OpenVAS

Build;cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvmNext, compile and install GVM librariesmake && sudo make installBuild and Install OpenVAS scanner and OpenVAS SMBOpen Vulnerability Assessment Scanner (OpenVAS) is a full-featured scan engine that executes a continuously updated and extended feed of Network Vulnerability Tests (NVTs).OpenVAS SMB provides modules for the OpenVAS Scanner to interface with Microsoft Windows Systems through the Windows Management Instrumentation API and a winexe binary to execute processes remotely on that system.Build and install openvas-smb;cd ../../openvas-smb/mkdir build && cd buildcmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvmmake && sudo make installBuild and install OpenVAS scanner;cd ../../openvassed -i.bak 's/-Werror/-Wno-error/' misc/CMakeLists.txtmkdir build && cd buildcmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvmmakesudo make installIf you get the error below while running the make command;CMake Error at /opt/gvm/gvm-source/openvas/cmake/GetGit.cmake:33 (string): string sub-command REPLACE requires at least four arguments.Call Stack (most recent call first): /opt/gvm/gvm-source/openvas/cmake/GetGit.cmake:39 (Git_GET_REVISION)The exit as gvm user and run the command below as privileged user;sudo git config --global --add safe.directory /opt/gvm/gvm-source/openvasThen rerun the compilation and installation command.Configuring OpenVAS ScannerThe host scan information is stored temporarily on Redis server. The default configuration of Redis server is /etc/redis/redis.conf.Switch back to privileged user and proceed.exitTo begin run the command below to create the cache to the installed shared libraries;ldconfigNext, copy OpenVAS scanner Redis configuration file, redis-openvas.conf, to the same Redis config directory;cp /opt/gvm/gvm-source/openvas/config/redis-openvas.conf /etc/redis/Update the ownership of the configuration.chown redis:redis /etc/redis/redis-openvas.confUpdate the path to Redis unix socket on the /etc/openvas/openvas.conf using the db_address parameter as follows;echo "db_address = /run/redis-openvas/redis.sock" > /etc/openvas/openvas.confNote, the Unix socket path is defined on /etc/redis/redis-openvas.conf file.chown gvm:gvm /etc/openvas/openvas.confAdd gvm user to redis group;usermod -aG redis gvmYou can also optimize Redis server itself improve the performance by making the following adjustments;Increase the value of somaxconn in order to avoid slow clients connections issues.echo "net.core.somaxconn = 1024" >> /etc/sysctl.confRedis background save may fail under low memory condition. To avoid this, enable memory overcommit (man 5 proc).echo 'vm.overcommit_memory = 1' >> /etc/sysctl.confReload sysctl variables created above.sysctl -pTo avoid creation of latencies and memory usage issues with Redis, disable Linux Kernel’s support for Transparent Huge Pages (THP). To easily work around this, create a systemd service unit for this purpose.cat > /etc/systemd/system/disable_thp.service /sys/kernel/mm/transparent_hugepage/enabled && echo 'never'

> /sys/kernel/mm/transparent_hugepage/defrag"[Install]WantedBy=multi-user.targetEOLReload systemd configurations;systemctl daemon-reloadStart and enable this service to run on system boot.systemctl enable --now disable_thpRestart OpenVAS Redis serversystemctl enable --now redis-server@openvasA number of Network Vulnerability Tests (NVTs) require root privileges to perform certain operations. Since openvas is launched from an ospd-openvas process, via sudo, add the line below to sudoers file to ensure that the gvm user used in this demo can run the openvas with elevated rights using passwordless sudo.echo "gvm ALL = NOPASSWD: /opt/gvm/sbin/openvas" >> /etc/sudoers.d/gvmAlso, enable gvm user to run GSA web application daemon, gsad, with passwordless sudo.Also, update the secure_path to include the GVM /sbin paths, /opt/gvm/sbin.sed -i '/secure_path="/s|"$|:/opt/gvm/sbin"|' /etc/sudoersUpdate NVTsUpdate Network Vulnerability Tests feed from Greenbone Security Feed/Community Feed using the greenbone-nvt-sync command.The greenbone-nvt-sync command must not be executed as privileged user root, hence switch back to GVM user we created above and update the NVTs.Ensure the GVM user can write to /var/lib/openvas/.chown -R gvm: /var/lib/openvas/Next, update the NVTs as openvas user;sudo -Hiu gvm greenbone-nvt-syncOnce the update is done, you need to update Redis server with the same VT info from VT files;sudo openvas --update-vt-infoBuild and Install Greenbone Vulnerability ManagerThe Greenbone Vulnerability Manager is the central management service between security scanners and the user clients.To build and install GVM;su - gvmcd gvm-source/gvmdexport PKG_CONFIG_PATH=/opt/gvm/lib/pkgconfig:$PKG_CONFIG_PATHsed -i.bak 's/-Werror/-Wno-error/' CMakeLists.txtmkdir build && cd buildcmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvmmakesudo make installSimilarly, if you get the error;-- Found Git: /usr/bin/git (found version "2.25.1") fatal: unsafe repository ('/opt/gvm/gvm-source/gvmd' is owned by someone else)To add an exception for this directory, call:Exit as GVM user and run the command below as privileged user;sudo git config --global --add safe.directory /opt/gvm/gvm-source/gvmdSwitch back to GVM user and rerun the installation.Build and Install Greenbone Security AssistantThe Greenbone Security Assistant is the web interface developed for the Greenbone Security Managercd ../../gsarm -rf buildyarnyarn buildAll content of the production build can be shipped with every web server. For providing GSA via gsad web server, the files need to be copied into the /usr/local/share/gvm/gsad/web/.Build and Install Greenbone Security Assistant HTTP serverThe Greenbone Security Assistant HTTP Server is the server developed for the communication with the Greenbone Security Manager appliances. It connects

/run/gvm/ospd-openvas.pid /run/gvm/ospd-openvas.sockType=simpleUser=gvmGroup=gvmRuntimeDirectory=gvmEnvironment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/gvm/bin:/opt/gvm/sbin:/opt/gvm/.local/binExecStart=/opt/gvm/.local/bin/ospd-openvas \--pid-file /run/gvm/ospd-openvas.pid \--log-file /var/log/gvm/ospd-openvas.log \--lock-file-dir /run/gvm -u /run/gvm/ospd-openvas.sockRemainAfterExit=yes[Install]WantedBy=multi-user.targetEOLSet proper ownership for logs directory, /var/log/gvm and run time data directory, /run/gvm;chown -R gvm: /var/log/gvm /run/gvm/Reload systemd service unit configurations.systemctl daemon-reloadsystemctl start ospd-openvasCheck the status of the service;systemctl status ospd-openvas● ospd-openvas.service - OSPd Wrapper for the OpenVAS Scanner (ospd-openvas) Loaded: loaded (/etc/systemd/system/ospd-openvas.service; disabled; vendor preset: enabled) Active: active (exited) since Thu 2022-07-07 04:50:27 UTC; 6s ago Process: 36289 ExecStartPre=/usr/bin/rm -rf /run/gvm/ospd-openvas.pid /run/gvm/ospd-openvas.sock (code=exited, status=0/SUCCESS) Process: 36290 ExecStart=/opt/gvm/.local/bin/ospd-openvas --pid-file /run/gvm/ospd-openvas.pid --log-file /var/log/gvm/ospd-openvas.log --lock-file-dir /run/gvm -u /ru> Main PID: 36290 (code=exited, status=0/SUCCESS) Tasks: 4 (limit: 4618) Memory: 25.2M CGroup: /system.slice/ospd-openvas.service ├─36305 /usr/bin/python3 /opt/gvm/.local/bin/ospd-openvas --pid-file /run/gvm/ospd-openvas.pid --log-file /var/log/gvm/ospd-openvas.log --lock-file-dir /run/g> └─36307 /usr/bin/python3 /opt/gvm/.local/bin/ospd-openvas --pid-file /run/gvm/ospd-openvas.pid --log-file /var/log/gvm/ospd-openvas.log --lock-file-dir /run/g>Jul 07 04:50:27 ubuntu20 systemd[1]: Starting OSPd Wrapper for the OpenVAS Scanner (ospd-openvas)...Jul 07 04:50:27 ubuntu20 systemd[1]: Started OSPd Wrapper for the OpenVAS Scanner (ospd-openvas).Enable OpenVAS scanner to run on system boot;systemctl enable ospd-openvasCheck the logs on;tail -f /var/log/gvm/ospd-openvas.logCreating Systemd Service units for GVM servicesWhen run, the installer creates GVM daemon service unit, /lib/systemd/system/gvmd.service.Let us modify this service unit file;cp /lib/systemd/system/gvmd.service{,.bak}cat > /lib/systemd/system/gvmd.service Reload system unit configs and start the services;systemctl daemon-reloadsystemctl enable --now gvmdChecking the status;systemctl status gvmd● gvmd.service - Greenbone Vulnerability Manager daemon (gvmd) Loaded: loaded (/lib/systemd/system/gvmd.