How to install OpenVAS on Red Hat Linux

OpenVAS is a framework of different services and tools for vulnerability scanning and vulnerability management. With vulnerability management, you look through the eyes of a potential attacker at your infrastructure. The goal is to find potential security issues before attackers will find them. In this tutorial, I show you how to install OpenVAS on Linux.

Table of Contents

Introduction

In this tutorial, we will use the free community edition of OpenVAS. For commercial use, I recommend getting the enterprise edition. It’s also possible to get a fully installed VM from the website of the vendor but we will build it all from the scratch on a rocky-linux vm.

Installing Rocky Linux

First of all, you‘ll need to get the newest rocky-linux minimal image from the website of the project. Just download the image and install a new rocky VM. In our case, we use Oracle VirtualBox.

Preparing

First of all, we check for the latest update of the OS:

sudo dnf update -y

The installer will now install all the latest updates for our system. Dependent on your internet connection and build-state of the image it can take some time.

We‘ll also need to install wget. It’s not included in the minimal installation of rocky-Linux.

sudo dnf install wget -y

Enable Power Tools and Install Epel

Powertools provides developer-related tools and libraries. Some of the needed EPEL packages depend on PowerTools packages, so we need to enable them first.

sudo dnf config-manager --set-enabled powertoolsCode language: JavaScript (javascript)

After this, we have to install EPEL (EPEL stands for Extra Packages for Enterprise Linux). This is the most important package source for RHEL and CentOS-Users.

sudo dnf install epel-release.noarch -yCode language: CSS (css)

After this we run another update, just to be safe.

sudo dnf update -y

Install Atomic Yum Repository

The Atomic or A.R.T. (Atomic Rocket Turtle) RPM repository is an open-source unsupported archive of software packages specifically for the CentOS and Redhat communities.

wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo shCode language: JavaScript (javascript)
OpenVAS Tutorial

We agree to the terms of use with yes and enable the repo by default.

OpenVAS Tutorial

Install OpenVAS

Now it’s time to install the gvm-scanner.

sudo dnf install gvm -y

There are around 400 packages to install this can take some time. 

Configure GVM

Before we start to configure gvm it’s important to disable SELinux, otherwise, the configure-process will not continue.

sudo sed -i 's/=enforcing/=disabled/' /etc/selinux/configCode language: JavaScript (javascript)

It’s time for a reboot so that changes take effect.

sudo shutdown –r now

After this, we start the configuration of gvm.

gvm-setup

During this process, gvm will update the Network Vulnerability Tests feed from the Greenbone Security Feed/Community Feed this can take some time depending on your internet connection.

Take a coffee-break ☺

After the update process, you’ll need to set an admin password for the web-gui.

OpenVAS Tutorial

Getting Started

And you’re ready to start. You can access the web interface with your server/vm-ip in your browser.

https://your-ip-adress

OpenVAS Tutorial

You can log in with the admin credentials that you set while the installation.

OpenVAS Tutorial

Conclusion

This is how to install OpenVAS on Red Hat Linux.

This article was written by Max Wilke, who regularly writes over at his own blog.

6 thoughts on “How to install OpenVAS on Red Hat Linux”

  1. Am I disabling selinux just to get the configuration process to work and then re-enabling it to protect the system? Or is the suggestion/requirement that I leave selinux disabled and, if so, why? Thanks!

    Reply
  2. This guide is great, but patially incomplete.

    1) missing python module:

    As of today (august 2022), following the instructions above will end up with ospd-openvas failing to start with this error. At least thiss was my experience on Rocky Linux 8.6.

    Traceback (most recent call last):
    File “/opt/atomicorp/bin/ospd-openvas”, line 5, in
    from ospd_openvas.daemon import main
    File “/opt/atomicorp/lib/python3.8/site-packages/ospd_openvas/daemon.py”, line 33, in
    from lxml.etree import tostring, SubElement, Element
    ModuleNotFoundError: No module named ‘lxml.etree’
    ospd-openvas.service: Main process exited, code=exited, status=1/FAILURE
    ospd-openvas.service: Failed with result ‘exit-code’.

    This can be fixed by applying the following fix:

    alternatives –set python3 /usr/bin/python3.8

    2) missing sudo entries

    For this all to work, the gvm user has to be able to run a few things via /etc/sudoers, otherwise scans will fail.

    gvm = NOPASSWD: /usr/sbin/openvas
    gvm = NOPASSWD: /usr/sbin/gsad

    3) database/feed updates

    Lastly, the following cron file should exist for the gvm user: (frequency and times are up to you. The EXAMPLE below runs the various updates at 5:15am, 6:15,.. 8:15. Please CHANGE these for your site so everyone isn’t hitting the servers at the same time…….

    15 5 * * * /usr/sbin/greenbone-feed-sync –type GVMD_DATA
    15 6 * * * /usr/bin/greenbone-nvt-sync
    15 7 * * * /usr/sbin/greenbone-feed-sync –type SCAP
    15 8 * * * /usr/sbin/greenbone-feed-sync –type CERT

    Reply
  3. Hi there, huge thanks for this tutorial!
    Though I’ve ran into a little problem. The feed status says for all types “Update in progres…” Any idea how I can check what is going wrong here?

    Reply
    • Hello!
      If I understand it right, does the update feed process hang off?
      Have you any output in the logs?

      You can come over to the ceos3c-discord, there we can have a short talk about your specific problem.

      Regards,
      Max

      Reply
      • Thank you for your response Max,

        It turned out to be a firewall setting that needed to be set. Problem solved!
        Will join the discord though 🙂

        Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Copy link
Powered by Social Snap