Skip to content

Penetration

Step By Step – Install OpenVAS 7 On CentOS 7 – Run Vulnerability Assessments and Pen Tests

Recently, I published a guide outlining how to install OpenVAS 8, from source, on Ubuntu 14. I got some feedback from some folks requesting a guide on installing OpenVAS on CentOS 7, from the binary packages available via yum. FYI, as of this writing, there are no binary packages for OpenVAS 8, hopefully they will come soon. OpenVAS is a top-knoch Open Source package for running vulnerability scans against networks and servers. Every network administration should have an OpenVAS installation tucked away on a virtual machine somewhere. It’s just so easy to monitor all of your systems for vulnerabilities, there’s no excuse not to. Installing OpenVAS from packages is much easier than installing from source. So, as requested, here you go.

How to install OpenVAS 7 on CentOS 7

Although time consuming, compared to installing from source, installing OpenVAS from binary package is a much less involved process. There are a few ‘gotchya’s” when installing to CentOS 7, mostly related to redis, which I’ll cover in this guide.

This guide assumes you have a minimal CentOS 7 server installation and you are logged into the console or via SSH.

First, we need to install a few prerequisites. To do that, run this command.

yum -y update

yum install -y wget net-tools nano

The OpenVAS binary packages aren’t included with the stock repositories. So, we need to enable the Atomicorp repository.

wget -q -O - http://www.atomicorp.com/installers/atomic |sh

yum -y upgrade

Now, we will install redis and OpenVAS 7.

yum -y install redis openvas

Click Here To View The Entire Tutorial!

How To Install OpenVAS 8 On Ubuntu 14.04 To Run Vulnerability Scans & Pen Tests

OpenVAS is one of the most amazing Open Source packages in existence. It is an Open Source fork on the Nessus Vulnerability Scanner, on steroids. If you aren’t familiar with it, let me give you a brief introduction. OpenVAS is short for Open Source Vulnerability Assessment System. it is by far the number one free network and security scanner in existence. I has a database of nearly half a MILLION exploits for nearly every operating system, web app, and device in existence, and that database is constantly being expanded and updated. Installation isn’t too bad, if you have a good guide to help you. Once installed, it’s extremely easy to use. It has a web interface that can be as easy as typing in a host name or IP address and clicking scan. Of course, you can also customize the scans and there is also a handful of pre-configured scans, some thorough, and some less thorough. Reports are generated after a scan completes, which is viewable via the web interface, or you can even generate a PDF report that is useful for a network administrator, as well as upper management, if needed. There are software packages in existence that cost tens of thousands of dollars and fall short of OpenVAS’s feature set. Now that you have a brief introduction to OpenVAS, let’s get started on installing it.

How to install OpenVAS 8 on Ubuntu 14.04

OpenVAS has packages for CentOS and RedHat, which makes it very easy to install on those platforms. It only requires a few yum commands. Unfortunately, they do not have packages for Ubuntu. However, it’s not that hard to install. I’m assuming you have done a minimal installations of Ubuntu 14.04 Server, with only the OpenSSH Server packages installed.

First, we need to get some dependencies installed.

sudo apt-get install -y build-essential devscripts dpatch libassuan-dev \
 libglib2.0-dev libgpgme11-dev libpcre3-dev libpth-dev libwrap0-dev libgmp-dev libgmp3-dev \
 libgpgme11-dev libopenvas2 libpcre3-dev libpth-dev quilt cmake pkg-config \
 libssh-dev libglib2.0-dev libpcap-dev libgpgme11-dev uuid-dev bison libksba-dev \
 doxygen sqlfairy xmltoman sqlite3 libsqlite3-dev wamerican redis-server libhiredis-dev libsnmp-dev \
 libmicrohttpd-dev libxml2-dev libxslt1-dev xsltproc libssh2-1-dev libldap2-dev autoconf nmap libgnutls-dev \
libpopt-dev heimdal-dev heimdal-multidev libpopt-dev mingw32

For the sake of making this as easy as possible, lets go ahead and become root for the installation.

sudo su

OpenVAS default installation settings requires a quick fix for redis-server.

Click Here To Read The Entire Tutorial!