How to install OpenVAS 3 in Ubuntu 9.10

Folks,
As you must be knowing that OpenVAS Community has released a new version for OpenVAS 3.x and they have come up with some many additional features this time i.e. GSA, openvas-administrator and openvas-manager. They are some of the useful features that you should give it a try! And at the same time we can also observe that this time their packages are kinda different as well. I will be telling you on how you can install OpenVAS in Ubuntu 9.10 as I was very happy that when I got OpenVAS installed in Ubuntu latest build!
Even though the method is pretty straight forward but there are some minor differences this time while you install OpenVAS 3.x engine in your Ubuntu build. Below are the processes you can follow systematically to install openvas in Ubuntu. Just follow the process exactly what it is written on you will be on your way to roll.
Basically Ubuntu 9.x doesn’t come with cmake binary which you have to install before you start the OpenVAS Installation procedure. So just go ahead and follow the below methods:

$ sudo apt-get update
$ sudo apt-get install build-essential libgtk2.0-dev libglib2.0-dev libssl-dev htmldoc libgnutls-dev libpcap0.8-dev bison libgpgme11-dev libsmbclient-dev snmp pnscan
$ sudo updatedb
$ sudo ldconfig
$ cd /home/user/Desktop
$ mkdir OpenVAS
$ cd OpenVAS
$ wget -c http://wald.intevation.org/frs/download.php/683/openvas-libraries-3.0.0.tar.gz
$ wget -c http://wald.intevation.org/frs/download.php/684/openvas-scanner-3.0.0.tar.gz
$ wget -c http://wald.intevation.org/frs/download.php/685/openvas-client-3.0.0.tar.gz
$ sudo tar -zxvf openvas-libraries-3.0.0.tar.gz
$ sudo tar -zxvf openvas-scanner-3.0.0.tar.gz
$ sudo tar -zxvf openvas-client-3.0.0.tar.gz

Install OpenVAS Libraries

$ cd openvas-libraries-3.0.0
$ sudo ./configure [If you configure without sudo in Ubuntu it will show errors]
$ sudo make [Build the package and keep an eye of the errors if you come across with anything]
$ sudo make install [Install the packages]
$ sudo ldconfig
$ cd ../openvas/scanner-3.0.0

Install OpenVAS Scanner daemons

$ cd openvas-scanner-3.0.0
$ sudo ./configure [If you configure without sudo in Ubuntu it will show errors]
$ sudo make [Build the package and keep an eye of the errors if you come across with anything]
$ sudo make install [Install the packages]
$ cd ../openvas-client-3.0.0

Install OpenVAS Client GUI

$ cd openvas-client-3.0.0
$ sudo ./configure 
$ sudo make
$ sudo make install
$ sudo updatedb
$ sudo ldconfig

Create cerficate for OpenVAS. [This step is mandatory]

$ sudo openvas-mkcert
Read the information displayed and press 'Ctrl+D' once you are done with it.

Create user account for OpenVAS Client. [It will be used to login to OpenVAS Client]

$ sudo openvas-adduser
Specify the new username and password and Press 'y' to add the newly created user.

Update your Openvas Plugins folder [/usr/local/lib/openvas/plugins] with the latest set of plugins.

$ openvas-nvt-sync [If you have write permission to plugins folder then no need to user sudo here]

Do a system reboot

$ sudo reboot

Load Openvas Daemon [For OpenVAS 3.x only]

$ openvassd

NOTE: In older versions of OpenVAS (2.x) an additional ‘s’ was not there. In 2.x OpenVAS engines it’s like this:

$ openvasd -D

Create your Scan Assistant and make use of the new logins which you had created for OpenVAS to login. Accept the certificate [Choose the first check box] so that it wont really care who is the CA authority of the generated certificate. Disable all the plugins from the ‘Plugins’ left navigation area. And choose your preferred plugins either by searching or by giving specific ID which you want to scan for.

I hope this guide will help you to some extent! Please drop your suggestions/feedback as it gives more encouragement :)

Enjoy!
XyluX

Dec 22nd, 2009 | Posted in Security
  1. Dec 24th, 2010 at 12:30 | #1

    OpenVAS site doesn’t have to do anything to login to their IRC Channel. You can just install xChat/mIRC and change your server data to : irc.oftc.net and join #openvas to get into their channel and put your queries to them.

