May 182011
 
openvas gsd interface

So backtrack 5 still using the older openvas-2 series and I actually like the newer version.  So here are the instructions on getting the latest version installed. This will install these versions: openvas libraries 4.0.5-1; openvas scanner 3.2.4-1; openvas client 3.0; openvas manager 2.0.4-1; openvas admin 1.1.1-1; gsa 2.0.1-1; gsd 1.2.0-1; openvas cli 1.1.2-1 as packaged by the opensuse build service.

 

NOTE: June 23, 2011 — if the version numbers have changed, you can browse the repository address and update this document accordingly.  Also, yes, this does work on my bt5 install on three different systems.  I am installing on a 4th system now and will update the steps because I think I may have left 1 or 2 out.

Step 1: Configure OBS Repository

sudo apt-get -y install python-software-properties
sudo add-apt-repository "deb http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_10.04/ ./"
sudo apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys BED1E87979EAFD54
sudo apt-get update

Step 2: Quick-Install OpenVAS

# remove the version from backtrack if it exists
apt-get remove libopenvas2 libopenvasnasl2 openvas-plugins-base openvas-plugins-dfsg openvas-server openvas-client openvas-scanner
mkdir -p /usr/local/var/lib/openvas/mgr/
# if this directory exists, archive and remove it then symlink to new location, restore files to new location
ls /var/lib/openvas
# only if above directory exists
cd /var/lib/openvas
tar czfvp ~/var_lib_openvas.tar.gz /var/lib/openvas
rm -rf /var/lib/openvas
sudo ln -s /usr/local/var/lib/openvas /var/lib/openvas
cd /var/lib/openvas
tar xzfvp ~/var_lib_openvas.tar.gz
# because some packages are in bt repo, we specify version numbers to make sure we pull from new repo
sudo apt-get -y install greenbone-security-assistant=2.0.1-1 gsd=1.2.0-1 openvas-cli=1.1.2-1 openvas-manager=2.0.4-1 openvas-scanner=3.2.4-1 openvas-administrator=1.1.1-1 sqlite3 xsltproc libmicrohttpd10 libopenvas4

Step 3: Quick-Start OpenVAS
(copy and paste whole block, during first time you will be asked to set a password for user “admin”)

test -e /var/lib/openvas/CA/cacert.pem || sudo openvas-mkcert -q
sudo openvas-nvt-sync
test -e /var/lib/openvas/users/om || sudo openvas-mkcert-client -n om -i
sudo /etc/init.d/openvas-manager stop
sudo /etc/init.d/openvas-scanner stop
# this next step takes some time to complete as it loads 21,000 plus plugins
sudo openvassd
sudo openvasmd --migrate
sudo openvasmd --rebuild
# you may need to do the next step more than once (about 3 times matter of fact)
sudo killall openvassd
# You need to edit the locations of the DAEMONS and pidfiles in the startup scripts:
sudo sed -i 's/DAEMON=\/usr\/sbin\/openvassd/DAEMON=\/usr\/local\/sbin\/openvassd/g' /etc/init.d/openvas-scanner
sudo sed -i 's/PIDFILE=\/var\/run\/openvassd.pid/PIDFILE=\/usr\/local\/var\/run\/openvassd.pid/g' /etc/init.d/openvas-scanner
sudo sed -i 's/DAEMON=\/usr\/sbin\/openvasmd/DAEMON=\/usr\/local\/sbin\/openvasmd/g' /etc/init.d/openvas-manager
sudo sed -i 's/PIDFILE=\/var\/run\/openvasmd.pid/PIDFILE=\/usr\/local\/var\/run\/openvasmd.pid/g' /etc/init.d/openvas-manager
sudo sed -i 's/DAEMON=\/usr\/sbin\/openvasad/DAEMON=\/usr\/local\/sbin\/openvasad/g' /etc/init.d/openvas-administrator
sudo sed -i 's/PIDFILE=\/var\/run\/openvasad.pid/PIDFILE=\/usr\/local\/var\/run\/openvasad.pid/g' /etc/init.d/openvas-administrator
sudo sed -i 's/PIDFILE=\/var\/run\/gsad.pid/PIDFILE=\/usr\/local\/var\/run\/gsad.pid/g' /etc/init.d/greenbone-security-assistant
sudo ln -s /usr/sbin/openvassd /usr/local/sbin/openvassd
sudo ln -s /usr/sbin/openvasmd /usr/local/sbin/openvasmd
sudo ln -s /usr/sbin/openvasad /usr/local/sbin/openvasad
sudo ln -s /usr/sbin/gsad /usr/local/sbin/gsad
# now we can start it all up
sudo /etc/init.d/openvas-scanner start
sudo /etc/init.d/openvas-manager start
sudo /etc/init.d/openvas-administrator restart
sudo /etc/init.d/greenbone-security-assistant restart
test -e /var/lib/openvas/users/admin || sudo openvasad -c add_user -n admin -r Admin

