Skip to content

Test

Step By Step – Install OpenVAS 7 On CentOS 7 – Run Vulnerability Assessments and Pen Tests

Recently, I published a guide outlining how to install OpenVAS 8, from source, on Ubuntu 14. I got some feedback from some folks requesting a guide on installing OpenVAS on CentOS 7, from the binary packages available via yum. FYI, as of this writing, there are no binary packages for OpenVAS 8, hopefully they will come soon. OpenVAS is a top-knoch Open Source package for running vulnerability scans against networks and servers. Every network administration should have an OpenVAS installation tucked away on a virtual machine somewhere. It’s just so easy to monitor all of your systems for vulnerabilities, there’s no excuse not to. Installing OpenVAS from packages is much easier than installing from source. So, as requested, here you go.

How to install OpenVAS 7 on CentOS 7

Although time consuming, compared to installing from source, installing OpenVAS from binary package is a much less involved process. There are a few ‘gotchya’s” when installing to CentOS 7, mostly related to redis, which I’ll cover in this guide.

This guide assumes you have a minimal CentOS 7 server installation and you are logged into the console or via SSH.

First, we need to install a few prerequisites. To do that, run this command.

yum -y update

yum install -y wget net-tools nano

The OpenVAS binary packages aren’t included with the stock repositories. So, we need to enable the Atomicorp repository.

wget -q -O - http://www.atomicorp.com/installers/atomic |sh

yum -y upgrade

Now, we will install redis and OpenVAS 7.

yum -y install redis openvas

Click Here To View The Entire Tutorial!

How To Install OpenVAS 8 On Ubuntu 14.04 To Run Vulnerability Scans & Pen Tests

OpenVAS is one of the most amazing Open Source packages in existence. It is an Open Source fork on the Nessus Vulnerability Scanner, on steroids. If you aren’t familiar with it, let me give you a brief introduction. OpenVAS is short for Open Source Vulnerability Assessment System. it is by far the number one free network and security scanner in existence. I has a database of nearly half a MILLION exploits for nearly every operating system, web app, and device in existence, and that database is constantly being expanded and updated. Installation isn’t too bad, if you have a good guide to help you. Once installed, it’s extremely easy to use. It has a web interface that can be as easy as typing in a host name or IP address and clicking scan. Of course, you can also customize the scans and there is also a handful of pre-configured scans, some thorough, and some less thorough. Reports are generated after a scan completes, which is viewable via the web interface, or you can even generate a PDF report that is useful for a network administrator, as well as upper management, if needed. There are software packages in existence that cost tens of thousands of dollars and fall short of OpenVAS’s feature set. Now that you have a brief introduction to OpenVAS, let’s get started on installing it.

How to install OpenVAS 8 on Ubuntu 14.04

OpenVAS has packages for CentOS and RedHat, which makes it very easy to install on those platforms. It only requires a few yum commands. Unfortunately, they do not have packages for Ubuntu. However, it’s not that hard to install. I’m assuming you have done a minimal installations of Ubuntu 14.04 Server, with only the OpenSSH Server packages installed.

First, we need to get some dependencies installed.

sudo apt-get install -y build-essential devscripts dpatch libassuan-dev \
 libglib2.0-dev libgpgme11-dev libpcre3-dev libpth-dev libwrap0-dev libgmp-dev libgmp3-dev \
 libgpgme11-dev libopenvas2 libpcre3-dev libpth-dev quilt cmake pkg-config \
 libssh-dev libglib2.0-dev libpcap-dev libgpgme11-dev uuid-dev bison libksba-dev \
 doxygen sqlfairy xmltoman sqlite3 libsqlite3-dev wamerican redis-server libhiredis-dev libsnmp-dev \
 libmicrohttpd-dev libxml2-dev libxslt1-dev xsltproc libssh2-1-dev libldap2-dev autoconf nmap libgnutls-dev \
libpopt-dev heimdal-dev heimdal-multidev libpopt-dev mingw32

For the sake of making this as easy as possible, lets go ahead and become root for the installation.

sudo su

OpenVAS default installation settings requires a quick fix for redis-server.

Click Here To Read The Entire Tutorial!

How to Run Bandwidth Speed Tests From the Linux Command Line With Speedtest.net

Believe it or not, there is a way to use Speedtest.net’s speed test service from a Linux command line. Usually, one would fire up a web browser and just go to Speedtest.net and the flash utility would load. Obviously, this is impossible from a command line. If you have a cloud instance or virtual private server (VPS), you don’t have a gui or a web browser. So, here is how to run an Internet speed test from the Linux command line.

To achieve this, there is a package called speedtest-cli. It is a python based utility that more or less has the same functionality as the gui. When ran with defaults, it will locate the closest server and run a download test, then an upload test, and display the results when it’s finished. You can do this by running:

#  wget -O - https://raw.github.com/sivel/speedtest-cli/master/speedtest_cli.py | python

After the script downloads and runs, you’ll see something like this:

Retrieving speedtest.net configuration...
Retrieving speedtest.net server list...
Testing from AT&T U-verse (108.238.104.79)...
Selecting best server based on latency...
Hosted by TekLinks (Birmingham, AL) [103.61 km]: 30.383 ms
Testing download speed........................................
Download: 98.96 Mbit/s
Testing upload speed..................................................
Upload: 56.06 Mbit/s

Personally, I like to select a specific server from a specific location when I run a speed test. I’ve found that the closest server, isn’t always the fastest. Just because a speed test server is located a couple hundred miles from you, it does not mean the path to it is linear, and it doesn’t mean their connection is fast enough to saturate your own. Not to worry, you can also select a server to your liking. There are two ways to approach this. You can either install the speedtest-cli package using your package manager, or you can download the script manually. I’ll cover both.

To install the speedtest-cli package on Ubuntu

#  sudo apt-get install speedtest-cli

After installing the package, you can simply run:

#  speedtest-cli

Now, if you’re using a distribution other than Ubuntu, or do not wish to install the package, you can simply download the script. To do that, do the following:

#  wget https://raw.github.com/sivel/speedtest-cli/master/speedtest_cli.py

#  chmod +x speedtest_cli.py

The chmod command gives execute permission to the file. This is required to run it. Once you have downloaded the script, you can run it by doing this:

#  ./speedtest_cli

There are quite a few options you can use with the script. I’ll go over the few that I have used. First up is –share. This option gives you a web link to share you speed test results with others. You’ve probably seen the little png boxes before. They look like this:

speed test results

So to get a nice automatically generated results picture like this, just run this command:

#  ./speedtest_cli.py --share

or

#  speedtest-cli --share

It will run the speed test like normal, but the very last line will have a link to your results. Now, like I was saying earlier, I like to specify the server the speed test runs against. To do that you first need to know the ID of the server you want to use. To get a list of speed test servers available, and their ID, run this command:

#  ./speedtest_cli.py --list | more

or

#  speedtest-cli --list | more

My favorite servers ID is 3595, so I’ll use it in my example. Once you have the ID of the server you want to use, all you need to do is specify it with the –server option. Be sure to swap out 3595 with the ID of your prefered server. Like this:

#  ./speedtest_cli.py --server 3595

or

#  speedtest-cli --server 3595

There are some other pretty cool options available if you want to play around some more. You can display values in Bytes instead of Bits, use the URL of a Speedtest Mini server, and even select the source IP you want to bind to. If you want to check out the other options available, run this command.

#  ./speedtest_cli.py --help

or

#  speedtest-cli --help

That’s all there is to it. If you run into any troubles feel free to ask for help in the comments below. Thanks!