{"id":1063,"date":"2012-08-22T16:21:41","date_gmt":"2012-08-22T08:21:41","guid":{"rendered":"http:\/\/rmohan.com\/?p=1063"},"modified":"2012-08-22T16:22:33","modified_gmt":"2012-08-22T08:22:33","slug":"openvas-5-installation-on-centos-6-2","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=1063","title":{"rendered":"OpenVAS 5 Installation on CentOS 6.2"},"content":{"rendered":"

OpenVAS 5 Installation on CentOS 6.2<\/p>\n

Install Centos 6.2 Minimal<\/p>\n

OS: CentOS 6.2 32bit
Hardware: Virtual Machine (VirtualBox 4.1.14)
OpenVAS: 5<\/p>\n

About<\/p>\n

OpenVAS is an opensource vulnerability network scanner.
OpenVAS let you scan your network for vulnerabilities and create a report on your network status.<\/p>\n

Prerequisite<\/p>\n

\u00a0\u00a0\u00a0 Disable SELINUX<\/p>\n

vi \/etc\/selinux\/config<\/p>\n


SELINUX=disabled
…<\/p>\n

Disable the firewall<\/p>\n

\u00a0Install wget<\/p>\n

yum install wget -y<\/p>\n

\u00a0\u00a0\u00a0 Update your Operating System and reboot<\/p>\n

yum update -y
reboot<\/p>\n

OpenVAS Installation<\/p>\n

\u00a0\u00a0\u00a0 Install atomic repository<\/p>\n

wget -q -O – http:\/\/www.atomicorp.com\/installers\/atomic |sh<\/p>\n

Atomic Archive installer, version 2.0.3<\/p>\n

BY INSTALLING THIS SOFTWARE AND BY USING ANY AND ALL SOFTWARE
PROVIDED BY ATOMICORP LIMITED YOU ACKNOWLEDGE AND AGREE:<\/p>\n

THIS SOFTWARE AND ALL SOFTWARE PROVIDED IN THIS REPOSITORY IS
PROVIDED BY ATOMICORP LIMITED AS IS, IS UNSUPPORTED AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ATOMICORP LIMITED, THE
COPYRIGHT OWNER OR ANY CONTRIBUTOR TO ANY AND ALL SOFTWARE PROVIDED
BY OR PUBLISHED IN THIS REPOSITORY BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
OF THE POSSIBILITY OF SUCH DAMAGE.<\/p>\n

Do you agree to these terms? (yes\/no) [Default: yes]
ENTER<\/p>\n

Installing the Atomic GPG key: OK
Downloading atomic-release-1.0-14.el6.art.noarch.rpm: OK<\/p>\n

The Atomic Rocket Turtle archive has now been installed and configured for your system
The following channels are available:
\u00a0 atomic\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 – [ACTIVATED] – contains the stable tree of ART packages
\u00a0 atomic-testing\u00a0 – [DISABLED]\u00a0 – contains the testing tree of ART packages
\u00a0 atomic-bleeding – [DISABLED]\u00a0 – contains the development tree of ART packages<\/p>\n

\u00a0\u00a0\u00a0 Install OpenVAS<\/p>\n

yum install openvas -y<\/p>\n

\u00a0\u00a0\u00a0 Run openvas-setup to configure OpenVAS<\/p>\n

openvas-setup<\/p>\n

Openvas Setup, Version: 0.1<\/p>\n

Step 1: Update NVT’s
Please note this step could take some time.
Once completed, NVT’s will be updated automatically every 24 hours<\/p>\n

Updating NVTs….
Stopping openvas-scanner:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 [\u00a0 OK\u00a0 ]
Starting openvas-scanner:
\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 [\u00a0 OK\u00a0 ]
Updating OpenVAS Manager database….<\/p>\n

Step 2: Configure GSAD
The Greenbone Security Assistant is a Web Based front end
for managing scans. By default it is configured to only allow
connections from localhost.<\/p>\n

Allow connections from any IP? [Default: yes] Stopping gree[\u00a0 OK\u00a0 ]curity-assistant:
Starting greenbone-security-assistant:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 [\u00a0 OK\u00a0 ]<\/p>\n

Step 3: Choose the GSAD admin users password.
The admin user is used to configure accounts,
Update NVT’s manually, and manage roles.<\/p>\n

Enter password: enter password for admin user
ENTER<\/p>\n

 <\/p>\n

ad   main:MESSAGE:3223:2012-01-19 11h09.05 IST: No rules file provided, the new user will have no restrictions.\r\nad   main:MESSAGE:3223:2012-01-19 11h09.05 IST: User admin has been successfully created.\r\n\r\nStep 4: Create a user\r\n\r\nUsing \/var\/tmp as a temporary file holder.\r\n\r\nAdd a new openvassd user\r\n---------------------------------\r\n\r\nLogin : humus<\/strong>\r\nENTER<\/strong>

<\/pre>\n
Authentication (pass\/cert) [pass] :\r\nENTER<\/strong><\/pre>\n
Login password : enter user password<\/strong>\r\nENTER<\/strong><\/pre>\n
Login password (again) : enter user password again<\/strong>\r\nENTER<\/strong><\/pre>\n
User rules\r\n---------------\r\nopenvassd has a rules system which allows you to restrict the hosts that humus has the right to test.\r\nFor instance, you may want him to be able to scan his own host only.\r\n\r\nPlease see the openvas-adduser(8) man page for the rules syntax.\r\n\r\nEnter the rules for this user, and hit ctrl-D once you are done:\r\n(the user can have an empty rules set)\r\nctrl-D<\/strong><\/pre>\n
Login             : humus\r\nPassword          : ***********\r\n\r\nRules             :\r\n\r\nIs that ok? (y\/n) [y]\r\nENTER<\/strong><\/pre>\n
Setup complete, you can now access GSAD at:\r\n\r\nhttps:\/\/<IP>:9392<\/pre>\n