web interface port number by modifying /etc/default/openvas-gsa. 
Then, restart its service by issuing "sudo service openvas-gsa restart".

To enable pdf reports:
sudo apt install texlive-latex-extra --no-install-recommends
sudo apt install texlive-fonts-recommended --no-install-recommends

To install openvas-nasl utility:
sudo apt install libopenvas9-dev

Use the help message above to complete the setup.

After adding the repository, update Ubuntu archives and install OpenVAS with the following command:

sudo apt-get update
sudo apt-get install openvas9

During the installation, you will be asked to configure Redis database for OpenVAS as shown below:

┌─────────────────────────┤ Configuring openvas9-scanner ├────|
│                                                                                   
│ Openvas scanner require redis database to store data. 
It will connect to the database with a unix socket at /var/run/redis/redis.sock.│                                                                                                                                          │ 
│ If you agree, the installation process will enable redis unix socket at this address automatically,|
 by updateing /etc/redis/redis.conf.  │                                                                                                                                         │ 
│ Otherwise, you have to manually update your /etc/redis/redis.conf.|
│                                                                    
│ Do you want to enable redis unix socket in /etc/redis/redis.conf? |

           <Yes>                      <No>

Click on the Yes button to finish the installation.

To adhere to the help message above, install these packages below:

The SQLite 3 database package stores the Common Vulnerabilities and Exposures (CVE) data and some other packages for the PDF report to work.

sudo apt install sqlite3
sudo apt install texlive-latex-extra --no-install-recommends
sudo apt install texlive-fonts-recommended
sudo apt install libopenvas9-dev

After installing the packages above, run the commands below to download the Network Vulnerability Tests from OpenVAS Feed and sync security content automation protocol data and cert vulnerability data using the commands below:

sudo greenbone-nvt-sync
sudo greenbone-scapdata-sync
sudo greenbone-certdata-sync

After that, restart the OpenVAS scanner, OpenVAS GSA and OpenVAS Manager with the following command:

sudo service openvas-scanner restart
sudo service openvas-manager restart
sudo service openvas-gsa restart

To validate if OpenVAS service is running, run the commands below:

sudo service openvas-scanner status

It should display similar message as shown below:

openvas-scanner.service - LSB: remote network security auditor - scanner
   Loaded: loaded (/etc/init.d/openvas-scanner; generated)
   Active: active (running) since Tue 2020-03-10 10:19:30 CDT; 19s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 23051 ExecStop=/etc/init.d/openvas-scanner stop (code=exited, status=0/SUCCESS)
  Process: 23059 ExecStart=/etc/init.d/openvas-scanner start (code=exited, status=0/SUCCESS)
    Tasks: 1 (limit: 4666)
   CGroup: /system.slice/openvas-scanner.service
           └─23066 openvassd: Waiting for incoming connections

Mar 10 10:19:30 ubuntu1804 systemd[1]: Stopped LSB: remote network security auditor - scanner.
Mar 10 10:19:30 ubuntu1804 systemd[1]: Starting LSB: remote network security auditor - scanner...
Mar 10 10:19:30 ubuntu1804 systemd[1]: Started LSB: remote network security auditor - scanner.

Finally, rebuild the OpenVAS database, so the manager can access the NVT data downloaded previously.

sudo openvasmd --rebuild --progress

Finally, open your web browser and browse to the server hostname or IP address followed by port 4000

https://localhost:4000

That will open OpenVAS portal. Login with the default username and password:

Username: admin
Password admin

To change the admin password, use the commands below:

sudo openvasmd --user=admin --new-password=admin@321

That should do it!

OpenVAS Ubuntu install

Logon to the portal and begin setting up your environment.

OpenVAS Ubuntu Setup

Conclusion:

This post showed you how to install and configure OpenVAS on Ubuntu 18.04 | 16.04. If you find any error above, please use the comment form below to report it.

Thanks,

You may also like the post below:

3 thoughts on “How to Install and Configure OpenVAS on Ubuntu 18.04 | 16.04

  1. Hello, my issue was with the sudo service openvas-scanner status command. Once I run the command, the second output line, where it reads Loaded, mine reads: “Loaded: loaded (/etc/init.d/openvas-scanner; bad; vendor preset: enabled). This causes the whole thing not to work.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.