Install OpenVAS on Ubuntu 16.04
What is OpenVAS? Why is Vulnerability Scanning Important?
OpenVAS is an open source vulnerability scanner. Vulnerability scanning is important for any internet-connected company or entity so they can identify what devices on their network may be externally vulnerable. This article will provide a tutorial on how to install OpenVAS on Ubuntu 16.04 through the repository or through Docker. It will also provide a brief primer on basic usage of OpenVAS and also a brief explanation on how to manage it from Metasploit.
Disclaimer: The content in this article should be used for legal purposes only. Written permission should be obtained prior to scanning anyone else's IP space.
Installing/Configuring OpenVAS on Ubuntu:
Traditional Installation Install the PPA repository:
sudo add-apt-repository ppa:mrazavi/openvas sudo apt-get update sudo apt-get install openvas
Now, enable each of the services to start on boot and then start the services:
sudo systemctl enable openvas-scanner.service sudo systemctl start openvas-scanner.service sudo systemctl enable openvas-manager.service sudo systemctl start openvas-manager.service sudo systemctl enable openvas-gsa.service sudo systemctl start openvas-gsa.service
Update the vulnerability database:
This will assume Docker has already been installed on the server. If you are planning on just using the web interface of OpenVAS, use this command to install OpenVAS after Docker has been installed (make sure to change the value of the PUBLIC_HOSTNAME and OV_PASSWORD environment variables):
docker run -d -e PUBLIC_HOSTNAME=ip-or-hostname -e OV_PASSWORD=securepassword41 -p 443:443 --name openvas mikesplain/openvas
If you are planning on using Metasploit to interface with the server, use this command instead (make sure to change the value of the PUBLIC_HOSTNAME and OV_PASSWORD environment variables):
docker run -d -e PUBLIC_HOSTNAME=ip-or-hostname -e OV_PASSWORD=securepassword41 -p 443:443 -p 9390:9390 --name openvas mikesplain/openvas
For more information on the Docker installation, see the Dockerhub page for more details and options on deploying OpenVAS via Docker: https://hub.docker.com/r/mikesplain/openvas/. If you get an error "Login failed. Waiting for OMP service to become available" wait a little longer for the Docker instance to finish starting the OMP service. The NVT database should be up-to-date on the Docker instance, but if you'd like to update it manually, run these commands:
docker exec -it openvas bash greenbone-nvt-sync openvasmd --rebuild --progress greenbone-certdata-sync greenbone-scapdata-sync openvasmd --update --verbose --progress /etc/init.d/openvas-manager restart /etc/init.d/openvas-scanner restart
Accessing OpenVAS from the web interface:
Make sure that HTTPS traffic is allowed to your server. Go to https://ip-or-hostname.
Change the password of the admin user at Administration > Users > Edit User.
Initiating a Vulnerability Scan:
Go to Scans > Tasks and press the New Task button (the small star icon at the top left hand corner). Fill out the information as necessary. If you need to add targets to scan, make sure to add them into your assets.
Visit http://www.openvas.net for more information regarding the OpenVAS project.