All Linux HowTo's Security HowTo's

Install OpenVAS on CentOS (2019)

This article explains how to install OpenVAS on CentOS 7. My earlier attempts to document the installation process of OpenVAS on CentOS 6 failed. OpenVAS is an alternative to (and a fork of) the very popular Nessus. It’s a very capable vulnerability scanner. I hope to write other articles on the use of OpenVAS soon.

A few prerequisites:

  1. Disable SELinux.
  2. Permit TCP port 9392.

Run this command. It’s downloading a script and executing it:

wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo sh

Clear YUM:

yum clean all

Install OpenVAS from YUM:

yum install openvas atomic-sqlite-sqlite sshpass

Run the setup process and follow the prompts. This takes a few hours due to all the downloads it needs:

openvas-setup

You can set a new Admin password at any time later for the web portal:

openvasmd --user=admin --new-password=MySecretPassword

Set the NVT signature checking in “/etc/openvas/openvassd.conf”. The following is set to ‘yes’ by default. Change it to no:

nasl_no_signature_check = no

Restart the services:

systemctl enable openvas-manager
systemctl enable openvas-scanner
systemctl enable redis
systemctl restart openvas-manager
systemctl restart openvas-scanner
systemctl restart redis

Open your web browser and navigate to the following address and login with the username and password you’ve previously set:

https://localhost:9392

Further random notes

The following are my notes and attempts to resolve minor issues.

Schedule updates

It’s important to keep OpenVAS up to date. Schedule the following command(s):

greenbone-nvt-sync ; openvasmd --rebuild

Trouble exporting reports in PDF format

For assistance with PDF reports can be found in this thread “lists.wald.intevation.org/pipermail/openvas-discuss/2014-October/006939.htmlOID: 1.3.6.1.4.1.25623.1.0.108013”. I was not successful in my en-devour to resolve this matter. I’d say it’s more to do with CentOS rather than OpenVAS.

 

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.