For the uninitiated, OpenVAS, short for Open Vulnerability Assessment System, is a full-featured vulnerability scanner. It provides unauthenticated, authenticated testing, performance tuning for large-scale scans, and tools to implement any type of vulnerability test. If you’re looking for an open-source alternative to Nessus and Qualys Guard, OpenVAS might be something you might want to consider. With its powerful and intuitive admin web portal, you’ll be able to perform scans easily. For more about OpenVAS, please check its homepage. When you’re ready to install OpenVAS, follow the steps below:
Update Ubuntu
Before installing packages on Ubuntu it’s recommended that you first update the system. To do that run the commands below: After updating Ubuntu, continue below with installing OpenVAS.
Install and Configure OpenVAS
By default, OpenVAS is not available in the Ubuntu repositories. To install it, you’ll have to add its repository to your system. To add its repository, run the commands below: When you add the PPA above, it should display installation help as shown below: Use the help message above to complete the setup. After adding the repository, update Ubuntu archives and install OpenVAS with the following command: During the installation, you will be asked to configure the Redis database for OpenVAS as shown below: Click on the Yes button to finish the installation. To adhere to the help message above, install these packages below: The SQLite 3 database package stores the Common Vulnerabilities and Exposures (CVE) data and some other packages for the PDF report to work. After installing the packages above, run the commands below to download the Network Vulnerability Tests from OpenVAS Feed and sync security content automation protocol data and cert vulnerability data using the commands below: After that, restart the OpenVAS scanner, OpenVAS GSA, and OpenVAS Manager with the following command: To validate if the OpenVAS service is running, run the commands below: It should display a similar message as shown below: Finally, rebuild the OpenVAS database, so the manager can access the NVT data downloaded previously. Finally, open your web browser and browse to the server hostname or IP address followed by port 4000 That will open the OpenVAS portal. Login with the default username and password: To change the admin password, use the commands below: That should do it! Log on to the portal and begin setting up your environment. Conclusion: This post showed you how to install and configure OpenVAS on Ubuntu 18.04 | 16.04. If you find any error above, please use the comment form below to report it. Thanks,