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2022-07-07 04:55:44 UTC; 4s ago Docs: man:gvmd(8) Process: 37170 ExecStart=/opt/gvm/sbin/gvmd --osp-vt-update=/run/gvm/ospd-openvas.sock (code=exited, status=0/SUCCESS) Main PID: 37181 (gvmd) Tasks: 1 (limit: 4618) Memory: 3.2M CGroup: /system.slice/gvmd.service └─37181 gvmd: InitializingJul 07 04:55:44 ubuntu20 systemd[1]: Starting Greenbone Vulnerability Manager daemon (gvmd)...Jul 07 04:55:44 ubuntu20 systemd[1]: Started Greenbone Vulnerability Manager daemon (gvmd).You can restart PostgreSQL as well;systemctl restart postgresqlCheck the GVMD logs. You should be able to see thattail -f /var/log/gvm/gvmd.logYou should see that the feeds are updating...md manage:WARNING:2022-07-07 04h56.34 utc:37220: sqlv: sql_exec_internal failedmd manage:WARNING:2022-07-07 04h56.36 utc:37181: sql_exec_internal: PQexec failed: FATAL: terminating connection due to administrator commandserver closed the connection unexpectedly This probably means the server terminated abnormally before or while processing the request. (7)md manage:WARNING:2022-07-07 04h56.36 utc:37181: sql_exec_internal: SQL: BEGIN;md manage:WARNING:2022-07-07 04h56.36 utc:37181: sqlv: sql_exec_internal failedmd main:MESSAGE:2022-07-07 04h56.55 utc:37302: Greenbone Vulnerability Manager version 21.4.6~dev1~git-500ef0c5-stable (GIT revision 500ef0c5-stable) (DB revision 242)md

Juan ArayaDesarrolloOpenVAS es un Open source Vulnerability scanner muy útil que permite encontrar fallas de seguridad e información Guía de Instalación de OpenVAS en Kali LinuxOpenVAS es un Open source Vulnerability scanner muy útil que permite encontrar fallas de seguridad e información detallada de vulnerabilidades que pueden ser explotadas para poner en peligro la confidencialidad, la disponibilidad y la integridad de los datos almacenados y procesados en nuestros equipos. Abajo encontrarás los pasos de instalación requeridos.Paso 1: Actualiza el sistema operativo ejecutando en una terminal:sudo-apt-get updatesudo-apt-get upgradePaso 2. Instala GVMsudo apt-get install gvm*Paso 3 Inicia la configuración de openvassudo gvm-setupSe iniciará la descarga de todas las firmas que utiliza Openvas para detectar vulnerabilidadesPaso 4 Instala UFWsudo apt-get install ufwPaso 5 Habilita UFW y permite el acceso al servidor de OpenVAS a traves de los puertos 80 y 9392sudo ufw enablesudo ufw allow 80sudo ufw allow 9392Paso 6 Instala el asistente de greenbonesudo apt-get install -y greenbone-security-assistantPaso 7 Confirma que OpenVas estés instalado correctamente y listo para ser usadosudo gvm-check-setupPaso 8 inicia Open y haz loginEn una terminal ejecuta sudo gvm-start y abre un browser Security Architect, CompTIA CASP+, Pentest+ SME, CySA+, Sec+, AWS Cloud, Master Cybersecurity, Fortinet NSE, Alibaba Cloud‍Únete a nuestra NewsletterLidera la Conversación en la Nube

/var/lib/gvm/scap-data/nvdcve-2.0-2020.xmlmd manage: INFO:2022-07-07 05h06.32 UTC:37327: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2022.xml...Creating Systemd Service units for GSA servicesWhen run, the installer creates GSA daemon service unit, /lib/systemd/system/gsad.service.Let us modify this service unit file;cp /lib/systemd/system/gsad.service{,.bak}cat > /lib/systemd/system/gsad.service The option, -k /var/lib/gvm/private/CA/clientkey.pem -c /var/lib/gvm/CA/clientcert.pem, is as per the certificates path generated by running the gvm-manage-certs command above.Enable GVM user to run gsad with sudo rights;echo "gvm ALL = NOPASSWD: $(which gsad)" >> /etc/sudoers.d/gvmReload system unit configs and start the services;systemctl daemon-reloadsystemctl enable --now gsadChecking the status;systemctl status gsad● gsad.service - Greenbone Security Assistant daemon (gsad) Loaded: loaded (/lib/systemd/system/gsad.service; enabled; vendor preset: enabled) Active: active (exited) since Thu 2022-07-07 18:56:01 UTC; 33s ago Docs: man:gsad(8) Process: 36900 ExecStart=/usr/bin/sudo /usr/local/sbin/gsad -k /var/lib/gvm/private/CA/clientkey.pem -c /var/lib/gvm/CA/clientcert.pem (code=exited, status=0/SUCCESS) Main PID: 36900 (code=exited, status=0/SUCCESS) Tasks: 4 (limit: 2281) Memory: 3.4M CGroup: /system.slice/gsad.service ├─36915 /usr/local/sbin/gsad -k /var/lib/gvm/private/CA/clientkey.pem -c /var/lib/gvm/CA/clientcert.pem └─36916 /usr/local/sbin/gsad -k /var/lib/gvm/private/CA/clientkey.pem -c /var/lib/gvm/CA/clientcert.pemJul 07 18:56:01 ubuntu20 systemd[1]: Started Greenbone Security Assistant daemon (gsad).Jul 07 18:56:01 ubuntu20 