Setting up GVM10
Greenbone Vulnerability Management (GVM) 11
OpenVAS with version 11 has been renamed in Greenbone Vulnerability Management and it is available in community repository.
This How-To will guide you to install a complete server solution for vulnerability scanning and vulnerability management solution.
Enable the community repository and install the required packages:
OpenVAS relies on PostgreSQL, that now is mandatory.
Start PostgreSQL and add it to default runlevel:
rc-service postgresql setup rc-service postgresql start rc-update add postgresql
Create and configure the gvm database:
su - postgres createuser -DRS gvm createdb -O gvm gvmd psql gvmd create role dba with superuser noinherit; grant dba to gvm; create extension if not exists "uuid-ossp"; create extension "pgcrypto"; exit
GVMd run as gvm user. Generate the certificate. The certificate infrastructure enables GVMd to communicate in a secure manner and is used for authentication and authorization before establishing TLS connections between the daemons. You can setup the certificate automatically with:
su - gvm gvm-manage-certs -a
Create credentials used to interact with gvmd:
gvmd --create-user=admin --password=admin
Update GVM definitions
Download the GVM definitions and start GVMd, as root user. Be patient...it will take a while:
greenbone-scapdata-sync greenbone-certdata-sync rc-service gvmd start
Add gvmd to start on boot:
rc-update add gvmd
NVT definitions can be downloaded as gvm user:
su - gvm greenbone-nvt-sync
Greenbone Security Assistant (GSAD)
Configure Greenbone Security Assistant (GSAD) to listen to other interfaces rather than localhost only, so it is reachable from other hosts.
Modify /etc/conf.d/gsad: with:
Or, in one shot:
sed -i -e "s/127\.0\.0\.1/0\.0\.0\.0/g" /etc/conf.d/gsad
Start GSAD and add it to default runlevel:
rc-service gsad start rc-update add gsad
Open the browser at the IP address where GSAD is running, on port 9392, and login with the credentials previously created.
Happy vulnerability assestment!