How to Install OpenVAS on Ubuntu / Debian or Kali Linux Machine?

What is OpenVAS vulnerability scanner?

Install OpenVAS on Ubuntu / Debian or Kali Linux Machine: Open Vulnerability Assessment System (OpenVAS) is an endpoint scanning application tool and it is a web based application for identify and detect vulnerabilities. It is mostly used by companies for risk mitigation solution to quickly identify gaps in their production and stage env. We can say this is a not complete solution but it can be helpful to fix common security vulnerabilities.

You may also like:

• How to configure a host to scan in OpenVAS for vulnerabilities?

Feeds

OpenVAS is part of Greenbone Vulnerability Manager, It is a software framework of several services and tools which offers vulnerability scanning and vulnerability management. It also offer free or paid version but the main difference is in the feeds of Network Vulnerability Tests (NVTs) used by the scanner.

Greenbone Security Feeds know as the paid version of the feeds, other side the free version of the feeds is called Greenbone Community Feed. In this case both feeds are updated on a daily basis and include the most recent threats.

So we can say that the main difference between both feeds is that the Greenbone Security Feed includes some advance NVTs specifically targeted for enterprise env and this difference does not affect tool’s usability for the casual user but may be important for pen tester using it for enterprise-level engagements.

Install OpenVAS on Ubuntu / Debian or Kali Linux Machine

You can install OpenVAS on Virtual Machine or dedicated physical machine. Follow these below steps to install OpenVAS on Ubuntu/Debian or Kali Linux.

Install Dependencies 

$ sudo apt update
$ sudo apt upgrade -y
$ sudo apt dist-upgrade -y

Once all above dependencies install lets install OpenVAS.

$ sudo apt install openvas

Above command will take some time and the next step is to run the install, which will configure OpenVAS and it also download Various Network Vulnerability (NVTs) or signatures. There are huge number of NVTs  approx more than 50,000 so this process will take some and consume some space and data. So approx it will take 10 minutes and I think this is not bad.

Now run the following command to start the setup process:

$ gvm-setup

Once the configuration process is completed, all the necessary OpenVAS process will start and also web interface will open automatically. Web interface runs on local port 9392 and you can access it through below link:

https://localhost:9392

OpenVAS also setup an admin account and automatically generate a password for this account. You can find the password in the last section of the setup output.

Verify the installation

Now you can verify the installation running the following command:

$ gvm-check-setup

Password Reset

If you forgot to note down the password, you can change the admin password using this below commands:

$ gvmd --user=admin --new-password=passwd;

Next step is to accept the self-signed certificate warning msg and use the automatically generated admin credentials to login to web interface.

Stop and Start OpenVAS

To stop OpenVAS service run this below command:

$ sudo gvm-stop

To start OpenVAS service run this command:

$ sudo gvm-start

Create New User

To create new user run the following command

$ sudo runuser -u _gvm -- gvmd --create-user=admin2 --new-password=12345

Change password for created user:

$ sudo runuser -u _gvm -- gvmd --user=admin --new-password=new_password

FAQs

What is OpenVAS?

Open Vulnerability Assessment System (OpenVAS) is an endpoint scanning application tool and it is a web based application for identify and detect vulnerabilities. It is mostly used by companies for risk mitigation solution to quickly identify gaps in their production and stage env.

Is OpenVAS Scanner tool is free to use?

Yes, It is free to use. it is a cross-platform vulnerability scanner that executes more than 50,000 Network Vulnerability Test (NVTs).

OpenVAS stands for?

OpenVAS stands for Vulnerability Assessment System (OpenVAS).

NVTs stands for ?

NVTs stands for Network Vulnerability Tests (NVTs).

Is OpenVAS easy to use?

Actually OpenVAS is easy to use and it take some time setting up and downloading the signatures and NVTs data that’s why initial setup take quite a long  even with a fast internet connection.