I needed to run OpenVAS (OpenVAS stands for Open Vulnerability Assessment System) the Linux based vulnerability management software on a virtual machine, which means it does not have its own monitor that one sits at to see this screen:
OpenVAS is made by Greenbone, “which develops OpenVAS as part of their commercial vulnerability management product family “Greenbone Security Manager” (GSM). “(from their main web page:)
OpenVAS was developed out of the Nessus code base since 2005, now at github. The developer of Nessus decided to make Nessus closed source(proprietary) in October of 2005, so openVAS was created and initially named GNessUs.
Why am I talking OpenVAS today? Because I was tasked to install it on a virtual system.
So, one has to install OpenVAS (or update on some Linux distributions since it is already installed by default). So I work with Kali Linux, since I use a lot of other tools that are built into the distribution. I wanted to keep some familiarity and so run OpenVAS on Kali Linux.
What are you installing? Several pieces that will need to run on the virtual machine:
As you can see in the image above the Greenbone Security Assistant is software that connects to the OpenVAS Manager and Scanner to run the scans to the targets. OpenVAS uses NVTs(Network Vulnerability Tests) to run the scans. Up to this point (3/18/2019) there are over 49600 tests. CVEs now number 115906.
So in a standard kali Linux install one has the OpenVAS version that comes with it, so to use OpenVAS you have to upgrade Kali first using the following commands:
apt-get update && apt-get install openvas
So now that you have the latest version on your machine how are you going to access OpenVAS? since you cannot sit at the monitor of a virtual system (or what is called a headless install).
After some (actually a lot) of review online and some tinkering I found it useful to know some systemd. And it just so happens that systemd has several configuration files in a few directories:
The one that is important and relevant for OpenVAS is the /lib/systemd/system directory.
In here there are 3 files that are of importance:
What we have to do to make the installation complete is to replace the ip address of the virtual machine to the greenbone-security-assistant.service file.
change it in this manner, run the following command(changing <your ip> to the virtual system ip address):
Sed –e ‘s/mlisten=<your ip>/127.0.0.1/g’ greenbone-security-assistant.service
Example the virtual system ip address is 18.104.22.168 so this is what should be run:
Sed –e ‘s/mlisten=192.168.0.1/127.0.0.1/g’ greenbone-security-assistant.service
After running this command you have to run the following:
(these commands need to be run with root permissions(sudo))
So once the ip address is entered in command line, and the systemd file .service file reloaded you can restart the gsad and then log into the web interface assuming you already set up the users. To access the Greenbone-security-assistant program enter the following in your browser:
From there you will have to learn how to create scans and more. But at least it is working remotely.
There is also a small issue with this procedure, it is not supported by Greenbone, they want you to install the Greenbone community edition
The security feed is more stable than the community feed (the free version) and has encrypted transmissions.
Contact us to discuss