OpenVAS

net-analyzer/openvas


Source Repository:Repository:Gentoo Portage Tree

http://www.openvas.org

Summary: OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

Use Flags

pdf
Enable pdf report creation

News

Drobbins

New Squeezelite Ebuild

Squeezelite streams audio from Logitech Media Server, supporting FLAC, MP3, and hi-res DSD (SACD) formats.
2017-01-06 by Drobbins
Drobbins

New Raspberry Pi and ODROID builds

We now have builds that are optimized for various Raspberry Pi and ODROID systems.
2017-01-02 by Drobbins
Oleg

LLVM Targets

LLVM Targets
2016-12-08 by Oleg
More...

OpenVAS

Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

Install

To install openvas, emerge it:

# emerge openvas

Configure

Create a certificate for the server, choosing the default values if desired:

# openvas-mkcert
Create a client certificate::

# openvas-mkcert-client -n -i
Update the plugins and vulnerability data:

# openvas-nvt-sync
# openvas-scapdata-sync
# openvas-certdata-sync
Start OpenvVas Scanner (Required for next steps):

# /etc/init.d/openvassd start
This step can load for few minutes, use ps aux to check when done (Waiting for incoming connections) :

# ps aux

Initializing OpenVas Manager Database:

# /usr/sbin/openvasmd --rebuild --progress
Add an administrator user account:

#  openvasmd --create-user=admin --role=Admin
#  openvasmd --user=admin --new-password=your_new_password

Configure Redis (Required Since OpenVas Manager 6)

Configure redis as perscribed by the OpenVAS redis configuration. In summary, amend the following to your /etc/redis.conf

unixsocket /tmp/redis.sock
port 0
timeout 0

Start Redis:

#  /etc/init.d/redis start

Check your Installation, Settings and Start Services

Check you Install Settings with default utility:

#  openvas-check-setup --v8

Check your service settings

#  nano /etc/conf.d/openvassd
#  nano /etc/conf.d/openvasmd
#  nano /etc/conf.d/gsad

Start your services:

#/etc/init.d/openvasmd start
#/etc/init.d/gsad start

Good Practices to Install and expand your OpenVas Setting

Set a Password Policy for OpenVas:

#  nano /etc/openvas/pwpolicy.conf
Enable NVT signature checking: See http://www.openvas.org/trusted-nvts.html

Install RPM and Alien (for LSC credential package generation support on target systems):

# emerge app-arch/alien app-arch/rpm
Install Haveged entropy (for speed up some actions):

# emerge sys-apps/haveged
# rc-update add haveged defaul
#  /etc/init.d/haveged start