  2. whit
    Sep 13th, 2010 at 06:15 | #2

    Installation went smoothly on Ubuntu 10.04 except for the openvas-nvt-sync step, since that tries to use mktemp when available, and the version isn’t apparently compatible as evoked. Commenting that out fixed it though:


    # if [ -n "`which mktemp`" ]; then
    # SYNC_TMP_DIR=`mktemp -d openvas-nvt-sync` || { echo "ERROR: Cannot create temporary directory for file download" >&2; exit 1 ; }
    # trap "rm -rf $SYNC_TMP_DIR" 0 1 2 5 15
    # fi

  3. Sep 7th, 2010 at 19:17 | #3

    Actually I did discover that you do need the UUID-DEV, but only if you are installing the 3.1 version. With 3.0 I did not have that issue.

    loknar28 :
    I am using Ubuntu 10.04 and just installed OpenVAS with this tutorial. I just now, however noticed this comment and the fact is I do not have uuid-dev installed. I do however have libuuid1 and uuid-runtime. Does this create any issues I might be unaware of? It appears it installed successfully, no errors apparent.

    sevyls :
    with ubuntu 10.04 you need “uuid-dev” as an requirement before compiling the libraries

  4. Sep 3rd, 2010 at 19:16 | #4

    I am using Ubuntu 10.04 and just installed OpenVAS with this tutorial. I just now, however noticed this comment and the fact is I do not have uuid-dev installed. I do however have libuuid1 and uuid-runtime. Does this create any issues I might be unaware of? It appears it installed successfully, no errors apparent.

    sevyls :
    with ubuntu 10.04 you need “uuid-dev” as an requirement before compiling the libraries

  5. Sep 3rd, 2010 at 19:10 | #5

    This is a great tutorial as I am sure others have mentioned. I would like to second the suggestion for a GSA tutorial as well.

    • XyluX
      Sep 7th, 2010 at 10:28 | #6

      Nice suggestion bro. I will surely post a tutorial on GSA installation/administration. I hope I can make it within this weekend. As I keep myself busy in some vulnerability research stuffs, so these days I am not getting adequate time to blog as well. However I will seriously look into your suggestion this time!

      Cheers!

  6. sevyls
    Jul 28th, 2010 at 13:18 | #7

    with ubuntu 10.04 you need “uuid-dev” as an requirement before compiling the libraries

    • XyluX
      Jul 29th, 2010 at 10:07 | #8

      Sevyls, thanks for this useful update!!!

  7. J. Kingston
    Jun 22nd, 2010 at 04:04 | #9

    Great how-to on installing Openvas. I had no problems installing it. Do you have a how-to on the GSA or can you point me to some help installing it?

    Thanks

    • XyluX
      Jun 22nd, 2010 at 09:23 | #10

      HI Kingston,
      Its a pleasure to know that it worked for you without any problem. :) I got so many mails regarding the GSA installation manual as well. However, as of now I don’t have any tutorial on installing GSA. As I am busy in doing some other protocol related research these days so I didn’t get any time to get my hands dirty on GSA. I will install GSA this weekend in my Lappie (I hope I will manage some spare times this weekend) and will let you know. For the time being I don’t have any tutorial link too, on how to install it but I hope it won’t be difficult at all. Anyways, I will give it a try this time and will update you about its status. Just wait for 2-3 more days :)

      - XyluX

  8. atout001
    May 21st, 2010 at 20:22 | #11

    Hi!
    woaa great :)
    but I would like to know if it’s possible to connect to a server via Internet Explorer or Firefox. For example, I enter the Ip address of a server in the browser and then I can launch a scan.

    • atout001
      May 21st, 2010 at 20:35 | #12

      It’s on a private Ip address (192.168….)

