Needing to perform a security assessment on some new servers, I went looking for Nessus to install on my shiny new Karmic Koala box. Well, it has been a while since I used Nessus, but I knew that it went commercial. What I didn’t know was that OpenVAS was forked off as an OSS project until I went looking for a Nessus replacement. I did not find it to be as simple to install as Nessus was the last time I did that (apt-get ftw,) but I did find a pretty good post over a hackertarget.com that got me going. I had to do enough things differently that I wanted to post this here…if for no other reason than to help me remember it next time I have to do this from scratch.
I started with a fresh 32-bit install of Ubuntu 9.04 in a VM, and applied all updates. I added no repositories. I then opened a terminal, and changed to my Desktop.
Create a directory to hold everything, and change to it.
- mkdir openvas
- cd openvas
Take care of some dependencies.
- sudo apt-get install build-essential libgtk2.0-dev libglib2.0-dev libssl-dev htmldoc libgnutls-dev libpcap0.8-dev bison libgpgme11-dev libsmbclient-dev snmp pnscan
Download the tars to build everything.
- wget http://wald.intevation.org/frs/download.php/595/openvas-client-2.0.4.tar.gz
- wget http://wald.intevation.org/frs/download.php/561/openvas-libnasl-2.0.1.tar.gz
- wget http://wald.intevation.org/frs/download.php/600/openvas-libraries-2.0.3.tar.gz
- wget http://wald.intevation.org/frs/download.php/607/openvas-manager-0.6.1.tar.gz
- wget http://wald.intevation.org/frs/download.php/588/openvas-plugins-1.0.7.tar.gz
- wget http://wald.intevation.org/frs/download.php/593/openvas-server-2.0.2.tar.gz
Untar, configure, make, and make install each component, stepping back up one dir after each one.
- tar zxvf openvas-libraries-2.0.3.tar.gz
- cd openvas-libraries-2.0.3
- ./configure
- make
- sudo make install
- cd ..
- tar zxvf openvas-libnasl-2.0.1.tar.gz
- cd openvas-libnasl-2.0.1
- ./configure
- make
- sudo make install
- cd ..
- tar zxvf openvas-server-2.0.2.tar.gz
- cd openvas-server-2.0.2
- ./configure
- make
- sudo make install
- cd ..
- tar zxvf openvas-plugins-1.0.7.tar.gz
- cd openvas-plugins-1.0.7
- ./configure
- make
- sudo make install
- cd ..
- tar zxvf openvas-client-2.0.4.tar.gz
- cd openvas-client-2.0.4
- ./configure
- make
- sudo make install
- cd ..
Update the shared libraries cache
- sudo ldconfig
The next several steps are necessary to configure OpenVAS, and should be familiar to anyone who has used Nessus. If you are not, just follow the prompts and you will be fine. The synch process may take a very long time, depending on bandwidth, so don’t worry too much if it seems to drag.
- sudo openvas-mkcert
- sudo openvas-adduser
- sudo openvas-nvt-sync
Finally, lets start the daemon and the client.
- sudo openvasd –D
- sudo OpenVAS-Client
I hope someone else finds this useful. Thanks again to HackerTarget.com for the heavy lifting. You really ought to check them out for free and professional services. They have some great stuff on their site.
You might also enjoy:
{ 14 comments… read them below or add one }
cheers
(btw: you’ve got a type in the apt-get line: “ibsmbclient-dev” shoulf, of course, be “libsmbclient-dev”)
Thanks for the catch! fixed
ps – why not use the repos?
Didn’t come across a repo that had all…but can certainly consider posting an update to include the repo and steps to apt-get. Might look later, but if you know the repo send it on and I will run with it. Thanks.
beautiful site, btw
Thanks for that too…credit though should go to Ahren Ahimsa over at http://ahren.org/code/ahimsa, I got this theme from there. I do love it though, and am glad someone else thinks it looks good.
Thanks for the instructions Ed Fisher. Initially I had problem while installing 3.0 RC Version in Ubuntu v9.10. I was coming across with gcrypt.h not found. But after installing all the dependencies, the error got resolved. But one thing, before installing OpenVAS v3.0rc version you have to make sure that you have “cmake” installed and working.
If you are having problem while doing “openvas-nvt-sync” then sudo should be appended before the “openvas-nvt-sync” or else at the end of complete Rsync it will show an error and your plugins directory won’t be updated as well. Plugin imports is also very vital before you connect to openvas server to scan the required plugins. Else Openvas will come up with an error Connection to not found.
Well, “openvassd -D” won’t work for Ubuntu v9.10. You have to issue:
$sudo openvassd
Hope this additional information helps.
- Sujit
OpenVAS 3 just came out. Can you create a HOWTO? I am having trouble installing it on Karmic Koala.
Well, most of what I post here is stuff I have to do myself. I will probably want to update sometime, but I cannot promise when I will have time to do so.
Good job!
@ Bubba
I was unable to Install successfully from the Ubuntu repos. I believe it hasnt been maintained well.. I would recommend building from source,it doesnt take a rocket scientist to do so especially with the spoonfed info above.
Remember people, this is a security auditor, if you dont have a decent understanding of the Linux or Windows OS your not going to be able to do much with it. Also scanning remote hosts that you do have written consent to can get you in trouble. OpenVas leaves a bunch of traces behind and your ip. If you think you can hack(or really crack) with OpenVas think again, its for vuln identification. After you identify the vuln you have to hit it with an exploit, then inject a payload, make arbitrary commands,etc
So if your looking for a point, click, root type app this isnt it. Its good for closing holes on your pc, but if your lookig for an exploiter to use with OpenVas try the metasploit framework. The tools work great together and results can be imported from OpenVas right into MSF for vuln assessment then exploitation.
Why not use the repo?
The repo rarely installs OpenVAS correctly sure to dependencies not included in the repo package. To install OpenVas “correctly” you should install from source.
thanks for pointing that out. that lines up with my experience, but it’s good to see I’m not along with that-ed
FWIW, if you are still looking for a repo simply use the proper subdirectory of http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v3/ since that works just fine on Ubuntu.
Hi Chris,
Thanks for the tip!
Ed