OpenVAS is a framework of different services and tools for vulnerability scanning and vulnerability management. With vulnerability management, you look through the eyes of a potential attacker at your infrastructure. The goal is to find potential security issues before attackers will find them. In this tutorial, I show you how to install OpenVAS on Linux.
Table of Contents
- Installing Rocky Linux
- Enable Power Tools and Install Epel
- Install Atomic Yum Repository
- Install OpenVAS
- Configure GVM
- Getting Started
In this tutorial, we will use the free community edition of OpenVAS. For commercial use, I recommend getting the enterprise edition. It's also possible to get a fully installed VM from the website of the vendor but we will build it all from the scratch on a rocky-linux vm.
Installing Rocky Linux
First of all, you‘ll need to get the newest rocky-linux minimal image from the website of the project. Just download the image and install a new rocky VM. In our case, we use Oracle VirtualBox.
First of all, we check for the latest update of the OS:
sudo dnf update -y
The installer will now install all the latest updates for our system. Dependent on your internet connection and build-state of the image it can take some time.
We‘ll also need to install wget. It’s not included in the minimal installation of rocky-Linux.
sudo dnf install wget -y
Enable Power Tools and Install Epel
Powertools provides developer-related tools and libraries. Some of the needed EPEL packages depend on PowerTools packages, so we need to enable them first.
sudo dnf config-manager – set-enabled powertools
After this, we have to install EPEL (EPEL stands for Extra Packages for Enterprise Linux). This is the most important package source for RHEL and CentOS-Users.
Code language: CSS (css)
sudo dnf install epel-release.noarch -y
After this we run another update, just to be safe.
sudo dnf update -y
Install Atomic Yum Repository
The Atomic or A.R.T. (Atomic Rocket Turtle) RPM repository is an open-source unsupported archive of software packages specifically for the CentOS and Redhat communities.
wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo sh
Now it’s time to install the gvm-scanner.
sudo dnf install gvm -y
There are around 400 packages to install this can take some time.
Before we start to configure gvm it’s important to disable SELinux, otherwise, the configure-process will not continue.
sudo sed -i 's/=enforcing/=disabled/' /etc/selinux/config
It’s time for a reboot so that changes take effect.
sudo shutdown –r now
After this, we start the configuration of gvm.
During this process, gvm will update the Network Vulnerability Tests feed from the Greenbone Security Feed/Community Feed this can take some time depending on your internet connection.
Take a coffee-break ☺
After the update process, you’ll need to set an admin password for the web-gui.
And you’re ready to start. You can access the web interface with your server/vm-ip in your browser.
You can log in with the admin credentials that you set while the installation.
This is how to install OpenVAS on Red Hat Linux.
This article was written by Max Wilke, who regularly writes over at his own blog.