May 182011
 
openvas gsd interface

So backtrack 5 still using the older openvas-2 series and I actually like the newer version.  So here are the instructions on getting the latest version installed. This will install these versions: openvas libraries 4.0.5-1; openvas scanner 3.2.4-1; openvas client 3.0; openvas manager 2.0.4-1; openvas admin 1.1.1-1; gsa 2.0.1-1; gsd 1.2.0-1; openvas cli 1.1.2-1 as packaged by the opensuse build service.

 

NOTE: June 23, 2011 — if the version numbers have changed, you can browse the repository address and update this document accordingly.  Also, yes, this does work on my bt5 install on three different systems.  I am installing on a 4th system now and will update the steps because I think I may have left 1 or 2 out.

Step 1: Configure OBS Repository

sudo apt-get -y install python-software-properties
sudo add-apt-repository "deb http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_10.04/ ./"
sudo apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys BED1E87979EAFD54
sudo apt-get update

Step 2: Quick-Install OpenVAS

# remove the version from backtrack if it exists
apt-get remove libopenvas2 libopenvasnasl2 openvas-plugins-base openvas-plugins-dfsg openvas-server openvas-client openvas-scanner
mkdir -p /usr/local/var/lib/openvas/mgr/
# if this directory exists, archive and remove it then symlink to new location, restore files to new location
ls /var/lib/openvas
# only if above directory exists
cd /var/lib/openvas
tar czfvp ~/var_lib_openvas.tar.gz /var/lib/openvas
rm -rf /var/lib/openvas
sudo ln -s /usr/local/var/lib/openvas /var/lib/openvas
cd /var/lib/openvas
tar xzfvp ~/var_lib_openvas.tar.gz
# because some packages are in bt repo, we specify version numbers to make sure we pull from new repo
sudo apt-get -y install greenbone-security-assistant=2.0.1-1 gsd=1.2.0-1 openvas-cli=1.1.2-1 openvas-manager=2.0.4-1 openvas-scanner=3.2.4-1 openvas-administrator=1.1.1-1 sqlite3 xsltproc libmicrohttpd10 libopenvas4

Step 3: Quick-Start OpenVAS
(copy and paste whole block, during first time you will be asked to set a password for user “admin”)

test -e /var/lib/openvas/CA/cacert.pem || sudo openvas-mkcert -q
sudo openvas-nvt-sync
test -e /var/lib/openvas/users/om || sudo openvas-mkcert-client -n om -i
sudo /etc/init.d/openvas-manager stop
sudo /etc/init.d/openvas-scanner stop
# this next step takes some time to complete as it loads 21,000 plus plugins
sudo openvassd
sudo openvasmd --migrate
sudo openvasmd --rebuild
# you may need to do the next step more than once (about 3 times matter of fact)
sudo killall openvassd
# You need to edit the locations of the DAEMONS and pidfiles in the startup scripts:
sudo sed -i 's/DAEMON=\/usr\/sbin\/openvassd/DAEMON=\/usr\/local\/sbin\/openvassd/g' /etc/init.d/openvas-scanner
sudo sed -i 's/PIDFILE=\/var\/run\/openvassd.pid/PIDFILE=\/usr\/local\/var\/run\/openvassd.pid/g' /etc/init.d/openvas-scanner
sudo sed -i 's/DAEMON=\/usr\/sbin\/openvasmd/DAEMON=\/usr\/local\/sbin\/openvasmd/g' /etc/init.d/openvas-manager
sudo sed -i 's/PIDFILE=\/var\/run\/openvasmd.pid/PIDFILE=\/usr\/local\/var\/run\/openvasmd.pid/g' /etc/init.d/openvas-manager
sudo sed -i 's/DAEMON=\/usr\/sbin\/openvasad/DAEMON=\/usr\/local\/sbin\/openvasad/g' /etc/init.d/openvas-administrator
sudo sed -i 's/PIDFILE=\/var\/run\/openvasad.pid/PIDFILE=\/usr\/local\/var\/run\/openvasad.pid/g' /etc/init.d/openvas-administrator
sudo sed -i 's/PIDFILE=\/var\/run\/gsad.pid/PIDFILE=\/usr\/local\/var\/run\/gsad.pid/g' /etc/init.d/greenbone-security-assistant
sudo ln -s /usr/sbin/openvassd /usr/local/sbin/openvassd
sudo ln -s /usr/sbin/openvasmd /usr/local/sbin/openvasmd
sudo ln -s /usr/sbin/openvasad /usr/local/sbin/openvasad
sudo ln -s /usr/sbin/gsad /usr/local/sbin/gsad
# now we can start it all up
sudo /etc/init.d/openvas-scanner start
sudo /etc/init.d/openvas-manager start
sudo /etc/init.d/openvas-administrator restart
sudo /etc/init.d/greenbone-security-assistant restart
test -e /var/lib/openvas/users/admin || sudo openvasad -c add_user -n admin -r Admin

