OpenVAS – Vulnerabilty Assessment Tool

OpenVAS is one of the best vulnerability assessment and managment tool available in open source realm. It is easy to install and configure and is easy to manage it. In my several years of IT experience, I have come across various steps and methods to implement OpenVAS on various platforms, however, recently I did a implementation on CentOS and followed the following steps. This has been the simplest & easiest so far. Please feel free to share your experiences on various platforms and I will be happy to publish it.

OpenVAS is very resource hungry and will hog all your hardware resources. A 4 GB ram and at least a dual core processor is a must. To run multiple scans you will need a really strong server with lots of ram and more cores. Generally not recommend to run openvas on a virtual machine. You will get a ready to use VM on OpenVAS website, but neither OpenVAS nor I recommend OpenVAS be used in a production environment on a virtual machine

  1. Install CentOS.
  2. If installing remotely ssh into the server
  3. su – (su minus)
  4. Enter root password
  5. At root prompt enter: 
    1. wget -q -O - http://www.atomicorp.com/installers/atomic |sh
    2. yum install openvas - Answer various questions
    3. openvas-setup - Answer various questions. Generally choose defaults
    4. openvas-certdata-sync
    5. openvasmd --rebuild
    6. openvasmd 
    7. Open browser and type: http://localhost:9392
    8. Restart the machine if it does not start. Generally booting up takes a lot of time. So be very patient
  6. Sub point B & E takes a little time. So be very patient and enjoy your coffee

pic2 pic 1

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s