    • XyluX
      May 22nd, 2010 at 14:28 | #13

      Yeah, you can do that. You need to install GSA (Greenbone Security Administrator) and through that you can control the whole functionality of openvas scanning and all through the web wizard only, which is definitely a staunch feature in the new OpenVAS releases. They have a dedicated device which handles the server interface, you just have to install the device in your network and you are on your way to go!! There you can configure the RSS Feeds, Manage IP Address and all those stuffs which you basically require. ;)

      Hope it helps.
      - XyluX

      • atout001
        May 25th, 2010 at 11:51 | #14

        cheers mate :)

      • shahish
        Sep 7th, 2010 at 03:51 | #15

        Hi Xylux,
        I installed gsa(greenbone-security-assistant-1.0) on my ubuntu 9.10 it got installed sucessfully but the problem iam facing is that when i try to access via browser i.e https:// gsa home page is displayed but when i click on LOGIN button it ask me for username and password.
        Can u help me which uaername and password i need to put.

        • XyluX
          Sep 7th, 2010 at 10:23 | #16

          Hi Shahish,
          You need to create username and password for openvas logins. In your terminal, issue the command sudo openvas-adduser and fill-up the details accordingly.

          Hope it helps.

          • shahish
            Sep 7th, 2010 at 23:30 | #17

            Hi Xylux,

            Thanks for your reply.

            I did the below setups again:

            shahish@openvas:~$ sudo openvas-adduser
            Using /var/tmp as a temporary file holder.

            Add a new openvassd user
            ———————————

            Login : shahish
            Authentication (pass/cert) [pass] : pass
            Login password :
            Login password (again) :

            User rules
            —————
            openvassd has a rules system which allows you to restrict the hosts that shahish has the right to test.
            For instance, you may want him to be able to scan his own host only.

            Please see the openvas-adduser(8) man page for the rules syntax.

            Enter the rules for this user, and hit ctrl-D once you are done:
            (the user can have an empty rules set)

            Login : shahish
            Password : ***********

            Rules :

            Is that ok? (y/n) [y] y
            user added.
            shahish@openvas:~$

            After this when i try to access gsa through web browser as https:// and pressed Login button and used the username and password that created above i.e username:shahish, password:****.

            But also the same problem, it says incorrect username and password. did i need to restart any openvas services

            Note: Is it mandatory to purchase the hardware device from gsa i only installed the greenbone-security-assistant-1.0 source code on to my ubuntu.

            Need your valuable help.

            Regards,
            Shahish Nambiar

            • XyluX
              Sep 8th, 2010 at 00:27 | #18

              Shahish,
              Actually I forgot to tell you about creating a certificate. Can you please create the cert file? Once your certificate file is created then just do a reboot (even though its not required completely here), and then after reboot load the openvas daemon and make sure that you are not getting any load errors while the openvas daemon loads into your OS context.

              And about the device requirement AFAIK, its not required at all. But still I will confirm you tomorrow.

              - XyluX

              Hope it helps.

              • shahish
                Sep 8th, 2010 at 03:27 | #19

                HI Xylux,

                Thanks for your reply,

                As you said i did the below setups:

                1) Created the certificate:

                shahish@openvas:~$ sudo openvas-mkcert
                [sudo] password for shahish:
                ——————————————————————————-
                Creation of the OpenVAS SSL Certificate
                ——————————————————————————-

                This script will now ask you the relevant information to create the SSL certificate of OpenVAS.
                Note that this information will *NOT* be sent to anybody (everything stays local), but anyone with the ability to connect to your OpenVAS daemon will be able to retrieve this information.

                CA certificate life time in days [1460]:
                Server certificate life time in days [365]:
                Your country (two letter code) [IN]: IN
                Your state or province name [none]: Maharashtra
                Your location (e.g. town) [Berlin]: Thane
                Your organization [OpenVAS Users United]: Ugam Solution
                ——————————————————————————-
                Creation of the OpenVAS SSL Certificate
                ——————————————————————————-

                Congratulations. Your server certificate was properly created.

                /usr/local/etc/openvas/openvassd.conf updated
                The following files were created:

                . Certification authority:
                Certificate = /usr/local/var/lib/openvas/CA/cacert.pem
                Private key = /usr/local/var/lib/openvas/private/CA/cakey.pem

                . OpenVAS Server :
                Certificate = /usr/local/var/lib/openvas/CA/servercert.pem
                Private key = /usr/local/var/lib/openvas/private/CA/serverkey.pem

                Press [ENTER] to exit
                shahish@openvas:~$

                2) Rebooted the server:
                shahish@openvas:~$ sudo init 6

                3) Load the openvas daemon:
                shahish@openvas:~$ sudo openvassd
                All plugins loaded
                shahish@openvas:~$

                4) Loaded gsa:
                shahish@openvas:~$ sudo gsad –mport 9391
                shahish@openvas:~$

                checked on browser, still the same result i.e not accepting the username and password.

