ÈÐ Wïgê† Ðð† ñåmê

So backtrack 5 still using the older openvas-2 series and I actually like the newer version.  So here are the instructions on getting the latest version installed. This will install these versions: openvas libraries 4.0.5-1; openvas scanner 3.2.4-1; openvas client 3.0; openvas manager 2.0.4-1; openvas admin 1.1.1-1; gsa 2.0.1-1; gsd 1.2.0-1; openvas cli 1.1.2-1 as packaged by the opensuse build service.

 

NOTE: June 23, 2011 — if the version numbers have changed, you can browse the repository address and update this document accordingly.  Also, yes, this does work on my bt5 install on three different systems.  I am installing on a 4th system now and will update the steps because I think I may have left 1 or 2 out.

Step 1: Configure OBS Repository

[codesyntax lang=”bash” title=”Step 1: Configure OBS Repository”]
sudo apt-get -y install python-software-properties
sudo add-apt-repository “deb http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_10.04/ ./”
sudo apt-key adv –keyserver hkp://keys.gnupg.net –recv-keys BED1E87979EAFD54
sudo apt-get update
[/codesyntax]

Step 2: Quick-Install OpenVAS

[codesyntax lang=”bash” title=”Step 2: Quick-Install OpenVAS”]
# remove the version from backtrack if it exists
apt-get remove libopenvas2 libopenvasnasl2 openvas-plugins-base openvas-plugins-dfsg openvas-server openvas-client openvas-scanner

mkdir -p /usr/local/var/lib/openvas/mgr/

# if this directory exists, archive and remove it then symlink to new location, restore files to new location
ls /var/lib/openvas

# only if above directory exists
cd /var/lib/openvas
tar czfvp ~/var_lib_openvas.tar.gz /var/lib/openvas
rm -rf /var/lib/openvas
sudo ln -s /usr/local/var/lib/openvas /var/lib/openvas
cd /var/lib/openvas
tar xzfvp ~/var_lib_openvas.tar.gz

# because some packages are in bt repo, we specify version numbers to make sure we pull from new repo
sudo apt-get -y install greenbone-security-assistant=2.0.1-1 gsd=1.2.0-1 openvas-cli=1.1.2-1 openvas-manager=2.0.4-1 openvas-scanner=3.2.4-1 openvas-administrator=1.1.1-1 sqlite3 xsltproc libmicrohttpd10 libopenvas4
[/codesyntax]

Step 3: Quick-Start OpenVAS
(copy and paste whole block, during first time you will be asked to set a password for user “admin”)

[codesyntax lang=”bash” title=”Step 3: Quick-Start OpenVAS”]
test -e /var/lib/openvas/CA/cacert.pem || sudo openvas-mkcert -q
sudo openvas-nvt-sync
test -e /var/lib/openvas/users/om || sudo openvas-mkcert-client -n om -i
sudo /etc/init.d/openvas-manager stop
sudo /etc/init.d/openvas-scanner stop
# this next step takes some time to complete as it loads 21,000 plus plugins
sudo openvassd
sudo openvasmd –migrate
sudo openvasmd –rebuild
# you may need to do the next step more than once (about 3 times matter of fact)
sudo killall openvassd

# You need to edit the locations of the DAEMONS and pidfiles in the startup scripts:
sudo sed -i ‘s/DAEMON=\/usr\/sbin\/openvassd/DAEMON=\/usr\/local\/sbin\/openvassd/g’ /etc/init.d/openvas-scanner
sudo sed -i ‘s/PIDFILE=\/var\/run\/openvassd.pid/PIDFILE=\/usr\/local\/var\/run\/openvassd.pid/g’ /etc/init.d/openvas-scanner
sudo sed -i ‘s/DAEMON=\/usr\/sbin\/openvasmd/DAEMON=\/usr\/local\/sbin\/openvasmd/g’ /etc/init.d/openvas-manager
sudo sed -i ‘s/PIDFILE=\/var\/run\/openvasmd.pid/PIDFILE=\/usr\/local\/var\/run\/openvasmd.pid/g’ /etc/init.d/openvas-manager
sudo sed -i ‘s/DAEMON=\/usr\/sbin\/openvasad/DAEMON=\/usr\/local\/sbin\/openvasad/g’ /etc/init.d/openvas-administrator
sudo sed -i ‘s/PIDFILE=\/var\/run\/openvasad.pid/PIDFILE=\/usr\/local\/var\/run\/openvasad.pid/g’ /etc/init.d/openvas-administrator
sudo sed -i ‘s/PIDFILE=\/var\/run\/gsad.pid/PIDFILE=\/usr\/local\/var\/run\/gsad.pid/g’ /etc/init.d/greenbone-security-assistant
sudo ln -s /usr/sbin/openvassd /usr/local/sbin/openvassd
sudo ln -s /usr/sbin/openvasmd /usr/local/sbin/openvasmd
sudo ln -s /usr/sbin/openvasad /usr/local/sbin/openvasad
sudo ln -s /usr/sbin/gsad /usr/local/sbin/gsad

# now we can start it all up
sudo /etc/init.d/openvas-scanner start
sudo /etc/init.d/openvas-manager start
sudo /etc/init.d/openvas-administrator restart
sudo /etc/init.d/greenbone-security-assistant restart

test -e /var/lib/openvas/users/admin || sudo openvasad -c add_user -n admin -r Admin
[/codesyntax]

Step 4: Testing All Is Working

[codesyntax lang=”bash”]

ps aux | grep openvas
root     26477  0.0  0.5  96404 49080 ?        Ss   02:04   0:00 openvassd: waiting for incoming connections
root     26497  0.1  0.1 127184 15820 pts/2    S    02:05   0:00 /usr/local/sbin/openvasmd --database=/var/lib/openvas/mgr/tasks.db --listen=127.0.0.1 --port=9390 --slisten=127.0.0.1 --sport=9391
root     26520  0.0  0.0  72404  1476 pts/2    S    02:06   0:00 /usr/local/sbin/openvasad --listen=127.0.0.1 --port=9393 --users-dir=/var/lib/openvas/users --scanner-config-file=/etc/openvas/openvassd.conf --sync-script=/usr/sbin/openvas-nvt-sync

[/codesyntax]

Step 5: Create Additional Users
[codesyntax lang=”bash” title=”Step 4: Create Additional Users”]
sudo openvasad -c add_user -n USERNAME -r Admin/User
[/codesyntax]

Step 6: Log into OpenVAS as “admin”

Open https://localhost:9392/ or start “gsd”.

Step 7: Create start-up and stop scripts:

vi ~/openvas-start.sh

[codesyntax lang=”bash”]
#!/bin/bash

sudo /etc/init.d/openvas-scanner start
sleep 10
sudo /etc/init.d/openvas-manager start
sleep 10
sudo /etc/init.d/openvas-administrator restart
sleep 10
sudo /etc/init.d/greenbone-security-assistant restart
sleep 10
gsd &
[/codesyntax]

create the stop script:

vi ~/openvas-stop.sh

[codesyntax lang=”bash”]
#!/bin/bash

sudo /etc/init.d/openvas-scanner stop
sleep 10
sudo /etc/init.d/openvas-manager stop
sleep 10
sudo /etc/init.d/openvas-administrator stop
sleep 10
sudo /etc/init.d/greenbone-security-assistant stop
sleep 10
sudo killall openvassd
sleep 10
sudo killall openvasmd
sleep 10
sudo killall openvasad
sleep 10
sudo killall gsad
sleep 10

ps aux | grep openvas
ps aux | grep gsad
[/codesyntax]

chmod 700 ~/openvas*.sh