Wednesday, March 27, 2013

Openvas quick installation on Backtrack linux

It’s been some time since I wrote something in this blog, work and contributing in other sites took most of my time, but still this is my personal blog. I find it easier to write something in here and go back to look for it when needed than keeping documents around.

I mostly have Nessus on my disposal but sometimes there is a requirement to perform a security audit using opensource tools, and what is the best alternative to Nessus if not Openvas.

Openvas files are included in the backtrack Linux (BT5 R3). I’m sure you can find lengthy setup guides for it, but this is not one of them, on the contrary I’m trying to make things in a copy paste form for easy setup in less than couple of minutes.

Assuming that you already have a working backtrack installation you can issue the following commands to setup Openvas.

openvas-mkcert                                         #you can press ender here for all
openvasad -c 'add_user' -n admin -r Admin   #add your password here
openvas-mkcert-client -n om –i

openvas-nvt-sync                             #this will take some time
openvassd                                       #again here the plugins will be loaded  it would take a while

openvasmd –rebuild

openvasmd -p 9390 -a 127.0.0.1
openvasad -a 127.0.0.1 -p 9393
gsad --http-only --listen=YOUR_IP -p 9392 #don’t forget to add your ip address here

After that, you can access your Openvas installation at http://Your_IP:9392

Don’t forget to issue,

apt-get install texlive-latex-extra 

on the system in order to be able to generate pdf reports from the web interface.

Some rules of thumb, Openvas takes a lot of CPU time and memory, if you are planning on scanning several C classes and you are having a virtual machine for your installation, use more than 4 VCPUs and around 4Gb of Ram. Generally the more the merrier. Finally a normal scan will take about 1 hour for every C class to be completed.