- Offizieller Beitrag
Kali Linux ist ein spezielles Linux mit Werkzeugen zu Security scans.
Openvas ist ein Vulnerability scanner, also ein Werkzeug um Sicherheitslücken in seiner IT Umgebung zu finden.
Kali Linux installieren und dann:
https://dannyda.com/2020/08/07/how-to-fix-openvas-command-not-found-in-kali-linux-2020-2a/
NICHT mehr openvas-setup... wie es noch in den meisten tutorials steht.
sudo gvm-setupDas setup muss meist mehrfach angetriggert werden bzw. die fehlenden Schritte. Dann hatte ich noch das Problem, dass ein logfile nur für root Schreibbar war - dann startet der entsprechende Service nicht...
wichtiges tool gvm-check-setup um zu prüfen ob alles da ist.
└─$ sudo gvm-check-setup
gvm-check-setup 22.4.0
Test completeness and readiness of GVM-22.4.0
Step 1: Checking OpenVAS (Scanner)...
OK: OpenVAS Scanner is present in version 22.4.0.
OK: Notus Scanner is present in version 22.4.1.
OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
OK: _gvm owns all files in /var/lib/openvas/gnupg
OK: redis-server is present.
OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: the mqtt_server_uri is defined in /etc/openvas/openvas.conf
OK: _gvm owns all files in /var/lib/openvas/plugins
OK: NVT collection in /var/lib/openvas/plugins contains 83617 NVTs.
OK: The notus directory /var/lib/notus/products contains 378 NVTs.
Checking that the obsolete redis database has been removed
OK: No old Redis DB
OK: ospd-OpenVAS is present in version 22.4.0.
Step 2: Checking GVMD Manager ...
OK: GVM Manager (gvmd) is present in version 22.4.0~dev1.
Step 3: Checking Certificates ...
OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data ...
OK: SCAP data found in /var/lib/gvm/scap-data.
OK: CERT data found in /var/lib/gvm/cert-data.
Step 5: Checking Postgresql DB and user ...
OK: Postgresql version and default port are OK.
gvmd | _gvm | UTF8 | en_US.UTF-8 | en_US.UTF-8 | | libc |
16435|pg-gvm|10|2200|f|22.4.0||
OK: At least one user exists.
Step 6: Checking Greenbone Security Assistant (GSA) ...
Oops, secure memory pool already initialized
OK: Greenbone Security Assistant is present in version 22.04.0~git.
Step 7: Checking if GVM services are up and running ...
OK: ospd-openvas service is active.
Starting gvmd service
Waiting for gvmd service
OK: gvmd service is active.
Starting gsad service
Waiting for gsad service
OK: gsad service is active.
Step 8: Checking few other requirements...
OK: nmap is present in version 22.04.0~git.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.
SUGGEST: Install nsis.
OK: xsltproc found.
WARNING: Your password policy is empty.
SUGGEST: Edit the /etc/gvm/pwpolicy.conf file to set a password policy.
It seems like your GVM-22.4.0 installation is OK.
danach dann
sudo gvm-feed-updateund
sudo gvm-startwenn man die Admin user Meldung beim setup nicht gesehen hat
sudo -u _gvm gvmd --create-user=AdminWenn man das dann noch außerhalb der VM (localhost) öffnen möchte
sudo nano /lib/systemd/system/gsad.serviceund dort die 127.0.0.1 durch 0.0.0.0 ersetzen.
Dann sollte man das hier unter Port 9392 bekommen - puh wieder mal Software die einen Kaiserschnitt braucht um auf die Welt zu kommen... naja aber dafür kostet es nix außer Zeit. Was man bei den anderen Security Scannern eben nciht wirklich sagen kann. Nessus ist einfacher zu installieren und zu benutzen kann aber in der freien Version nur 16 hosts 