                Please help.

                Regards,
                Shahish Nambiar

                • XyluX
                  Sep 8th, 2010 at 11:24 | #20

                  Shahish,
                  It seems you have to compile/define the username and password in “gsad_oap.c.” (http://www.openvas.org/src-doc/gsa-1.0.0/gsad__oap_8c.html) file. Just give it a last try. I had a talk with some people and they said there is a default username/password defined for this. As I haven’t used gsa so I am unaware of the credentials as these days I am focusing on some different research works. However if the above file helps you then its great or else you can go to openvas IRC channel and put your query and they will help you immediately. BTW, I am glad to hear that your Openvas-Client is working flawlessly now. :)

                  And please put the answer here also if your GSA authentication issue is solved. So that I can put that information while I will be writing a new article about gsa installation.

                  - XyluX

              • shahish
                Sep 8th, 2010 at 05:42 | #21

                Hi Xylux,
                Iam able to generate report by Openvas-Client .

                Kindly do the needful

                Regards,
                Shahish Nambiar

              • shahish
                Sep 8th, 2010 at 18:06 | #22

                Hi Xylux,

                Sorry to disturb you again.

                will you please tell me what is the default username and password for gsa and how can i change it in “gsad_oap.c” file since it is little confusing file

                Thanks in advance.

                Regards,
                Shahish Nambiar

                • XyluX
                  Sep 8th, 2010 at 18:53 | #23

                  Not a problem bro.. But can you please ask this query in their IRC channel. They will tell you immediately..

              • shahish
                Sep 8th, 2010 at 22:10 | #24

                Hi Xylux,

                Thanks for your valuable support. Keep going.
                I will post in IRC Channel ans will post it once i get the solution on gsa.

                Regards,
                Shahish Nambiar

              • shahish
                Sep 16th, 2010 at 06:26 | #25

                Hi Xylux,
                I unable to find the IRC Channel.
                Wll u please tell me the link.

                Regards,
                Shahish Nambiar

                • XyluX
                  Sep 17th, 2010 at 00:52 | #26

                  Login to Server: irc.oftc.net (#openvas).
                  That is the official OpenVAS Channel.

                  - XyluX

                • shahish
                  Sep 23rd, 2010 at 04:11 | #27

                  Hi Xylux,

                  Sorry to disturb you again.

                  There offical site is down.

                  Still facing the same issue.

                  Thanks and regards,
                  Shahish Nambiar

                • XyluX
                  Sep 26th, 2010 at 13:44 | #28

                  OpenVAS site doesn’t have to do anything to login to their IRC Channel. You can just install xChat/mIRC and change your server data to : irc.oftc.net and join #openvas to get into their channel and put your queries to them.

    • atout001
      May 25th, 2010 at 19:00 | #29

      I don’t know if it’s only me but I’ve lots of problem to connect to the server… and I tried to use GSA it didn’t work.
      So first I try to connect too the server with the Client.
      When i tried to connect to the server with the client, it blocked on the screen “Conencting…”.
      Do you have any idea why?

      • atout001
        May 26th, 2010 at 11:52 | #30

        Ok I found why I had difficulty to connect to the server, it’s because i have clusters for my server and I configure the DNZ on one only… so it works now :)

        • XyluX
          May 26th, 2010 at 12:27 | #31

          hehe, ok.. its great then!! thanks for putting your solution though. May be it will help someone else here. ;)

    • atout001
      May 26th, 2010 at 16:07 | #32

      Sorry to ask another question but I tried to launch a scan in command line but it never worked…
      I wrote : Openvas-Client -c /root/openvas/openvas.rc -T text -q 192.168.198.14 9390 user password /root/openvas/scan/iptoscan.txt /root/openvas/scan/results.txt
      Then is asked me level of panaroia so i chose 1 and then i waited for more than an hour and nothing…
      Do you have an idea why?

