OpenVAS

net-analyzer/openvas


Source Repository:Repository:Gentoo Portage Tree

http://www.openvas.org

Summary: OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

Use Flags

pdf
Enable pdf report creation

News

Oleg

LLVM Targets

LLVM Targets
2016-12-08 by Oleg
Oleg

GCC Update

GCC Update
2016-11-25 by Oleg
Oleg

Portage Git Sync Fix

Portage Git Sync fix
2016-11-14 by Oleg
More...

OpenVAS

Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

Install

To install openvas, emerge it:

# emerge openvas

Configure

Create a certificate for the server, choosing the default values if desired:

# openvas-mkcert
Create a client certificate::

# openvas-mkcert-client -n -i
Update the plugins and vulnerability data:

# openvas-nvt-sync
# openvas-scapdata-sync
# openvas-certdata-sync
Start OpenvVas Scanner (Required for next steps):

# /etc/init.d/openvassd start
This step can load for few minutes, use ps aux to check when done (Waiting for incoming connections) :

# ps aux

Initializing OpenVas Manager Database:

# /usr/sbin/openvasmd --rebuild --progress
Add an administrator user account:

#  openvasmd --create-user=admin --role=Admin
#  openvasmd --user=admin --new-password=your_new_password

Configure Redis (Required Since OpenVas Manager 6)

Configure redis as perscribed by the OpenVAS redis configuration. In summary, amend the following to your /etc/redis.conf

unixsocket /tmp/redis.sock
port 0
timeout 0

Start Redis:

#  /etc/init.d/redis start

Check your Installation, Settings and Start Services

Check you Install Settings with default utility:

#  openvas-check-setup --v8

Check your service settings

#  nano /etc/conf.d/openvassd
#  nano /etc/conf.d/openvasmd
#  nano /etc/conf.d/gsad

Start your services:

#/etc/init.d/openvasmd start
#/etc/init.d/gsad start

Good Practices to Install and expand your OpenVas Setting

Set a Password Policy for OpenVas:

#  nano /etc/openvas/pwpolicy.conf
Enable NVT signature checking: See http://www.openvas.org/trusted-nvts.html

Install RPM and Alien (for LSC credential package generation support on target systems):

# emerge app-arch/alien app-arch/rpm
Install Haveged entropy (for speed up some actions):

# emerge sys-apps/haveged
# rc-update add haveged defaul
#  /etc/init.d/haveged start