sudo[36900]: gvm : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/sbin/gsad -k /var/lib/gvm/private/CA/clientkey.pem -c /var/lib/gvm/CA>Jul 07 18:56:01 ubuntu20 sudo[36900]: pam_unix(sudo:session): session opened for user root by (uid=0)Jul 07 18:56:04 ubuntu20 sudo[36912]: Oops, secure memory pool already initializedJul 07 18:56:04 ubuntu20 sudo[36900]: pam_unix(sudo:session): session closed for user rootCheck the logs;tail -f /var/log/gvm/gsad.logCreate GVM ScannerSince we launched the scanner and set it to use our non-standard scanner host path (/run/gvm/ospd-openvas.sock), we need to create and register our scanner;sudo -Hiu gvm gvmd --create-scanner="Kifarunix-demo OpenVAS Scanner" \--scanner-type="OpenVAS" --scanner-host=/run/gvm/ospd-openvas.sockcommand output;Scanner created.Next, you need to verify your scanner. For this, you first need to get the scanner identifier;sudo -Hiu gvm gvmd --get-scanners08b69003-5fc2-4037-a479-93b440211c73 OpenVAS /run/ospd/ospd-openvas.sock 0 OpenVAS Default6acd0832-df90-11e4-b9d5-28d24461215b CVE 0 CVE17597043-78cb-492c-b7b4-3b4b36406ed1 OpenVAS /run/gvm/ospd-openvas.sock 9390 Kifarunix-demo OpenVAS ScannerBased on the output above, our scanner UUID is, 17597043-78cb-492c-b7b4-3b4b36406ed1.Verify the scanner;sudo -Hiu gvm gvmd --verify-scanner=17597043-78cb-492c-b7b4-3b4b36406ed1Command output;Scanner version: OpenVAS 21.4.5~dev1~git-773a6537-stable.Create GVM Admin UserCreate GVM administrative user by running the command below;sudo -Hiu gvm gvmd --create-user adminThis command generates a random password for the user. See sample output below;User created with password '3ae45864-0d6a-4a53-938f-730a1bb5d959'.If you want to create a user and at the same time create your own password;sudo -Hiu gvm gvmd --create-user USERNAME --password=PASSWORDOtherwise, you can reset the

With critical organizational data. Loss of such data not only results in monetary but also reputational damages. A data-based scanner searches for vulnerabilities within the database, such as weak passwords, missing patches, misconfiguration, etc., and highlights them to the users in real-time to avoid all underlying risks.Must Read- What’s the Difference Between Penetration Testing and Vulnerability Scanning?External Vulnerability Assessment Testing ToolsThere are many vulnerability Scanning tools available in the market. They can be paid, free, or open-sourced. Here are the 12 top notch vulnerability Assessment scanning tools you need to know before you decide to invest in one:1) AppknoxAppknox is the market leader, specializing in providing vulnerability-detecting applications for mobiles. Highest rated by Gartner & G2, Appknox has a completely automated vulnerability assessment process with the most advanced team to perform penetration testing for mobile application security testing. With over 20,000+ vulnerability scans conducted, Appknox has been able to help over 800+ mobile app businesses & Fortune 500 companies in reducing delivery timelines, and manpower costs & mitigating security threats for Global Banks and Enterprises in 10+ countries.2) Nikto Nikto is an open-source vulnerability scanner for web servers. Nikto offers expert solutions for scanning web servers to discover dangerous files/CGIs, outdated server software, and other problems. This is like a perfect in-house tool for all web server scanning that can detect misconfiguration and risky files for over 6700 items.3) OpenVas OpenVAS offers a full-featured vulnerability scanner capable of carrying out both authenticated and unauthenticated testing. OpenVAS is a complete suite of tools that collaboratively run comprehensive tests against client computers, leveraging a database of identified exploits and weaknesses. It provides an in-depth analysis of how well-guarded are the computers and servers against known attack vectors.4) WiresharkWireshark is a free and open-source network vulnerability scanner that empowers businesses to track activities at a micro level within the network. Wireshark is an advanced analysis tool with a packet sniffer that captures network traffic on local stores and networks to analyze data offline. It captures all network traffic from Bluetooth, ethernet, wireless, frame relay connections, token rings, and more.5) Qualys community editionQuality Community