Set Up a Vulnerability Scanner with OpenVAS on Ubuntu 19.04

OpenVAS is a full-featured vulnerability scanner. Its capabilities include authenticated and unauthenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

Ubuntu includes the OpenVAS in its repository, which is free and open source. This tutorial will walk you through the steps to set up OpenVAS on Ubuntu 19.04.

For this tutorial, our Ubuntu 19.04 virtual machine has 2 vCPUs and 2GB of RAM, which is generally sufficient to scan small numbers of hosts at once. However, still if you can provide more resources to it, the smoother your scanning system will run.

Installing OpenVAS
If prerequisites as stated above are in place then you may proceed to install OpenVAS using the following commands:

sudo apt install rpm nsis alien

sudo apt install openvas

The installation will take several minutes to complete.

Configuring OpenVAS
When you are done with installing openvas, execute the following command to run its initial configuration process:

sudo openvas-setup

It will take plenty of time to complete. At the end of the setup, automatically-generated password for the admin user will be displayed. It is highly recommended to change auto generated password so that you can remember it.

Managing OpenVAS Users
If you need to create an additional OpenVAS users, run ‘openvasmd’ with the –create-user option, which will add a new user and display the randomly-generated password.

sudo openvasmd --create-user=operator

sudo openvasmd --get-users


If you’re anything like me, you will forget to save the admin password or accidentally delete it. Fortunately, changing OpenVAS user passwords can easily be accomplished with ‘openvasmd’ and the –new-password option.

sudo openvasmd --user=operator --new-password=yourpassword
sudo openvasmd --user=admin --new-password=yourpassword

Starting and Stopping OpenVAS
You can start or stop openvas services by executing the following commands:

sudo systemctl enable openvas-manager
sudo systemctl enable openvas-scanner

sudo systemctl start openvas-manager
sudo systemctl start openvas-scanner

If you want to stop openvas services, run the following to stop it:

sudo systemctl stop openvas-scanner
sudo systemctl stop openvas-manager

When the services finish initializing, you should find TCP ports 9390 and 9392 listening on your loopback interface.

sudo netstat -ant

By default, the web interface is only accessible from the local computer and you will not be able to access it from a remote machine. If you need to make it accessible from the intranet or internet then open the following file with root privileges in your preferred text editor:

sudo nano /etc/default/greenbone-security-assistant

Near the top, you should see a parameter that specifies the address that the web interface will listen on. You need to change the value from to the real IP address of your Ubuntu machine. This will let it listen to connections from the intranet, and you will be able to connect:

When done, save and close.

Accessing OpenVAS Web Interface
The Greenbone Security Assistant is the OpenVAS web interface available at https://ip_address:9392. After accepting the self-signed certificate warning you will be presented a login page.

You will need to enter the username and password you configured earlier. For this guide, the username was admin.

Once you sign in, you will see the main dashboard.

Set Up Credentials
OpenVAS provide the most complete results when you are able to provide the scanning engine with credentials to use on scanned systems. OpenVAS will use these credentials to log in to the scanned system and perform detailed enumeration of installed software, patches, etc. You can add credentials via the “Credentials” entry under the “Configuration” menu.

Click on Star

Enter the credentials information of the hosts you want to scan and click Create.

Target Configuration
You can configure them under the “Targets” section of the “Configuration” menu.

Scan Configuration
Prior to launching a vulnerability scan, you should fine-tune the Scan Config that will be used, which can be done under the “Scan Configs” section of the “Configuration” menu. You can clone any of the default Scan Configs and edit its options, disabling any services or checks that you don’t require.

Task Configuration
Your credentials, targets, and scan configurations are in place so now you’re ready to put everything together and run a vulnerability scan. In OpenVAS, vulnerability scans are conducted as “Tasks”. When you set up a new task, you can further optimize the scan by either increasing or decreasing the concurrent activities that take place.

With more finely-tuned scan settings and target selection, the results of your scan will be much more useful.

Wrapping up
With the wide range of available features in OpenVAS, we were only able to touch the surface. The number of connected devices in our homes and workplaces is increasing all the time and managing them becomes more of a challenge. Making effective use of a vulnerability scanner can make that management at least a little bit easier.

No comments:

Powered by Blogger.