OpenVAS - jonatello/lab-musing GitHub Wiki

OpenVAS is an open source Vulnerability Assessment Scanner.

Configuration:

Update the jail

pkg update && pkg upgrade

Install the OpenVAS 9 packages

pkg install openvas9

Configure Redis

Enable redis via rc.conf

sysrc redis_enable=yes

Configure redis to use a unixsocket /tmp/redis.sock with permissions 700

sed -i '' 's/# unixsocket \/tmp\/redis.sock/unixsocket \/tmp\/redis.sock/' /usr/local/etc/redis.conf

sed -i '' 's/# unixsocketperm 700/unixsocketperm 700/' /usr/local/etc/redis.conf

Start Redis

service redis start

Configure OpenVAS GSAD

Comment out ': ${openvassd_flags="--listen=127.0.0.1"}' within the scanner daemon config (without this I was getting message of invalid flag)

vi /usr/local/etc/rc.d/openvassd

Run the OpenVAS Scanner daemon

openvassd

Sync the NVT, SCAP, and CERT databases

greenbone-nvt-sync

greenbone-scapdata-sync

greenbone-certdata-sync

Enable OpenVAS Scanner, OpenVAS Manager, and Greenbone Security Assistant Daemon via rc.conf

sysrc openvassd_enable=yes

sysrc openvasmd_enable=yes

sysrc gsad_enable=yes

Restart the OpenVAS Manager

service openvasmd restart

At this point I had to run "openvasmd" and then I was able to successfully start it. Before that, the /var/log/openvas/openvasmd.log would fail when setting the GnuPG directory "lsc_crypt_new: can't continue w/o a gpgme context"

openvasmd

service openvasmd restart

openvasmd --rebuild --progress

Edit the listening port for the WebGUI within /usr/local/etc/rc.d/gsad from ': ${gsad_flags="--listen=127.0.0.1 --port=8080 --http-only"}' to non-local for external access

vi /usr/local/etc/rc.d/gsad

Start the OpenVAS web interface

service gsad start

Install print/texlive-texmf package for exporting reports to PDF

pkg install texlive-texmf

Usage

Create a new user, in this case, jonatello

openvasmd --create-user=jonatello

openvasmd --user=admin --new-password=%Password%

Log into the WebGUI via port 8080 by default

Troubleshooting

Rebuild the OpenVAS Manager

openvasmd --rebuild --progress

Restart the OpenVAS Scanner, OpenVAS Manager, and Greenbone Security Assistant Daemon

service openvassd restart

service openvasmd restart

service gsad restart

All scans return no results

Sometimes this can be caused due to the target not being detected as alive. To force a target to be considered alive no matter what configure it within Configuration > Targets. Either edit the existing target or create a new one, and within the "Alive Test" field set it to "Consider Alive".

All scan tasks get stuck on "Requested" status

Normally when this happens the openvasmd.log shows "Waiting for scanner to load NVT's"

tail /var/log/openvas/openvasmd.log

Verify redis is running and restart if not

service redis status

If the task is still stuck, run a rebuild

openvasmd --rebuild

This should now place all tasks into a status of "stopped"