Install OpenVAS Vulnerability Scanner In Ubuntu 15.04

By
Rajneesh Upadhyay
First-Stable-Version-of-OpenVAS-Security-Scanner-Released-2

article-best-practice-linux-guide-data-security

Introduction

OpenVAS (Open Vulnerability Assessment System) is an framework of several services and tool with mutually form an effective Vulnerability Scanner. It is an excellent tool for vulnerability scanning. It uses a database of over 28,00000 test plugins. It is a very good alternative for commercial network scanning tools available. OpenVAS is used worldwide by security enthusiasts and security experts. All products of openVAS are a free software and licensed under GPL.

Features

OpnVAS is consists of three parts i.e. OpenVAS Scanner, OpenVAS Manager and OpenVAS CLi.

A. OpenVAS Scanner

  1. The scanner very efficiently execute real time vulnerability test.
  2. It can handle more then one target host on a single time.
  3. OpenVAS Transfer Protocol (OTP) is provided.
  4.  SSL is supported for OTP

B. OpenVAS Manager

  1. Handles SQL Database where all scanning results and configurations are stored.
  2. Control scanner  via OTP and offers XML based OpenVAS Management Protocol (OMP)
  3. It can stop, pause or resume scanning operations.
  4. User management is possible including  group level management and access control management.

C. OpenVAS CLI

It is a command line tool and act as Client for OMP, it could be run over Windows or Linux.

Installation

We will be using Ubuntu 15.04 for installation example setup.

Install sqlite for OpenVAS manager.
$ sudo apt-get install sqlite3
Install other required packages
$ sudo apt-get -y install python-software-properties
Create PPA repo for OpenVAS
$ sudo add-apt-repository ppa:mrazavi/openvas

Update system

$ sudo apt-get update
Install OpenVAS Package
$ sudo apt-get install openvas

Selection_001

Press yes when above screen appear.

Restart services
$ sudo /etc/init.d/openvas-scanner restart
$ sudo /etc/init.d/openvas-manager restart
$ sudo /etc/init.d/openvas-gsa restart

Before running any test, upgrade network vulnerability tests

$ sudo openvas-nvt-sync

Open Browser and type:

https://localhost/login/login.html

Default user name is ‘admin’, password ‘admin’.

Selection_002

After login Greenbone security assistant portal will open

Selection_003

You have installed OpenVAS successfully.

Example

Scan some ip address

Selection_004

Process can be monitored in action with a click on immediate scan list

Selection_005

Update vulnerability database
$ sudo openvas-nvt-sync
Add a new openvas user
$ sudo openvas-adduser

Selection_006

Conclusion

OpenVAS is a modular security auditing tool. There are several scan configuration profiles like: full and last, very deep or full and fast ultimate etc. You have to be very careful while using various scanning modes, if some threat is detected you can go through various reports generated.

Have Fun!