Setting up GVM-OpenVAS — 2020 (Open Vulnerability Assessment Scanner)
Lately I wanted to install OpenVAS and realized that there are many changes that have been made to the older version. It was quite a while since I had used this tool.
My Failure attempt:
- Tried to install from source and it is a cumbersome process — Nope
- Found few docker images, but were obsolete
- Back to step 1 but had problem with updating NVT-FEED — Frustrated
- Back to step2 and found few docker images which was not great — Issues!!
Found success with this docker image, Finally!! Huh!! Thank you Admirito. ❤
Setting up this docker is pretty straight forward as mentioned in the github repo.
Why this gvm-container and latest GVM is brilliant?
- You do not need to struggle with bringing it on the external interface. By default it runs on port 8080 on the external interface with default username and password admin/admin. Change this on your first login from GUI (No add allow host header issues :-P)
- I used to struggle with downloading NVT feeds, but now it is all “rsync”. As far as you do not have DNS issue or network problem this works flawlessly.
Set up: OS does not matter as this is a docker installation. I tried it on Kali and Ubuntu.
Step 1: sudo apt-get install docker.io
Step 2 : sudo apt-get install docker-compose
Step 3 : git clone https://github.com/admirito/gvm-containers
Step 4 : cd gvm-containers
Step 5: docker-compose -f docker-compose.yml -f nvt-sync.yml -f cert-sync.yml -f scap-sync.yml up
Thats it!! Keep staring at the screen till the NVT-feed syncs.
Troubleshooting:
- greenbone-nvt-sync do not download and stopped at some point. Solution: This must be a network issue. However if you want to run “greenbone-nvt-sync” command, try following commands.
docker container ls
#docker exec -it <openvas_container_name> /bin/bash
Once you get the root shell of the container, try
#greenbone-nvt-sync
If there is an error pertaining to “greenbone-nvt-sync another process related to the feed update is already running” then
#rm -rf /run/feed*.lock
#greenbone-nvt-sync
2. If the above troubleshoot does not resolve the issue, then remove the dockers and try reinstalling it again with docker-compose. To remove the running docker containers
#docker container stop $(docker container ps -aq)
#docker container rm $(docker container ps -aq)
To remove docker images for some reason
docker images (This will list the docker images)
#docker rmi <image1_id> <image2_id>…
I am pretty sure if there is no network or DNS resolution issue, your docker gvm installation will be working just fine.
Have any queries reach me out at https://twitter.com/adb_root
Thanks for reading :-)