1) Create a folder to put all sources packages
# mkdir openvas-src # cd openvas-src
2) Download the last .tar.gz
# wget http://wald.intevation.org/frs/download.php/2016/openvas-scanner-5.0.1.tar.gz # wget http://wald.intevation.org/frs/download.php/2017/openvas-manager-6.0.1.tar.gz # wget http://wald.intevation.org/frs/download.php/2018/greenbone-security-assistant-6.0.1.tar.gz # wget http://wald.intevation.org/frs/download.php/1987/openvas-cli-1.4.0.tar.gz # wget http://wald.intevation.org/frs/download.php/2015/openvas-libraries-8.0.1.tar.gz
2) Extract the package
# for A in `ls -1`; do tar xzvf $A; done
or
# find . -name \*.gz -exec tar zxvfp {} \;
3) Check the Prerequisites
General build environment:
* a C compiler (e.g. gcc)
* bison
* flex
* cmake
* pkg-config
Specific development libraries:
* libglib >= 2.16
* libgnutls >= 2.12
* libgcrypt
* zlib
* libpcap
* libgpgme >= 1.1.2
* uuid-dev (from e2fsprogs)
* libssh >= 0.5.0
* libhiredis >= 0.10.1
Prerequisites for building documentation:
* doxygen
* xmltoman (optional, for building man page)
* sqlfairy (optional, for producing database diagram)
Recommended to have WMI support:
* openvas-smb
Recommended to have improved SNMP support:
* netsnmp
Recommended to have improved SSL support:
* libksba >= 1.0.7
Recommended to have LDAP support:
* libldap >= 2.4.11
(LDAP can be disabled with -DBUILD_WITHOUT_LDAP=1)
4) Install prerequisites on Debian GNU/Linux ‘Wheezy’ 7:
# apt-get install build-essential bison flex cmake pkg-config libglib2.0-0 libglib2.0-dev libgnutls26 libgnutls-dev libpcap0.8 libpcap0.8-dev libgpgme11 libgpgme11-dev doxygen libuuid1 uuid-dev sqlfairy xmltoman sqlite3 libxml2-dev libxslt1.1 libxslt1-dev xsltproc libmicrohttpd-dev libsqlite3-dev rsync libldap2-dev libhiredis-dev
4b) Install prerequisites on Debian GNU/Linux 8:
# apt-get install build-essential bison flex cmake pkg-config libglib2.0-0 libglib2.0-dev libgnutls26 libgnutls28-dev libpcap0.8 libpcap0.8-dev libgpgme11 libgpgme11-dev doxygen libuuid1 uuid-dev sqlfairy xmltoman sqlite3 libxml2-dev libxslt1.1 libxslt1-dev xsltproc libmicrohttpd-dev libsqlite3-dev rsync libldap2-dev libhiredis-dev
5) With necessary packages installed we can move on to compiling and installing the different OpenVAS components. Enter each of the components directories and perform the following steps. The order should not matter as long as openvas-libraries-8.0.1
is installed correctly.
# cd {component} # mkdir build # cd build # cmake .. # make # make install
6) Now we are getting close, a few more steps and you will be able login to the OpenVAS scanner and start testing your system.
# openvas-mkcert # ldconfig # openvassd
7) Check that openvassd
has started correctly and is running.
# ps -ef | grep openvas
8) Lets sync NVT plugins and the vulnerability data.
# openvas-nvt-sync # openvas-scapdata-sync # openvas-certdata-sync
9) Nearly there! Create a user account and client certificate.
# openvasmd --create-user=admin --role=Admin && openvasmd --user=admin --new-password=admin # openvas-mkcert-client
10) Start All the Things! Note you can run the Greenbone Security Assistant Client with gsad --http-only
to run it without SSL support, however clear text protocols are for wimps so get on the HTTPS. Then check you have openvassd / openvasmd / gsad
running.
# openvasmd --rebuild --progress -v # openvasmd # gsad # ps -ef | grep openvas
And confirm each component is listening on its port.
# netstat -anp | grep LISTEN tcp 0 0 0.0.0.0:9390 0.0.0.0:* LISTEN 3067/openvasmd tcp 0 0 0.0.0.0:9391 0.0.0.0:* LISTEN 2453/openvassd: Waiting tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2772/sshd tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 3070/gsad
11) check the entire configuration with the script: openvas-check-setup
12) open the site https://IP and login on it with the credentials admin/admin