Step 4: Testing All Is Working

ps aux | grep openvas
root     26477  0.0  0.5  96404 49080 ?        Ss   02:04   0:00 openvassd: waiting for incoming connections
root     26497  0.1  0.1 127184 15820 pts/2    S    02:05   0:00 /usr/local/sbin/openvasmd --database=/var/lib/openvas/mgr/tasks.db --listen=127.0.0.1 --port=9390 --slisten=127.0.0.1 --sport=9391
root     26520  0.0  0.0  72404  1476 pts/2    S    02:06   0:00 /usr/local/sbin/openvasad --listen=127.0.0.1 --port=9393 --users-dir=/var/lib/openvas/users --scanner-config-file=/etc/openvas/openvassd.conf --sync-script=/usr/sbin/openvas-nvt-sync

Step 5: Create Additional Users

sudo openvasad -c add_user -n USERNAME -r Admin/User

Step 6: Log into OpenVAS as “admin”

Open https://localhost:9392/ or start “gsd”.

openvas gsd interface

Step 7: Create start-up and stop scripts:

vi ~/openvas-start.sh

#!/bin/bash
sudo /etc/init.d/openvas-scanner start
sleep 10
sudo /etc/init.d/openvas-manager start
sleep 10
sudo /etc/init.d/openvas-administrator restart
sleep 10
sudo /etc/init.d/greenbone-security-assistant restart
sleep 10
gsd &

create the stop script:

vi ~/openvas-stop.sh

#!/bin/bash
sudo /etc/init.d/openvas-scanner stop
sleep 10
sudo /etc/init.d/openvas-manager stop
sleep 10
sudo /etc/init.d/openvas-administrator stop
sleep 10
sudo /etc/init.d/greenbone-security-assistant stop
sleep 10
sudo killall openvassd
sleep 10
sudo killall openvasmd
sleep 10
sudo killall openvasad
sleep 10
sudo killall gsad
sleep 10
ps aux | grep openvas
ps aux | grep gsad

chmod 700 ~/openvas*.sh

  4 Responses to “Backtrack 5: Add OpenVAS 4”

  1. Did you actually test it and got it working with Backtrack 5? because I read on BT forums that there are some issues faced when installing OpenVas on BT5 (Ref: http://www.backtrack-linux.org/forums/backtrack-5-beginners-section/40681-backtrack-5-openvas-4-installation.html)

    Therefore, please let me know if you got this tested successfully..

    Thanks,
    H.

  2. Yes, it is working on my laptop. However, the versions have changed since I wrote this. You can browse to the repository link and see the versions. If I get time I will update the article later today.

  3. I get the errors “Version not found: 2.0.3-1” for openvas-manager and for v3.2.3-1 of openvas-scanner.

    • yes, I made a comment below (or above…not sure which) that the version numbers have changed….so if you browse the repository, you can get the newer versions and update accordingly

This site uses Akismet to reduce spam. Learn how your comment data is processed.