LINUXMAKER, OpenSource, Tutorials

OpenVAS Vulnerability Scanning

Vulnerability scanning is a crucial phase of a penetration test. Having an updated vulnerability scanner in your security toolkit can often make a real difference by allowing you to spot overlooked vulnerable elements. For this reason, the latest and newly released OpenVAS tool and libraries for Kali Linux have been manually packaged. How to install OpenVas on Kali Linux will be demonstrated below.

Prepare Kali Linux for vulnerability scanning with installation of OpenVAS

Unless you have already done so, make sure that the Kali Linux is up to date and install the latest OpenVAS. When finished, run the openvas-setup command to configure OpenVAS. You automatically download the latest rules, create admin users, and start the various services. Depending on bandwidth and computer resources, this may take a while.

root@kalilinux:~# apt-get update
root@kalilinux:~# apt-get -y dist-upgrade

root@kalilinux:~# apt-get -y install openvas
root@kalilinux:~# openvas-setup

/var/lib/openvas/private/CA created
/var/lib/openvas/CA created

[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed
...
sent 1143 bytes received 681741238 bytes 1736923.26 bytes/sec
total size is 681654050 speedup is 1.00
[i] Initializing scap database
[i] Updating CPEs
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2002.xml
[i] Updating /var/lib/openvas/scap-data/nvdcve-2.0-2003.xml
...
Write out database with 1 new entries
Data Base Updated
Restarting Greenbone Security Assistant: gsad.
User created with password '6062d074-0a4c-4de1-a26a-5f9f055b7c88'.

When openvas-setup is done with its process, you should test if the OpenVAS Manager, Scanner and GSAD services are running:

root@kalilinux:~# netstat -antp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q   Local Address    Foreign Address  State    PID/Program name
tcp        0      0   127.0.0.1:9390   0.0.0.0:*        LISTEN   9583/openvasmd
tcp        0      0   127.0.0.1:9391   0.0.0.0:*        LISTEN   9570/openvassd
tcp        0      0   127.0.0.1:9392   0.0.0.0:*        LISTEN   9596/gsad

Start the OpenVAS services

Once OpenVAS is configured, you can start all necessary services by running openvas-start.

root@kalilinux:~# openvas-start
Starting OpenVas Services
Starting Greenbone Security Assistant: gsad.
Starting OpenVAS Scanner: openvassd.
Starting OpenVAS Manager: openvasmd.

If you need to fix problems, you can use openvas-check-setup to identify the problem.

Connect to the OpenVAS web interface

Enter your browser 127.0.0.1 and accept the self-signed SSL certificate, then log in with the credentials for the administrator. The administrator password was generated during the setup phase (see the above issue if you missed it). You can customize the password for the user admin under "Administration => Users".

Now OpenVAS is ready for the deployment to configure it and run a scan for a specific IP or range. Happy Vulnerability Scanning!