OpenVAS, short for Open Vulnerability Assessment System, is an open-source tool designed to scan computer systems and networks for security vulnerabilities. It conducts scans to detect known vulnerabilities in software, configurations, and network setups. OpenVAS offers a robust platform for vulnerability assessment, encompassing scanning capabilities, detailed reporting, and recommendations for remediation. This tool is highly regarded among security professionals and system administrators for fortifying the security of their systems and networks.
Now, let's proceed to install it on my Kali Linux system.
.png)
When I try to attempt to install OpenVAS on Kali Linux using the command "apt-get openvas," it successfully downloads the repository and completes the installation process.
.png)
After installation, you can locate OpenVAS in the "Vulnerability Scanner" section of the Kali Menu. Within this section, you'll find three tools: one for initialization, another for starting the service, and a third for stopping it.
.png)
However, the issue arises when attempting to initialize the database and configure it, as it fails to download various vulnerability databases crucial for exploitation.
.png)
Although the dashboard panel is accessible, the vulnerability scanning functionality is compromised.
.png)
But not to worry! In today's video, I'll guide you through the installation process of OpenVAS without encountering any errors. By the end, we'll be using it to scan Metasploitable2. Let's get started.
If you encounter any download errors while initializing the database, you can skip this step.
.png)
For an effective installation, we'll be utilizing Docker. If you're unfamiliar with Docker, be sure to read our previous discussions on it.
Uncover Benefits of Docker: Learn How to Utilize Docker for Cybersecurity
This article delves into the benefits of Docker and provides insights into how to utilize Docker for cybersecurity purposes. Understanding Docker and its advantages is essential for building secure, scalable, and efficient containerized applications.
Firstly, we need to install Docker. If you already have it installed, you can proceed to the next step. Run "sudo apt update", to update the repository. Once the repository database is updated, execute, "sudo apt install docker.io" and include "-y" to initiate the installation process without any interruptions.
.png)
At last, Docker has been successfully installed.
.png)
Once Docker is installed, you can check its version using the --version flag.
Before installing OpenVAS, let's verify that Docker is functioning correctly by running "hello-world". Additionally, we'll configure a few settings before proceeding with the OpenVAS installation.
It indicates that running Docker containers requires the
use of the sudo command. However, I'm going to show you how to run Docker
without needing root privileges.
In the terminal, type "sudo usermod -aG docker $USER", and press enter.
After successful execution, log out and log back in to apply the changes. Now, we can run "hello-world" without using sudo.
Everything should work smoothly without any issues.
To ensure Docker runs every time we start our Kali machine, we'll use "sudo systemctl enable Docker --now".
Alternatively, if you prefer not to do this, you can simply start the Docker service each time you want to use it by running "service docker start".
Now, we're prepared to install OpenVAS. Begin by searching "OpenVAS Docker" on Google. From here, select the Docker Hub link.
Here, you'll find detailed instructions provided on this page.
mikesplain/openvas - Docker Hub
This Docker Hub repository provides the image for OpenVAS, a powerful vulnerability scanning tool. OpenVAS helps in identifying and managing security vulnerabilities in systems and networks.
Firstly, we need to pull the Docker container. Copy the provided command, and paste it into your terminal.
The pulling process will commence automatically.
Please note that this process may take some time depending on your internet speed. Once the pulling is complete, the container will be extracted and created.
Scroll down the Docker Hub page to find this command. This command is used to fetch the container from the Docker registry and start it up.
Keep in mind that the startup process for OpenVAS can be time-consuming, usually taking around 4-5 minutes while the NVTs are scanned and databases are rebuilt. Be patient during this stage.
Once the process is complete, we can launch OpenVAS. Run the command, "docker ps", to check on which port it is running.
Typically, it runs on the default SSL port 443.
Now, open your preferred web browser and access OpenVAS by
entering the local IP address and specified port.
.png)
Upon accessing OpenVAS, you may encounter a warning about potential risks. Ignore this warning, proceed by clicking "Advance," and accept the risk to continue.
.png)
Subsequently, a login page will appear.
.png)
Here, it asks to input a username and password.
At the login screen, input credentials,
- Username: admin,
- Password: admin.
.png)
You are now ready to log in to OpenVAS. Once logged in, you can initiate a vulnerability scan.
.png)
Additionally, you'll find various commands on the Docker Hub page, such as running bash inside the container, changing the port, setting the admin password, and more.
If needed, simply copy the relevant
command and paste it into your terminal.
Another important task is updating the Network Vulnerability Tests (NVTs).
This needs to be done occasionally. You can update the container by executing a few commands within it. Use the command "docker exec -It openvas bash", to start an interactive BASH prompt within the OpenVAS container.
This allows you to execute commands specific to OpenVAS, such as updating and restarting services.
Once you're inside the container, execute the other commands one by one.
Please be aware that if the NVT sync isn't responsive, akin to attempting to initialize OpenVAS without Docker's aid, we could face a similar issue. It could indicate a connectivity problem.
.png)
A connection timeout error may occur due to server downtime. If it worked on a different day, you can try running all these commands again.
After updating, restart the scanner and OpenVAS manager with the following command:
Now, within the bash shell, type "exit" to exit the shell. Then, run "reboot" to reboot your Kali machine and apply the changes.
It's important to remember that each time we launch a
program using Docker, it creates a new container. For example, when we executed
the "docker run hello-world" command, Docker created a container
specifically for running that program. By default, once the container stops,
that is, when you exit the shell or reboot, it is not automatically deleted.
You can view all containers, including stopped ones, by running the command "docker ps -a" in the Kali terminal.
This command provides you with the container ID and the name of the program that owns the container. If you need to access OpenVAS again, you can use the command "docker start openvas".
Be patient with the restart of the OpenVAS container. The OpenVAS container is now up and running.
In the next segment of OpenVAS, I'll illustrate how OpenVAS is employed to scan a vulnerable web application.
Mastering OpenVAS: Scanning Vulnerable Environments
This in-depth guide covers the process of mastering OpenVAS for scanning vulnerable environments. OpenVAS is a powerful open-source vulnerability scanner used for identifying security issues in networks and systems.
