All Linux HowTo's Security HowTo's

Install OpenVAS on CentOS (2019)

This article explains how to install OpenVAS on CentOS 7. My earlier attempts to document the installation process of OpenVAS on CentOS 6 failed. OpenVAS is an alternative to (and a fork of) the very popular Nessus. It’s a very capable vulnerability scanner. I hope to write other articles on the use of OpenVAS soon.

Sunday 21st April 2019: OpenVAS has recently gone through a significant change with “openvas-9.0.3-6767.el7.art.noarch is obsoleted by greenbone-vulnerability-manager-10.0.0-6947.el7.art.noarch”. This HowTo is likely not correct any longer. I will try to modify it to meet the new changes.

A few prerequisites:

  1. Disable SELinux.
  2. Permit TCP port 9392, 443 and 80.

Run this command. It’s downloading a script and executing it:

wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo sh

Clear YUM:

yum clean all

Install OpenVAS from YUM:

yum install openvas atomic-sqlite-sqlite sshpass

Run the setup process and follow the prompts. This takes a few hours due to all the downloads it needs:

openvas-setup

You can set a new Admin password at any time later for the web portal:

openvasmd --user=admin --new-password=MySecretPassword

Set the NVT signature checking in “/etc/openvas/openvassd.conf”. The following is set to ‘yes’ by default. Change it to no:

nasl_no_signature_check = no

Restart the services:

systemctl enable redis
systemctl enable gsad
systemctl enable gvmd 
systemctl enable openvas-manager 
systemctl enable openvas-scanner

systemctl restart redis
systemctl restart gsad
systemctl restart gvmd
systemctl restart openvas-manager
systemctl restart openvas-scanner

Open your web browser and navigate to the following address and login with the username and password you’ve previously set:

"https://localhost:9392" or "https://localhost"

Further random notes

The following are my notes and attempts to resolve minor issues.

Schedule updates

It’s important to keep OpenVAS up to date. Schedule the following command(s):

greenbone-nvt-sync ; openvasmd --rebuild

Trouble exporting reports in PDF format

For assistance with PDF reports can be found in this thread “lists.wald.intevation.org/pipermail/openvas-discuss/2014-October/006939.htmlOID: 1.3.6.1.4.1.25623.1.0.108013”. I was not successful in my en-devour to resolve this matter. I’d say it’s more to do with CentOS rather than OpenVAS.

 

Similar Posts:

3 comments

  1. atomic has conflicts within their packages:
    Total 6.1 MB/s | 8.4 MB 00:00:01
    Running transaction check
    Running transaction test

    Transaction check error:
    file /usr/bin/openvas-nasl conflicts between attempted installs of openvas-scanner-6.0.0-6872.el7.art.x86_64 and openvas-libraries-9.0.3-6672.el7.art.x86_64
    file /usr/bin/openvas-nasl-lint conflicts between attempted installs of openvas-scanner-6.0.0-6872.el7.art.x86_64 and openvas-libraries-9.0.3-6672.el7.art.x86_64
    file /usr/lib64/libopenvas_misc.so conflicts between attempted installs of openvas-scanner-6.0.0-6872.el7.art.x86_64 and openvas-libraries-9.0.3-6672.el7.art.x86_64
    file /usr/lib64/libopenvas_nasl.so conflicts between attempted installs of openvas-scanner-6.0.0-6872.el7.art.x86_64 and openvas-libraries-9.0.3-6672.el7.art.x86_64
    file /usr/share/man/man1/openvas-nasl.1.gz conflicts between attempted installs of openvas-scanner-6.0.0-6872.el7.art.x86_64 and openvas-libraries-9.0.3-6672.el7.art.x86_64

Leave a Reply to Bill Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.