Das Open Vulnerability Assessment System (OpenVAS) ist eine Open Source Lösung für Schwachstellen-Scanning und Schwachstellen-Management. Sie wird sowohl von Sicherheitsexperten als auch Privatanwendern eingesetzt.
OpenVAS ist die bei den Greenbone Security Solutions eingesetzte und unterstütze Scan-Engine. Das Entwicklungs-Team von Greenbone trägt seit 2005 maßgeblich zur Weiterentwicklung bei.
OpenVAS ist bereits in Backtrack 5 R1 integriert. Leider ist die Installation nicht so einfach hinzubekommen. Hier ist eine kurze Anleitung:
Die Installation wird am einfachsten von der Konsole aus durchgeführt.
apt-get update
apt-get upgrade
cd /pentest/miscellaneous/openvas/
./openvas-check-setup.sh
openvas-check-setup 2.0.6
Test completeness and readiness of OpenVAS-4
Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.
Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 3.2.3.
ERROR: No CA certificate file of OpenVAS Scanner found.
FIX: Run 'openvas-mkcert'.
ERROR: Your OpenVAS-4 installation is not yet complete!
Please follow the instructions marked with FIX above and run this
script again.
If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.
openvas-mkcert
./openvas-check-setup.sh
openvas-check-setup 2.0.6
Test completeness and readiness of OpenVAS-4
Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.
Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 3.2.3.
OK: OpenVAS Scanner CA Certificate is present as /usr/local/var/lib/openvas/CA/cacert.pem.
ERROR: The NVT collection is very small.
FIX: Run a synchronization script like openvas-nvt-sync or greenbone-nvt-sync.
ERROR: Your OpenVAS-4 installation is not yet complete!
Please follow the instructions marked with FIX above and run this
script again.
If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.
openvas-nvt-sync
./openvas-check-setup.sh
root@bt:/pentest/miscellaneous/openvas# ./openvas-check-setup.sh
openvas-check-setup 2.0.6
Test completeness and readiness of OpenVAS-4
Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.
Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 3.2.3.
OK: OpenVAS Scanner CA Certificate is present as /usr/local/var/lib/openvas/CA/cacert.pem.
OK: NVT collection in /usr/local/var/lib/openvas/plugins contains 23608 NVTs.
Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 2.0.4.
ERROR: No client certificate file of OpenVAS Manager found.
FIX: Run 'openvas-mkcert-client -n om -i'
ERROR: Your OpenVAS-4 installation is not yet complete!
Please follow the instructions marked with FIX above and run this
script again.
If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.
openvas-mkcert-client -n om -i
./openvas-check-setup.sh
root@bt:/pentest/miscellaneous/openvas# ./openvas-check-setup.sh
openvas-check-setup 2.0.6
Test completeness and readiness of OpenVAS-4
Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.
Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 3.2.3.
OK: OpenVAS Scanner CA Certificate is present as /usr/local/var/lib/openvas/CA/cacert.pem.
OK: NVT collection in /usr/local/var/lib/openvas/plugins contains 23608 NVTs.
Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 2.0.4.
OK: OpenVAS Manager client certificate is present as /usr/local/var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in /usr/local/var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
Error: no such table: meta
ERROR: Could not determine database revision, database corrupt or in invalid format.
FIX: Delete database at /usr/local/var/lib/openvas/mgr/tasks.db and rebuild it.
ERROR: Your OpenVAS-4 installation is not yet complete!
Please follow the instructions marked with FIX above and run this
script again.
If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.
openvasmd --rebuild
root@bt:/pentest/miscellaneous/openvas# ./openvas-check-setup.sh
openvas-check-setup 2.0.6
Test completeness and readiness of OpenVAS-4
Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.
Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 3.2.3.
OK: OpenVAS Scanner CA Certificate is present as /usr/local/var/lib/openvas/CA/cacert.pem.
OK: NVT collection in /usr/local/var/lib/openvas/plugins contains 23608 NVTs.
Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 2.0.4.
OK: OpenVAS Manager client certificate is present as /usr/local/var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in /usr/local/var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
OK: OpenVAS Manager database is at revision 41.
OK: OpenVAS Manager expects database at revision 41.
OK: Database schema is up to date.
