OpenVAS是開放式漏洞評估系統,也可以說它是一個包含著相關工具的網絡掃描器。其核心部件是一個服務器,包括一套網絡漏洞測試程序,可以檢測遠程系統和應用程序中的安全問題。
- 最新版本 Kali Linux 2016.2 中不再自帶OpenVAS,需要自己安裝和配置
系統要求
- 源配置正確 參考
安裝
更新系統
apt-get update
apt-get upgrade
apt-get dist-upgrade
安裝OpenVAS
apt-get install openvas
安裝配置OpenVAS (這一步需要的時間非常久,需要下載很多文件,建議最好掛個國外代理進行這一步操作,不然你可以喝10幾杯咖啡了,嘿嘿)
openvas-setup
檢查安裝 (如有提示錯誤的請按提示修復)
openvas-check-setup
.如我安裝時運行 openvas-check-setup 后 step 2 有報錯
......
OK: OpenVAS Manager database is at revision 146.
OK: OpenVAS Manager expects database at revision 146.
OK: Database schema is up to date.
OK: OpenVAS Manager database contains information about 51943 NVTs.
OK: At least one user exists.
OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
ERROR: No OpenVAS CERT database found. (Tried: /var/lib/openvas/cert-data/cert.db)
FIX: Run a CERT synchronization script like openvas-certdata-sync or greenbone-certdata-sync.
ERROR: Your OpenVAS-8 installation is not yet complete!
Please follow the instructions marked with FIX above and run this
script again.
If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.
根據提示運行 openvas-check-setup 后解決
root@kalitest:~# openvas-certdata-sync
[i] This script synchronizes a CERT advisory directory with the OpenVAS one.
[i] This script is for the SQLite3 backend.
[i] CERT dir: /var/lib/openvas/cert-data
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured CERT data rsync feed: rsync://feed.openvas.org:/cert-data
OpenVAS community feed server - http://www.openvas.org/
This service is hosted by Greenbone Networks - http://www.greenbone.net/
All transactions are logged.
If you have any questions, please use the OpenVAS mailing lists
or the OpenVAS IRC chat. See http://www.openvas.org/ for details.
By using this service you agree to our terms and conditions.
Only one sync per time, otherwise the source ip will be blocked.
receiving incremental file list
./
CB-K13.xml
1,430,197 100% 24.15kB/s 0:00:57 (xfr#1, to-chk=34/36)
CB-K13.xml.asc
181 100% 176.76kB/s 0:00:00 (xfr#2, to-chk=33/36)
CB-K14.xml
4,772,286 100% 22.20kB/s 0:03:29 (xfr#3, to-chk=32/36)
CB-K14.xml.asc
181 100% 176.76kB/s 0:00:00 (xfr#4, to-chk=31/36)
CB-K15.xml
6,117,922 100% 22.58kB/s 0:04:24 (xfr#5, to-chk=30/36)
CB-K15.xml.asc
181 100% 176.76kB/s 0:00:00 (xfr#6, to-chk=29/36)
.....
修復后再次運行 openvas-check-setup 檢查安裝
.....
看到 It seems like your OpenVAS-8 installation is OK.
安裝完成
還記得在運行 openvas-setup 這步最后一行顯示的 User created with password '47a7baeb-2f48-4fb9-9177-f6ba1fb058d8'. 嘛,這個密碼顯然不符合我們的使用習慣,改之
openvasmd --user admin --new-password xxxxxx
升級
openvas-feed-update
啟動OpenVAS
openvas-start
查看 GSAD services,OpenVAS manager, OpenVAS manager 端口情況
netstat -antp | grep 939
tcp 0 0 127.0.0.1:9392 0.0.0.0:* LISTEN 20764/gsad
tcp 0 0 127.0.0.1:9390 0.0.0.0:* LISTEN 20769/openvasmd
tcp 0 0 127.0.0.1:9391 0.0.0.0:* LISTEN 20773/openvassd: Wa
一切OK后使用瀏覽器訪問 https://127.0.0.1:9392 應該可以看到
登錄賬號 admin 和你前面設置的密碼
配置
設置OpenVAS服務器的地址
OpenVAS 在默認配置下,僅允許 127.0.0.1 地址本地連接
openvas-stop
編輯 /lib/systemd/system/greenbone-security-assistant.service
nano /lib/systemd/system/greenbone-security-assistant.service
[Unit]
Description=Greenbone Security Assistant
Documentation=man:gsad(8) http://www.openvas.org/
Wants=openvas-manager.service
[Service]
Type=simple
PIDFile=/var/run/gsad.pid
ExecStart=/usr/sbin/gsad --foreground --listen=127.0.0.1 --port=9392 --mlisten=127.0.0.1 --mport=9390
[Install]
WantedBy=multi-user.target
修改 --listen=127.0.0.1 為 --listen=0.0.0.0
[Unit]
Description=Greenbone Security Assistant
Documentation=man:gsad(8) http://www.openvas.org/
Wants=openvas-manager.service
[Service]
Type=simple
PIDFile=/var/run/gsad.pid
ExecStart=/usr/sbin/gsad --foreground --listen=0.0.0.0 --port=9392 --mlisten=127.0.0.1 --mport=9390
[Install]
WantedBy=multi-user.target
啟動服務查看
systemctl daemon-reload
openvas-start
netstat -antp | grep 9392
tcp 0 0 0.0.0.0:9392 0.0.0.0:* LISTEN 23158/gsad
