OpenVAS is a fork of the open source version of Nessus. The new version 3.0 has a web interface, Greenbone Security Assistant (GSA), seems to have many of the features from the old inprotect interface. One of the best things I liked about inprotect was the granular user permissions to scan certain subnets. While I’ve only had a little while to play with it, it appears to be well polished. You can download a VM or Live CDROM to try it out. This install will cover using Ubuntu packages stored on the opensuse .org servers. Information about how to setup the repository was gathered from this link.
Setting up the repository.
Edit the source repository to add the open suse servers.
#vi /etc/apt/sources.list Add the following line to the bottom of the file.
deb http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v3/xUbuntu_10.04/ /
Update the repository for known available packages to install.
You will get a key error BED1E87979EAFD54. You’ll need to add the key to trusted keys. Add the key to the end of the statement below. The key below will expire on 02-April-2011.
#sudo apt-key adv --keyserver hkp://wwwkeys.de.pgp.net --recv-keys BED1E87979EAFD54
Update the repository again.
Basic install process.
#apt-get install openvas-scanner libopenvas3
You need to make an SSL certificate for the service.
Setup plugin update via crontab.
#crontab -u root -l >/tmp/crontab
#echo "0 3 * * * /usr/sbin/openvas-nvt-sync" >>/tmp/crontab
#crontab -u root -l /tmp/crontab
Setup listening port for service. Remember to setup IPTABLES to block access if you change from localhost access.
SCANNER_ADDRESS=(IP of your server)
Start the service.
#/etc/init.d/openvas-scanner start --
Install the client
#apt-get install openvas-client
Once installed, connect to the server and run your scans using the client. I hope to have a follow-up with configuring the web interface soon.