In this tutorial, the author will go over automated vulnerability scanning starting with the installation process followed by setting up targets, running internal and external scans, and finally define custom scanning configurations. In part one of this tutorial, the author will also cover the installation of the most recent version of OpenVAS 9.0, released in 2017.
The latest version 9.0 introduces a new web interface which offers end users better ways to manage scanning options, assets, and workflows through the web interface. In this tutorial, the author will walk you through the installation process on Kali Linux so that we can run vulnerability scans from our device, and as a virtual appliance in a network.
The virtual appliance can be installed in a network environment to have it periodically run automated scans on devices present on the network. In part two of “Vulnerability Scanning with OpenVAS 9.0,” the author will also dive a little bit deeper into vulnerability scanning with this tool by configuring targets, assets, and custom scanning configurations.
Before you can start configuring vulnerability scans, you have to install OpenVAS first. You can do this with a package manager or by installing the OpenVAS appliance on VMware Workstation/ESXi, Oracle VirtualBox or Hyper-V.
In the first part of this tutorial, you’ll use APT on Kali Linux and then you will set up the appliance on VMware.
As far as virtual machine resources are concerned, you will need to dedicate 2 GB of RAM and two processor cores to the Kali Linux VM which should be sufficient to run some necessary scans smoothly with a limited number of signatures on a limited number of targets.
Installing Openvas 9 on Kali Linux
To install Openvas 9 and its dependencies on our Kali Linux system we simply have to run the following command:
apt-get update && apt-get install openvas
The next step is to run the setup procedure that will set up OpenVAS and download a large number of Network Vulnerability Tests (NVTs) or signatures.
Due to a large number of NVTs (50.000+), the setup procedure might take a while to complete and consume a considerable amount of data.
If you follow the tutorial by the letter, it will take you no more than 10 minutes to complete.
Run the following command to start the setup process:
When the setup process is finished, all required OpenVAS processes are started, and the web interface will be opened automatically. The web interface is running locally on port 9392 and can be accessed through https://localhost:9392.
OpenVAS will also set up an admin account and automatically generate a password for this account which is displayed in the last section of the setup output:
The next step is to accept the self-signed certificate warning and use the automatically generated admin credentials to log in on the web interface:
After logging in on the web interface we’re redirected to the Greenbone Security Assistant dashboard. From this point on we can start to configure and run vulnerability scans.
Starting and stopping OpenVAS
The next to last thing you should do is familiarize yourself with how to start and stop OpenVAS services. OpenVAS services may consume a lot of resources, so it is best to terminate them when you’re not using OpenVAS. You should do this before the installation of the virtual appliance.
Run the following command to stop the services:
To start the OpenVAS services again, run:
Setting up the OpenVAS Virtual Appliance
Instead of installing OpenVAS on Kali Linux you can also install the OpenVAS virtual appliance in a network and configure it to periodically run scans on the network. The virtual appliance can be downloaded using the following link: http://www.openvas.org/vm.html
After downloading the virtual appliance from the OpenVAS website you must configure a new virtual machine. In this tutorial, you will be using VMware but you can also use other hypervisors such as Hyper-V on Windows or Oracle VirtualBox. In production environments, you will most likely use VMware ESXi, Microsoft Hyper-V or other hypervisors.
Start with configuring a VM with the following specifications:
- Processor cores: 2
- 2 GB RAM
- 10 GB Hard disk
- Network: NAT (only when using VMware Workstation/Free/Virtualbox)
- CD/DVD drive: ISO (choose the downloaded ISO file as a medium)
- Guest operating system: Linux Kernel 4.x or later 64-bit (VMWare) or Other Linux (64bit) (VirtualBox)
For VMWare Workstation the virtual machine will be configured as follows:
And for VMWare ESXi we’ll create a virtual machine with the following specifications:
The next step is to boot the virtual machine which will take us to the following installation menu:
From this menu choose the setup option. Next, we’re asked if we really want to format the hard drive, choose yes:
At this point, the virtual appliance will be installed and we’re presented with a dialog saying that the installation is in progress and the GSM community edition is being prepared. Please note that this process might take a while to complete. When the installation process is finished we have to specify a username for the administrator user. We’ll keep it default as admin as well as the password:
After specifying the username and password we’re asked to reboot the machine, choose Yes to reboot and also to eject the installation medium:
After the virtual machine has rebooted (twice) you will be taken to a login screen looking as follows:
Here we can log in using the credentials we’ve created earlier in the installation process (username: admin). After logging in we’re presented with the following message which tells us OpenVAS has not been fully configured yet. From here we can proceed with the setup process. Choose Yes in the following menu the proceed with the setup process:
Next, we’re asked to configure an IP address for the appliance, choose Yes:
For our test setup, we’ll keep the network configuration default and have it assigned an IP address by our DHCP server. Optionally you can set a static IP address which is, of course, the recommended option in a production environment. Choose Ready to proceed:
The next step is to create a web-admin user, choose Yes in the following menu:
Create the user by choosing a username and password:
Finally, you’ll be asked about a subscription key, unless you’re in the possession of a subscription key, choose Skip which will provide us with the Greenbone community feed:
When we browser to the web interface we’re presented with a login page. Use the credentials of the web-admin account we’ve created during the configuration process:
At this point we’ve got a fully functional OpenVAS virtual appliance up and running that can be configured to run vulnerability scans. This will conclude the installation process of the appliance.