OpenVAS - HackMD

--- tags: ccdc --- https://securecompliance.gitbook.io/projects/openvas-greenbone-deployment-full-guide/deploying-greenbone-gvm-gsa-with-openvas Update to be based on this docker container and thet changes I made to it. Update to with documentation on making and deploying an offline deploy image and an online one. # OpenVAS ## Install #### Setup Docker ##### Debian ``` bash apt install docker.io ``` ### Install From CD ISO 1. Attach iso to VM (Actions > Edit Settings > CD > Datastore ISO > docker.openvas.iso) 2. Use the GUI to mount the CD Drive. 3. Open a root terminal in the CD Drive mount directory. 4. Copy the 7z file to the VM: `cp openvas.tar.7z ~/` 5. Install p7zip: `apt install p7zip` 6. Extract the tar file: `cd ~/; 7zr x *.7z` 7. Run `docker load < openvas.tar` 8. Start with: ``` bash docker run --detach --publish 8080:9392 --publish 5432:5432 --env DB_PASSWORD="non2021" --env PASSWORD="bob2021" --name gvm openvas:nvts ``` ### Docker > Best Docker Image I found so far: https://hub.docker.com/r/mikesplain/openvas To install just run: ``` bash docker pull mikesplain/openvas docker run -d -p <port>:443 --name openvas mikesplain/openvas ``` ### Manual #### Debian 9 & 10 ``` bash apt install openvas apt install rsync sqlite3 xsltproc openvas-setup ``` ## Usage #### Note: default credentials: username: admin password: admin or bob2021 > if using CD installer you need to goto https://localhost:8080 * At the top choose Scans > Tasks * Click the new task button give it a name ![](https://i.imgur.com/g7VRUHG.png) * Click the new target button give it a name ![](https://i.imgur.com/tCAwVro.png) * Put in the subnets to scan ![](https://i.imgur.com/AdEtNm1.png) * Add exclude hosts (List of IPs not to scan from team packet) ![](https://i.imgur.com/EJSRHzO.png) * Choose all TCP ports and top 100 UDP in the Port List Section ![](https://i.imgur.com/rs6F5Z9.png) * Save/Create the target * Select once for the scan schedule * Save/Create the Task * In the task list you should see your new scan, Run it ## Update Vulnerabitlity Definitions > Do this if you have time... ``` bash docker exec -it openvas bash ## inside container greenbone-nvt-sync openvasmd --rebuild --progress greenbone-certdata-sync greenbone-scapdata-sync openvasmd --update --verbose --progress /etc/init.d/openvas-manager restart /etc/init.d/openvas-scanner restart ``` ### Additional Configuration ```bash sudo echo 'LISTEN_ADDRESS="0.0.0.0"' >> /etc/default/openvas-gsa ```