CentLinux

Monday, 27 February 2023

How to install OpenVAS on Rocky Linux 9

How to install OpenVAS on Rocky Linux 9

In this Linux tutorial, you will learn how to install OpenVAS on Rock Linux 9 or other Red Hat based Linux distributions.

 

Table of Contents:

     

    What is OpenVAS?:

    OpenVAS (Open Vulnerability Assessment System, originally known as GNessUs) is the scanner component of Greenbone Vulnerability Manager (GVM), a software framework of several services and tools offering vulnerability scanning and vulnerability management.

    All Greenbone Vulnerability Manager products are free software, and most components are licensed under the GNU General Public License (GPL). Plugins for Greenbone Vulnerability Manager are written in the Nessus Attack Scripting Language, NASL.

    Greenbone Vulnerability Manager began under the name of OpenVAS, and before that the name GNessUs, as a fork of the previously open source Nessus scanning tool, after its developers Tenable Network Security changed it to a proprietary (closed source) license in October 2005. OpenVAS was originally proposed by pentesters at SecuritySpace, discussed with pentesters at Portcullis Computer Security and then announced by Tim Brown on Slashdot.

    Greenbone Vulnerability Manager is a member project of Software in the Public Interest. (Source: Wikipedia)

     

    Environment Specification:

    We are using a minimal Rocky Linux 9 virtual machine with following specifications.

    • CPU - 3.4 Ghz (2 cores)
    • Memory - 2 GB
    • Storage - 20 GB
    • Operating System - Rocky Linux release 9.1 (Blue Onyx)
    • Hostname – openvas-01.centlinux.com
    • IP Address - 192.168.88.128/24

     

    Prepare your Rocky Linux Server:

    Connect with your Rocky Linux server as root using with the help of a ssh client.

    Set a Fully Qualified Domain Name (FQDN) for your OpenVAS server by using hostnamectl command.

    # hostnamectl set-hostname openvas-01.centlinux.com

    Edit /etc/hosts file in a vim text editor.

    # vi /etc/hosts

    Add following line in this file to setup name resolution.

    192.168.88.128 openvas-01.centlinux.com openvas-01

    Refresh your Yum cache and update software packages in your Rocky Linux server.

    # dnf makecache
    # dnf update -y

    Sometimes, the above command updates software packages related to Linux Kernel. If his happens then you should reboot your Linux operating system before moving forward with this Linux Tutorial.

    # reboot

    After restart check the Linux operating system and Linux Kernel versions.

    # cat /etc/rocky-release
    Rocky Linux release 9.1 (Blue Onyx)
    
    # uname -r
    5.14.0-162.12.1.el9_1.0.2.x86_64

    OpenVAS requires SELinux to be disabled.

    You can execute following sets of commands to permanently disable SELinux in your Rocky Linux server.

    # sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config
    # grubby --update-kernel ALL --args selinux=0
    # reboot

    You need to install wget command to download OpenVAS installer.

    Execute dnf command to install wget package.

    # dnf install -y wget

     

    Installing Third Party Yum Repositories:

    OpenVAS requires some software packages that are not available in standard yum repositories.

    Therefore, you are required to enable CRB (Power Tools) and EPEL (Extra Packages for Enterprise Linux) yum repositories.

    You can enable these yum repositories by executing following set of commands.

    # dnf config-manager --set-enabled crb
    # dnf install -y epel-release epel-next-release

    Execute following command to download and install Atomic yum repository.

    # wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo sh
    
    Atomic Free Unsupported Archive installer, version 7.0.2
    
    BY INSTALLING THIS SOFTWARE AND BY USING ANY AND ALL SOFTWARE
    PROVIDED BY ATOMICORP LIMITED YOU ACKNOWLEDGE AND AGREE:
    
    THIS SOFTWARE AND ALL SOFTWARE PROVIDED IN THIS REPOSITORY IS
    PROVIDED BY ATOMICORP LIMITED AS IS, IS UNSUPPORTED AND ANY
    EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
    IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ATOMICORP LIMITED, THE
    COPYRIGHT OWNER OR ANY CONTRIBUTOR TO ANY AND ALL SOFTWARE PROVIDED
    BY OR PUBLISHED IN THIS REPOSITORY BE LIABLE FOR ANY DIRECT,
    INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
    OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    OF THE POSSIBILITY OF SUCH DAMAGE.
    
    For supported software packages please contact us at:
    
      sales@atomicorp.com
    
    Do you agree to these terms? (yes/no) [Default: yes]
    
    Configuring the [atomic] repo archive for this system
    
    Installing the Atomic GPG keys: OK
    
    Downloading atomic-release-1.0-23.el9.art.noarch.rpm: Verifying...                          ################################# [100%]
    Preparing...                          ################################# [100%]
    Updating / installing...
       1:atomic-release-1.0-23.el9.art    ################################# [100%]
    
    Enable repo by default? (yes/no) [Default: yes]:
    
    
    The Atomic repo has now been installed and configured for your system
    The following channels are available:
      atomic          - [ACTIVATED] - contains the stable tree of ART packages
      atomic-testing  - [DISABLED]  - contains the testing tree of ART packages
      atomic-bleeding - [DISABLED]  - contains the development tree of ART packages

    Rebuild your cache for newly installed yum repositories.