Step 4: Testing All Is Working

ps aux | grep openvas
root     26477  0.0  0.5  96404 49080 ?        Ss   02:04   0:00 openvassd: waiting for incoming connections
root     26497  0.1  0.1 127184 15820 pts/2    S    02:05   0:00 /usr/local/sbin/openvasmd --database=/var/lib/openvas/mgr/tasks.db --listen=127.0.0.1 --port=9390 --slisten=127.0.0.1 --sport=9391
root     26520  0.0  0.0  72404  1476 pts/2    S    02:06   0:00 /usr/local/sbin/openvasad --listen=127.0.0.1 --port=9393 --users-dir=/var/lib/openvas/users --scanner-config-file=/etc/openvas/openvassd.conf --sync-script=/usr/sbin/openvas-nvt-sync

Step 5: Create Additional Users

sudo openvasad -c add_user -n USERNAME -r Admin/User

Step 6: Log into OpenVAS as “admin”

Open https://localhost:9392/ or start “gsd”.

openvas gsd interface

Step 7: Create start-up and stop scripts:

vi ~/openvas-start.sh

#!/bin/bash
sudo /etc/init.d/openvas-scanner start
sleep 10
sudo /etc/init.d/openvas-manager start
sleep 10
sudo /etc/init.d/openvas-administrator restart
sleep 10
sudo /etc/init.d/greenbone-security-assistant restart
sleep 10
gsd &

create the stop script:

vi ~/openvas-stop.sh

#!/bin/bash
sudo /etc/init.d/openvas-scanner stop
sleep 10
sudo /etc/init.d/openvas-manager stop
sleep 10
sudo /etc/init.d/openvas-administrator stop
sleep 10
sudo /etc/init.d/greenbone-security-assistant stop
sleep 10
sudo killall openvassd
sleep 10
sudo killall openvasmd
sleep 10
sudo killall openvasad
sleep 10
sudo killall gsad
sleep 10
ps aux | grep openvas
ps aux | grep gsad

chmod 700 ~/openvas*.sh

  4 Responses to “Backtrack 5: Add OpenVAS 4”

  1. Did you actually test it and got it working with Backtrack 5? because I read on BT forums that there are some issues faced when installing OpenVas on BT5 (Ref: http://www.backtrack-linux.org/forums/backtrack-5-beginners-section/40681-backtrack-5-openvas-4-installation.html)

    Therefore, please let me know if you got this tested successfully..

    Thanks,
    H.

  2. Yes, it is working on my laptop. However, the versions have changed since I wrote this. You can browse to the repository link and see the versions. If I get time I will update the article later today.

  3. I get the errors “Version not found: 2.0.3-1” for openvas-manager and for v3.2.3-1 of openvas-scanner.

    • yes, I made a comment below (or above…not sure which) that the version numbers have changed….so if you browse the repository, you can get the newer versions and update accordingly