ERROR: The number of NVTs in the OpenVAS Manager database is too low.
FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT collection and run 'openvasmd --rebuild'.
ERROR: Your OpenVAS-4 installation is not yet complete!
Please follow the instructions marked with FIX above and run this
script again.
If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the proble
openvassd touch /usr/local/var/lib/openvas/mgr/tasks.db openvasmd --backup openvasmd --rebuild
openvasad -c 'add_user' -u openvasadmin -r Admin
openvasmd -p 9390 -a 127.0.0.1 openvasad -a 127.0.0.1 -p 9393 gsad --http-only --listen=127.0.0.1 -p 9392
./openvas-check-setup.sh
root@bt:/pentest/miscellaneous/openvas# ./openvas-check-setup.sh
openvas-check-setup 2.0.6
Test completeness and readiness of OpenVAS-4
Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.
Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 3.2.3.
OK: OpenVAS Scanner CA Certificate is present as /usr/local/var/lib/openvas/CA/cacert.pem.
OK: NVT collection in /usr/local/var/lib/openvas/plugins contains 23608 NVTs.
Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 2.0.4.
OK: OpenVAS Manager client certificate is present as /usr/local/var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in /usr/local/var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
OK: OpenVAS Manager database is at revision 41.
OK: OpenVAS Manager expects database at revision 41.
OK: Database schema is up to date.
OK: OpenVAS Manager database contains information about 23608 NVTs.
OK: xsltproc found.
Step 3: Checking OpenVAS Administrator ...
OK: OpenVAS Administrator is present in version 1.1.1.
OK: At least one user exists.
OK: At least one admin user exists.
Step 4: Checking Greenbone Security Assistant (GSA) ...
OK: Greenbone Security Assistant is present in version 2.0.1.
Step 5: Checking OpenVAS CLI ...
OK: OpenVAS CLI version 1.1.2.SVN.r.
Step 6: Checking Greenbone Security Desktop (GSD) ...
OK: Greenbone Security Desktop is present in Version 1.2.0.
Step 7: Checking if OpenVAS services are up and running ...
OK: netstat found, extended checks of the OpenVAS services enabled.
OK: OpenVAS Scanner is running and listening on all interfaces.
OK: OpenVAS Scanner is listening on port 9391, which is the default port.
WARNING: OpenVAS Manager is running and listening only on the local interface. This means that you will not be able to access the OpenVAS Manager from the outside using GSD or OpenVAS CLI.
SUGGEST: Ensure that OpenVAS Manager listens on all interfaces.
OK: OpenVAS Manager is listening on port 9390, which is the default port.
OK: OpenVAS Administrator is running and listening only on the local interface.
OK: OpenVAS Administrator is listening on port 9393, which is the default port.
WARNING: Greenbone Security Assistant is running and listening only on the local interface. This means that you will not be able to access the Greenbone Security Assistant from the outside using a web browser.
SUGGEST: Ensure that Greenbone Security Assistant listens on all interfaces.
OK: Greenbone Security Assistant is listening on port 9392, which is the default port.
It seems like your OpenVAS-4 installation is OK.
If you think it is not OK, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.
Nun könnte man zusätzliche Nutzer erstellen:
openvas-adduser
Using /var/tmp as a temporary file holder.
Add a new openvassd user
---------------------------------
Login : testuser
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :
User rules
---------------
openvassd has a rules system which allows you to restrict the hosts that frank has the right to test.
For instance, you may want him to be able to scan his own host only.
Please see the openvas-adduser(8) man page for the rules syntax.
Enter the rules for this user, and hit ctrl-D once you are done:
(the user can have an empty rules set)
Login : testuser
Password : ***********
Rules :
Is that ok? (y/n) [y] y
user added.
Im Browser folgende URL nutzen:
http://localhost:9392/
Hier das Username und Passwort einsetzen. In meinem Beispiel openvasadmin als Administrator oder testuser als Nutzer.
Hier ein kleines Skript zum Starten von OpenVAS nach dem Reboot des Systems:
openvas-nvt-sync
openvassd
openvasmd -p 9390 -a 127.0.0.1
openvasad -a 127.0.0.1 -p 9393
gsad --http-only --listen=127.0.0.1 -p 9392