en
  English
Phone :  +370 (5) 204-1903
Email: sales@1gbits.com

Install OpenVAS in Kali Linux

OpenVAS (GVM) is an open-source vulnerability scanner used to perform network vulnerability tests in Linux. This scanner plays a vital role in penetration testing. You can handle more than one target host at a time using the OpenVAS.

Linux Tutorials Jan 07, 18 by Mery 7 min Read
Install OpenVAS in Kali Linux

OpenVAS or Open Vulnerability Assessment System is a pen-testing framework that uses a database to scan and test systems for vulnerabilities. The database is constantly being updated and comprises a collection of known exploits and vulnerabilities.

OpenVAS consists of:

  • A database comprised of results and configurations
  • A Scanner that runs various Network Vulnerability Tests
  • A Collection of Network Vulnerability tests
  • A Greenbone Security Assistant: a web interface that allows you to run and manage scans in the browser

This article explains how to install OpenVAS on Kali Linux. We recommend that if you want to install OpenVAS, use Kali Linux instead of using CentOS or any other Linux based distributions. The process is much smoother when installing on Kali compared to other distributions.

System resources

When you are using Kali Linus for any OpenVAS scanning, you should pay close attention to resource usage. Whether you are using a virtual machine or a bare metal, you should have the minimum requirements of CPU and memory.

Minimum CPU: 4 cores

Minimum memory: 8 GB

If you plan to run multiple scans parallel to each other, you will need more resources.

Installing OpenVAS on Kali Linux

Before installing OpenVAS, you should update your system. (You can skip this step if you have an updated system).

apt-get update

apt-get dist-upgrade

Now that the system is up to date, we can start the installation process for OpenVAS (Choose only one).

apt-get install openvas

Now that OpenVAS is installed, you will get access to the setup script. It would be best if you launched it to configure the OpenVAS for first-time use. This script will configure OpenVAS with the needed services, user accounts and the latest NVT updated from the Greenbone Community Feed.

openvas-setup

This setup is completely automated, and you will get working and up to date OpenVAS installation once the installation is completed. You can take a small coffee break because this takes a bit of time to install.

During the configuration process, you will be given a password. Note it down as it will be needed to access the Greenbone Security Assistant web interface.

Now start the OpenVAS service.

openvas-start

An alternative method for installing OpenVAS

The main difference between this method and the above-mentioned one is the switch from ‘openvas’ to ‘gvm’ rebranding. For some versions of Kali Linux, this is the method you should use. Once you have the Kali Linux system up and running, first let’s go ahead and update the system:

apt-get update

apt-get upgrade

Install OpenVAS using the following command:

apt-get install gvm*

Now run the setup program.

gvm-setup

Don’t forget to note down the password that will be generated. This will be needed to access the web interface.

If you are using the OpenVAS system as a server on a remote server, you need to allow remote access to the service. To do that, make the following configurations on your Firewall. This step can be avoided if you are using it on your local workstation!

apt-get install ufw

ufw enable

ufw allow 80

ufw allow 9392

Now everything is set. Start the OpenVAS service by entering:

gvm-start

Common Errors: solutions

When installing OpenVAS on older versions of Kali or other Debian based distros, you might come across some errors. Depending on your system configurations, you might need to install SQLite database or the PostgreSQL database.

To install PostgreSQL:

apt-get install postgresql

service postgresql start

To install SQLite3 database:

apt-get install sqlite3

service sqlite3 start

Using OpenVAS via the web interface (Green Security Assistant)

Greenbone web client can be accessed via your browser, and this is a feature that comes with OpenVAS. You can log in using the user credentials and perform scans within a matter of minutes using a graphical user interface.

Before we get to the browser, let’s have a look if gsad is running and listening:

netstat -apn | grep LISTEN

If your output is similar to this one, we can continue the process.

tcp 0 0  127.0.0.1:9390  0.0.0.0:*  LISTEN 128108/openvasmd    
tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 128112/gsad       
tcp 0 0 127.0.0.1:9392 0.0.0.0:* LISTEN 128106/gsad

Open your browser and type https://127.0.0.1:9392 in the address bar. This will give a self-signed SSL certificate. You should accept thins and continue to the window where you should enter the Username and Password.

Login to your dashboard using admin as the username, and as the password, use the password from the script run in the earlier step.

How to create a scan in OpenVAS?

Now that we have access to the OpenVAS web UI let’s go ahead and initiate a scan task. A task in OpenVAS defines the target(s) you want to be scanned and the required scanning parameters. For the sake of simplicity, we will use the default scan options.

You can navigate to the Scans menu and click on the Tasks submenu to launch a new scan.

That will launch a window allowing you to provide all relevant information for a scanning task.

  • Task name
  • Scan target
  • Schedule

Use the default settings and click on Create.

To run the task, click on the play button on the bottom left of the task list.

How to add a target in OpenVAS?

To add new targets, navigate to the configuration menu and select targets.

On the top left corner, select the blue icon to start adding targets. Doing that will launch a dialogue window that allows you to add information about the target, such as:

  • Target Name
  • The IP address

Once you add all the relevant information about the target, you should see it listed in the targets section.

How to add new users to OpenVAS?

You can add new users to OpenVAS and assign them various roles. To add a user or a role, you should go to the Administration section and click on users. Select New and add the user information:

Conclusions

Congratulations on making it to the end of this article. We covered the installation steps of OpenVAS on kali Linus and how to access it via the browser. OpenVAS is a powerful tool that brings the power of cybersecurity research into your hands. You can use it to monitor devices in your network and websites on remote servers.

If you are facing any problem with the installation, feel free to contact us through the comment section here. We will reach out to you and help.

author img

Mery

Generic placeholder image
Mark

2018 May 23, 00:05:12

Hi, thanks for the info. Do you ever encounter the error message "Warning: SecInfo Database Missing" on the home screen in the top left.

Leave A Comment