    # dnf makecache
    Rocky / Red Hat Enterprise Linux 9 - atomic     1.1 kB/s | 3.0 kB     00:02
    Extra Packages for Enterprise Linux 9 - x86_64  4.8 kB/s | 8.9 kB     00:01
    Extra Packages for Enterprise Linux 9 - Next -   15 kB/s | 8.9 kB     00:00
    Rocky Linux 9 - BaseOS                          733  B/s | 4.1 kB     00:05
    Rocky Linux 9 - AppStream                       2.2 kB/s | 4.5 kB     00:02
    Rocky Linux 9 - CRB                             258 kB/s | 2.1 MB     00:08
    Rocky Linux 9 - Extras                          586  B/s | 2.9 kB     00:05
    Metadata cache created.

     

    Installing OpenVAS on Rocky Linux:

    Now you can install OpenVAS software by executing following commands.

    During installation, gvm updates Network Vulnerability Tests feed from the Greenbone Security Feed/Community Feed. It may takes a few more minutes, depends upon your Internet connection speed.

    # dnf install -y gvm
    # gvm-setup
    
    #####################################
    GVM Setup, Version: 6.1.0
    Atomicorp, Inc.
    #####################################
    
    cannot access /var/lib/alternatives/python: No such file or directory
     * Initializing database in '/var/lib/pgsql/data'
     * Initialized, logs are in /var/lib/pgsql/initdb_postgresql.log
    Created symlink /etc/systemd/system/multi-user.target.wants/postgresql.service → /usr/lib/systemd/system/postgresql.service.
    Created symlink /etc/systemd/system/multi-user.target.wants/redis.service → /usr/lib/systemd/system/redis.service.
    net.core.somaxconn = 1024
    vm.overcommit_memory = 1
    
    Update NVT, CERT, and SCAP data
    Please note this step could take some time.
    Once completed, this will be updated automatically every 24 hours
    
    
    Updating NVTs....
    /usr/bin/greenbone-nvt-sync
    
    ---
    ---
    ---
    
    sent 727 bytes  received 99,598,473 bytes  991,036.82 bytes/sec
    total size is 99,554,950  speedup is 1.00
    /usr/sbin/greenbone-feed-sync --type CERT success
    
    Updating OpenVAS Manager certificates: Complete
    
    GVMD startup: Done
    
    Set the GSAD admin users password.
    The admin user is used to configure accounts,
    Update NVT's manually, and manage roles.
    
    Enter Administrator Password:
    Verify Administrator Password:
    
    Created symlink /etc/systemd/system/multi-user.target.wants/ospd-openvas.service → /usr/lib/systemd/system/ospd-openvas.service.
    Created symlink /etc/systemd/system/multi-user.target.wants/notus-scanner.service → /usr/lib/systemd/system/notus-scanner.service.
    Created symlink /etc/systemd/system/openvas-manager.service → /usr/lib/systemd/system/gvmd.service.
    Created symlink /etc/systemd/system/multi-user.target.wants/gvmd.service → /usr/lib/systemd/system/gvmd.service.
    Created symlink /etc/systemd/system/greenbone-security-assistant.service → /usr/lib/systemd/system/gsad.service.
    Created symlink /etc/systemd/system/multi-user.target.wants/gsad.service → /usr/lib/systemd/system/gsad.service.
    Created symlink /etc/systemd/system/multi-user.target.wants/mosquitto.service → /usr/lib/systemd/system/mosquitto.service.
    success
    success
    
    
    #####################################
    Setup complete
      Log in to GSAD at https://localhost
    #####################################

    OpenVAS software has been installed successfully.

    To access OpenVAS software from network, you need to allow https service in Linux firewall.

    # firewall-cmd --permanent --add-service=https
    success
    
    # firewall-cmd --reload
    success

     

    Access Your OpenVAS Security Assistant:

    Open URL https://openvas-01.centlinux.com in a web browser.

    greenbone-security-assistant

    Login as admin user, you can use the password that you have set during execution of gvm-setup command.

    greenbone-security-assistant-dashboard

    You have reached at the Dashboard of OpenVAS Security Assistant.

     

    Conclusion:

    In this Linux tutorial, you have successfully learned how to install OpenVAS on Rocky Linux 9 or other Red Hat based Linux distributions.

    If you find this article useful? Consider supporting us by Buy Me A Coffee


    No comments:

    Post a Comment

    © 2023 CentLinux. All Rights Reserved.