      • XyluX
        May 26th, 2010 at 19:21 | #33

        Not a problem at all. Ask *n* number of questions. I always feel happy to help others.
        Anyways , try this in a privileged user:
        #openvas-nasl -tX script_name target_ip
        , and check the kb items corresponding to that that IP address. See my comments, you will find the kb location path for openvas. But before running the script just try this:
        $ openvas-nasl -pLX script_name.nasl
        This shouldn’t stdout any error message. If it shows then the script has some problem. Let me know if it works.

        - XyluX

        • atout001
          May 26th, 2010 at 20:21 | #34

          I tried to find the script but no way… Do I really need to see if the script is ok?because I can launch scan with the client, it should normally work in command line no?

          • XyluX
            May 26th, 2010 at 20:55 | #35

            Well of course yes! Without the correctness of the script how OpenVAS Client will send the request!!! And lets say even if you have the script and if your script is not coded properly then also OpenVAS won’t execute the Nasl plugin set.

            - XyluX

            • atout001
              May 26th, 2010 at 20:59 | #36

              So i don’t really need to execute : “$ openvas-nasl -pLX script_name.nasl” and “#openvas-nasl -tX script_name target_ip” ?
              How can i resolve my problem to launch a scan in command line? :)

              • XyluX
                May 26th, 2010 at 21:31 | #37

                The first one is required to check if your script is having errors or not and the second one is to run the script in the command line only. GUI doesn’t come into the picture here. Btw the script which you are scanning, if the script has something like get_kb_item(“Abc/Def/Ghi”) then better you scan the plugin through GUI mode as KB items wont be fetched in command line scans.

                - XyluX

                • atout001
                  May 27th, 2010 at 12:47 | #38

                  Ok
                  … Where do you find this script or how can I create it ? :)

                  I use Openvas-Client v3.0.0 and I tried to follow what you wrote for avinash.
                  So first, for the port scanner, i left it by default.
                  I checked “Openvas TCP Scanner”
                  I disabled “Silent” in Plugins Options
                  I logged into my account
                  I loaded most of the plugins :)
                  I did nothing in “Credentials” because I don’t really understand this section
                  I chose the right target
                  I did nothing in “Prefs” too
                  I enable KB saving and Testy all hosts (In /usr/local/var/lib/openvas/users//kbs/ I found file named my target
                  and the last thing you said I don’t understand ( Issue iptables -F to unload the ipchains and give it a try.)

                  I don’t find any script :)

                • XyluX
                  Jun 7th, 2010 at 00:52 | #39

                  Atout,
                  Sorry for the delayed response buddy as I was bit away and didn’t get time to look into the post comments. Anyways, Lets come to the topic now. Well, “Credentials” tab is one of the most important tab while you scan because, let’s say if you want to check for a vulnerability in the target machine and the plugin needs remote machine credentials to scan the target, then you have to give the SMB/SSH Credentials (NTLMSSP is enabled now so it should work in any new OS e.g. Windows7, Win2008 or Vista). In that case only your scripts will scan the target. But if you want to check some HTTP related stuffs then you don’t have to pass any credentials of that target machine.
                  - No need to load most of the plugins as it will eat your time unnecessarily unless you require all 17k scripts badly. Unloading ipchain is required because sometimes if you are scanning a remote linux box but the built-in firewall inside Linux blocks the inbound traffic then your scanner won’t be able to communicate with the system further. So its better to unload the firewall and launch the scan. After the scanning is complete, you can enable the iptables ($sudo service iptables restart) though.
                  - You will find all the scripts which OpenVAS clients from, “/usr/local/lib/openvas/plugins/”. Just cd to that path and ls for *.nasl files. Those are your script files.

                  I hope it will give you some more hints to perform your required task. If still you face any problems then do let me know.

                  - XyluX

  9. avinash bhat
    May 18th, 2010 at 17:25 | #40

    I have installed this plugins packages,

    -pnscan
    -nmap
    -amap
    -ike-scan
    -nikto
    -portbunny
    -snmpwalk
    etc…

    All this plugins are working and able to scan remote system.
    But when i select the same thing in openVAS’client GUI not able to get the same report what expected out of report.

