OpenVas is an open source vulnerability scanner. Using authenticated scans we can identify vulnerabilities within the configuration and current versions of software existing on our infrastructures.
SO using a barebones install of Ubuntu 16.04 we are going to install the latest rendition of OpenVAS (that being v9).
Firstly we need to add the APT repository for MRazavi. You will get a warning but its a legitimate repo to add. You’ll want to run an apt-get update afterwards to get the package listings from the repo.
sudo add-apt-repository ppa:mrazavi/openvas sudo apt-get update
Now we can install the core package using:
sudo apt-get install openvas9
We then need to obtain/update the feeds. Now I tried this and forgot how paranoid we set the firewall rules and you’ll need to enable RSYNC outbound to allow the scapdata sync.
sudo greenbone-nvt-sync sudo greenbone-scapdata-sync sudo greenbone-certdata-sync
The second command takes a fair few minutes so if you’re doing this for your first time. Set your coffee/smoke break after launching greenbone-scapdata-sync.
Once feeds are finished youll need to restart the services and rebuild the NVT cache.
sudo service openvas-scanner restart sudo service openvas-manager restart sudo openvasmd --rebuild --progress
Log on via https://localhost:4000. Default user and pass is admin/admin, evidently you might want to change this before logging in.