Skip to content

Step By Step – Install OpenVAS 7 On CentOS 7 – Run Vulnerability Assessments and Pen Tests

Recently, I published a guide outlining how to install OpenVAS 8, from source, on Ubuntu 14. I got some feedback from some folks requesting a guide on installing OpenVAS on CentOS 7, from the binary packages available via yum. FYI, as of this writing, there are no binary packages for OpenVAS 8, hopefully they will come soon. OpenVAS is a top-knoch Open Source package for running vulnerability scans against networks and servers. Every network administration should have an OpenVAS installation tucked away on a virtual machine somewhere. It’s just so easy to monitor all of your systems for vulnerabilities, there’s no excuse not to. Installing OpenVAS from packages is much easier than installing from source. So, as requested, here you go.

How to install OpenVAS 7 on CentOS 7

Although time consuming, compared to installing from source, installing OpenVAS from binary package is a much less involved process. There are a few ‘gotchya’s” when installing to CentOS 7, mostly related to redis, which I’ll cover in this guide.

This guide assumes you have a minimal CentOS 7 server installation and you are logged into the console or via SSH.

First, we need to install a few prerequisites. To do that, run this command.

yum -y update

yum install -y wget net-tools nano

The OpenVAS binary packages aren’t included with the stock repositories. So, we need to enable the Atomicorp repository.

wget -q -O - http://www.atomicorp.com/installers/atomic |sh

yum -y upgrade

Now, we will install redis and OpenVAS 7.

yum -y install redis openvas


This will take a few minutes while it downloads all of the packages and dependencies. When it’s finished, we can kick off openvas-setup.

openvas-setup

This is going to take some time. You will be prompted for some information shortly. Grab a cup of coffee.

If you are running this setup during the day, there is a very likely chance you will get an NVT sync error like the following.

@ERROR: max connections (200) reached -- try again later
rsync error: error starting client-server protocol (code 5) at main.c(1516) [Receiver=3.0.9]
[e] Error: rsync failed.

If so, don’t worry, just wait a few minutes and run openvas-setup again. The NVT feed server is overloaded. It’s annoying, but there’s not much you can do about it. I hardly run into this problem in the evening and at night.

After all of the NVT’s are synced you will be prompted to answer a few questions. The defaults are fine, unless you would like to change anything. It will look like this.

Screen Shot 2015-05-21 at 11.23.33 AM

At this point, OpenVas is setup and configured. However, you will not be able to log into the web interface yet As of CentOS 7, iptables was replaced with firewalld (which I do not like). So, we’re going to disable firewalld. If you want to install iptables in it’s place, click here to see my guide on removing firewalld and installing iptables on CentOS 7. For now, we’re just going to disable firewalld.

systemctl mask firewalld

systemctl stop firewalld

Now you will be able to login to the web interface of OpenVAS by navigating to https://:9392 But, you will not be able to run any scans. If you try, it will error out and you’ll get this error on your report.

WARNING: Cannot connect to KB at '/tmp/redis.sock': Connection refused'

Screen Shot 2015-05-21 at 11.31.33 AM

To resolve this, we need to make a couple changes to redis and disable SELinux.

echo "unixsocket /tmp/redis.sock" >> /etc/redis.conf

sed -i 's/enforcing/disabled/g' /etc/selinux/config /etc/selinux/config

systemctl enable redis.service

shutdown -r now

After the reboot is complete, wait about 5 minutes for OpenVAS to load up. It can take a few minutes. Then, you’re ready to log into the web interface and run your first scan! Navigate to https://:9392 and login with username admin and the password you specified earlier.

Screen Shot 2015-05-20 at 8.58.34 AM

After logged in, running a scan is as simple as entering a hostname or IP address in the quick scan box on the main page. It looks like this.

Screen-Shot-2015-05-20-at-9.00.06-AM

A scan can take 30 minutes or more to run, so be patient. Once its finished, you can open the scan and click the report to view the Vulnerability Assessment results. You can also save it as a PDF, as well as various other formats.

If you have any questions, please feel free to ask in the comments below. I’ll do my best to help. Thanks!