    And also i have installed all the plugins currentlz there are some around 17k+… But still Not getting expected result out of openVAS as i am getting it in Terminal…

    • XyluX
      May 20th, 2010 at 10:51 | #41

      Avinash,
      Just make sure that you are following these:
      * In ‘General’ -> ‘Options’ tab, you have chosen the right port scanner field check boxes.
      * DO give a check mark in “OpenVAS TCP Scanner” as well.
      * Check in ‘Plugins’ Options, Checkmark is enabled/disabled for “Silent” as sometimes it supresses the unnecessary outouts. Lets say you are scanning a script which sends a crafted malicious request to the target server and before sending the request the script makes use of “get_kb_item” function to retrieve X Server’s version then if you have given check mark in Silent then it may not print the Target server’s version in the GUI frontend.
      * Make sure that you have created a new account and logged into to the OpenVAS GUI context.
      * No need to load all the 17k plugins as it takes lots of time to scan the target. Just choose the appropriate ones which fits your needs. Else unnecessary you will end up with spending so much of times which is not required at all.
      * Check in the “Credentials” Tab, whether you have issued the right Uid and Password or not (Its not required for remote a.k.a port based checks though).
      * Confirm that you have given the right target in the Target options and you are able to reach the machine.
      * Check whether you have configured ‘Advanced Plugin Preferences’ under ‘Prefs’ accordingly or not.
      * And DO enable KB savings and tail the KB items. (Location: /usr/local/var/lib/openvas/users//kbs/)
      * Issue iptables -F to unload the ipchains and give it a try.

      I hope it helps. Let me know if still you are having the same issue.

      - XyluX

      • avinash bhat
        May 20th, 2010 at 14:37 | #42

        XyluX,

        Thanks a lot for your usefull information regarding openvas,

        I am able to get the reports.

        The only 2 plugins im getting confused with is -

        -SLAD
        -ldapsearch

        Please let me know how to install and configure accordingly to openvas…

        Cheers,
        Avinash Bhat

        • XyluX
          May 21st, 2010 at 23:30 | #43

          Are you getting any error while loading the openvas daemon? basically while loading the Openvas daemon, it should show you errors if any of the code can’t be launched or wont be visible in the plugins categories list.

          - XyluX

  10. Francesco
    May 14th, 2010 at 20:17 | #44

    Hi XyluX
    I have installed Openvas 3.x on a CentOS 5, using the .rpm by atomic.
    I installed the three mandatory modules and the optional ones, but I can’t find the way to use them.
    Do you know how openvas-cli, openvas-manager and openvas-administrator should be used, or do you know were I can find some guide about?

    Thank you
    Francesco

    • XyluX
      May 20th, 2010 at 11:20 | #45

      Hey Francesco,
      Well due to my packed schedules I am not getting time to work that much on Openvas new features i.e. openvas-administrator, openvas-cli and manager. What I can say you for the time being is openvas-manager is used to configure your commercial (NVT) plugin feeds through web and you need to have SQL db integrated for openvas-manager as it saves the scan outputs in a sql db and gsa (greenbone security assistant) feature will give the freedom to choose the feeds, scanning tasks through a nice web based interface. It would be better if you can join their mailing list and ask about these new additional feature related queries over there.

      - XyluX

  11. hooya
    Apr 25th, 2010 at 21:43 | #46

    XyluX, thanks so much for sharing.

  12. Ocean Goh
    Apr 21st, 2010 at 19:42 | #47

    hi, When I run the command sudo openvassd, my pc was shut down accidentally. When I reboot it and try to rerun this command, it halted half way with this error:

    Loading the plugins… 7548 (out of 16999)
    ** ERROR **: File is empty
    aborting…
    Aborted

    Any ideas how to solve this?

    • XyluX
      Apr 25th, 2010 at 19:22 | #48

      What is the OS in which you are trying to install OpenVAS? Can you tell me whats the name of the script which is showing error? I doubt may be the script name is sasser*worm*.nasl(not completely sure though). Better you do one thing, the time you are loading all 17k scripts into your box, do an “openvas-nvt-sync” and leave your machine for sometime. Once the whole process is complete then try to load the NVT plugin sets through “$sudo openvasdd” or “$sudo openvasd -D”. Hope it resolves your issues. Let me know if it helps!

