In this small post, I will explain how to install and setup OpenVAS on a Kali Linux.
First, be sure to have your system up to date.
# sudo apt-get update && sudo apt-get upgrade --yes
After that, you can install openVAS.
# sudo apt-get install openvas
If you run Debian 10 Buster, please also install the following packages:
# sudo apt install rsync sqlite3 xsltproc
Once done, just run the setup to perform an initial configuration
This step takes a lot of time because the setup will download all the latest threat definition, configure the certificate and so on. Once done, I suggest you to create a new custom user using the following command:
# openvasmd --create-user=superman --new-password=mysecret1234$
By default, OpenVAS only listen on the loopback interface. If you want to be able to remotely access to the OpenVAS’ web interface, you must perform some changes. If you want to allow openVAs to listen on all interface, you must use 0.0.0.0 instead of 127.0.0.1.
Since we are on systemd, you actually need to modify 3 .service files. To make it quicky, you can use sed command to remplace 127.0.0.1 by 0.0.0.0.
# cd /lib/systemd/system # sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service
This command only display the futur changes. If you are ok with this, simply add the option -i at the end of the previous command:
# sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service -i
After that, you need to reload systemd deamons and restart the OpenVAS services.
# systemcl daemon-reload # openvas-stop && openvas-start
If you want to hosting this service on a VPS system, you should add the following in the service file
# sudo ExecStart=/usr/sbin/gsad --foreground --listen=0.0.0.0 --port=9392 --mlisten=0.0.0.0 --mport=9390 --allow-header-host=HOST OR IP --timeout=1440
That it. Now you should be able to access to the web interface of your server using https://<ip-address>:9392