OpenVAS is one of the most amazing Open Source packages in existence. It is an Open Source fork on the Nessus Vulnerability Scanner, on steroids. If you aren’t familiar with it, let me give you a brief introduction. OpenVAS is short for Open Source Vulnerability Assessment System. it is by far the number one free network and security scanner in existence. I has a database of nearly half a MILLION exploits for nearly every operating system, web app, and device in existence, and that database is constantly being expanded and updated. Installation isn’t too bad, if you have a good guide to help you. Once installed, it’s extremely easy to use. It has a web interface that can be as easy as typing in a host name or IP address and clicking scan. Of course, you can also customize the scans and there is also a handful of pre-configured scans, some thorough, and some less thorough. Reports are generated after a scan completes, which is viewable via the web interface, or you can even generate a PDF report that is useful for a network administrator, as well as upper management, if needed. There are software packages in existence that cost tens of thousands of dollars and fall short of OpenVAS’s feature set. Now that you have a brief introduction to OpenVAS, let’s get started on installing it.
How to install OpenVAS 8 on Ubuntu 14.04
OpenVAS has packages for CentOS and RedHat, which makes it very easy to install on those platforms. It only requires a few yum commands. Unfortunately, they do not have packages for Ubuntu. However, it’s not that hard to install. I’m assuming you have done a minimal installations of Ubuntu 14.04 Server, with only the OpenSSH Server packages installed.
First, we need to get some dependencies installed.
sudo apt-get install -y build-essential devscripts dpatch libassuan-dev \ libglib2.0-dev libgpgme11-dev libpcre3-dev libpth-dev libwrap0-dev libgmp-dev libgmp3-dev \ libgpgme11-dev libopenvas2 libpcre3-dev libpth-dev quilt cmake pkg-config \ libssh-dev libglib2.0-dev libpcap-dev libgpgme11-dev uuid-dev bison libksba-dev \ doxygen sqlfairy xmltoman sqlite3 libsqlite3-dev wamerican redis-server libhiredis-dev libsnmp-dev \ libmicrohttpd-dev libxml2-dev libxslt1-dev xsltproc libssh2-1-dev libldap2-dev autoconf nmap libgnutls-dev \ libpopt-dev heimdal-dev heimdal-multidev libpopt-dev mingw32
For the sake of making this as easy as possible, lets go ahead and become root for the installation.
OpenVAS default installation settings requires a quick fix for redis-server.