      - XyluX

  13. Apr 21st, 2010 at 09:27 | #49

    Xylux,

    I tried to get the cmake and i get invalid operation.

    • XyluX
      Apr 22nd, 2010 at 10:54 | #50

      First make sure that you are in root or if you are not in root then issue apt-get/yum through sudo. If that also doesn’t work then you may give this URL a try, you will get the cmake package from the below link:
      http://www.cmake.org/cmake/resources/software.html

      - XyluX

  14. Malik ak
    Apr 20th, 2010 at 03:43 | #51

    Hi;

    I started the procedure, I have a make issue: ‘cd base && cmake -DCMAKE_INSTALL_PREFIX=/usr/local -DSYSCONFDIR=/usr/local/etc -DLOCALSTATEDIR=/usr/local/var -DHAVE_WMI=NO -DLIBDIR=/usr/local/lib && make
    /bin/sh: cmake: not found
    make: *** [all] Error 127

    please help

    • XyluX
      Apr 20th, 2010 at 10:53 | #52

      Malik ak :

      Hi;

      I started the procedure, I have a make issue: ‘cd base && cmake -DCMAKE_INSTALL_PREFIX=/usr/local -DSYSCONFDIR=/usr/local/etc -DLOCALSTATEDIR=/usr/local/var -DHAVE_WMI=NO -DLIBDIR=/usr/local/lib && make
      /bin/sh: cmake: not found
      make: *** [all] Error 127

      please help

      Malik, just make sure that you have installed cmake package into your Ubuntu box. Even I have mentioned about this problem in the second paragraph itself, that you need to have cmake package before proceeding with the installation steps. Just do an apt-get and it should work. But remember to do “$ sudo updatedb” before installing cmake as sometimes your machine may not be able to search for the package without the updated app repo database. I hope it solves your problem. :) Let me know if you come up with any issues further.

      - XyluX

  15. avinash bhat
    Apr 19th, 2010 at 17:24 | #53

    Hi,

    this blog looks pretty good explained about OpenVAS. I installed OpenVAS on Debian (Raid Systems)(SERVER) nd trying to scan by giving the localhost address or any remote systems… The problem is the report which is getting as an output from openvas is only regarding PORT’s, i just wanted to know is it possible to scan based on application installed in the remote systems or is it possible to scan specific files which i needed to scan respectively.

    please provide me the best solution for it, waiting for the earliest response.
    my mail id: avinashvbhat@gmail.com

    Thanking you,
    Avinash Bhat

    • XyluX
      Apr 20th, 2010 at 11:12 | #54

      Avinash,
      OpenVAS is a full fledged vulnerability scanner. Its not specific to ports only. It can even scan your web applications and various win/linux processes. It scans various protocols for finding various flaws as well. So the time you are loading OpenVAS, just do an “openvas-nvt-sync” in the command line which will update the plugins folder (/usr/local/openvas/plugins) through rsync. And then load the Openvas daemon to load OpenVAS client with the updated plugin sets. After that connect to your openvas server using the login credentials which you have configured at the time of installation and from the Plugins (You’ll see this in the left side navigation panel) category and choose what type of scanning you want to perform. You will see various scanning criteria over there. Just choose your preferred one. And at the same time if you want to do safe/unsafe checks that you can also perform as well. You will find a check box in the general Tab. At last I would say, OpenVAS is an excellent tool and its very very flexible by nature. The recent version of OpenVAS has some great features as well. You must experiment with those features if you want!!!
      In the final note, please subscribe OpenVAS mailing list for the new feature updates and product development/enhancement change updates. Just navigate to Openvas.org website and point to its developers corner. You will find the mailing list details.
      - XyluX

      • avinash bhat
        May 18th, 2010 at 14:16 | #55

        Hi XyluX,
        Thanks for sharing the important things regarding openvas,

        when i try openvas-nvt-sync on the terminal i am getting this out

        # openvas-nvt-sync
        OpenVAS NVT Sync $

        Configured NVT Feed: rsync://rsync.openvas.org:/nvt-feed
        Synchronized into: /usr/local/lib/openvas/plugins

        Searching for required system tools …
        Synchonizing NVTs via RSYNC …
        rsync: getaddrinfo: rsync.openvas.org 873: Name or service not known
        rsync error: error in socket IO (code 10) at clientserver.c(104) [receiver=2.6.9]
        Error: rsync failed. Your NVT collection might be broken now.

        The thing is there is no internet connection to the system where i am trying to install openvas… So please let me know what can i do for this error…

        And also i have so many questions regarding openvas, Thanks once again a lot for sharing openvas related stuffs…

        -Avinash Bhat

        • XyluX
          May 20th, 2010 at 11:08 | #56

          You need to have connection to web if you want to use openvas-nvt-sync. That is mandatory. Otherwise you have to get the plugins from wald.intevation.org manually which I won’t recommend you at all as it will consume so much of your valuable time!! Or else you can browse through here to see the whole updated OpenVAS plugins listing. Hope it helps.

          Enjoy!
          XyluX

          • avinash bhat
            May 20th, 2010 at 14:35 | #57

            -XzluX
            yep, i have already copied all the plug’ins and copied it in to /usr/local/lib/openvas/plugins.

            In openVAS client i am able to find 17k+ plugins…

            The only two plugins which i not able to do is SLAD and ldapsearch…

            Please if you know anything regarding this lemme know as soon as possible.

            Cheers,
            Avinash Bhat

  16. Eric
    Mar 4th, 2010 at 01:42 | #58

    Thank you for this, it was very helpful in getting OpenVAS set-up. The only thing this guide doesnt contain is how to start the client, which isnt hard other than it starts with a capital O. $ OpenVAS-Client

    • XyluX
      Mar 4th, 2010 at 10:59 | #59

      Yeah Eric, you are right that I haven’t mentioned the method on how to start the client. But earlier I have put in one of my related reply comments on how to do the same. I have posted this instruction in Zack’s post’s reply. I just said this FYI. No offense!

      - XyluX

  17. Joachim
    Feb 20th, 2010 at 03:16 | #60

    With this guide I had my OpenVAS installatin on a clean and new Ubuntu 9.10 VMWare machine up and running in less than 30 minutes. No problems, no errors. Excellent. Many thanks.
    Joachim

  18. yaggi
    Feb 17th, 2010 at 13:30 | #61

    Hi folks, something is missing in the initial packages. please include libgcrypt11-devel

    • XyluX
      Feb 18th, 2010 at 23:38 | #62

      Yaggi, I tried with the exact above library files in my Ubuntu 9.10 and it got installed successfully. May be I had the libcrypt already installed in my box. None the less I tried the above procedure in a new Ubuntu machine. I am just wondering that why it asked you to install libcrypt in the same ubuntu 9.10 box!! Are you running Ubuntu 9.10 ?? Anyways I will give it a re-try in one vmware and if it asks then I will surely update the required library lists. Thanks for the update though :)

  19. Zack
    Feb 17th, 2010 at 01:28 | #63

    Hi Xylux, i cant find the folder in Backtrack 4 Final for the openvas folders.. please help

    • XyluX
      Feb 18th, 2010 at 22:36 | #64

      Zack,
      In BT v3 (I forgot which exact version it was), OpenVAS was pre-installed with the default OS Installation. However you can check for the existence of openvas by just typing ‘Op’ (case sensitive) and hit tabs twice and see if it lists OpenVAS-Client in the console of nor. If it doesn’t invoke then please go ahead with following the above method for installation.

  20. XyluX
    Feb 4th, 2010 at 00:26 | #65

    Yeah sure, you can overwrite your OpenVAS with the 3.x edition. But just make sure that you are following the right priority of tar files to upgrade the installation. And also make sure that ‘openvasd’ daemon is not running while you are running the update process as it may mess up the things. So do a “$ sudo killall openvasd” 2-3 times unless and untill openvasd is fully terminated.

  21. yaggi
    Feb 3rd, 2010 at 21:20 | #66

    Im having openvas ver 2 (BT4 Final), How can i change it to openvas 3..
    My BT4 final is installed in my machine

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

*