Openvas Kali Installation: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→Setup) |
(→stop) |
||
Zeile 9: | Zeile 9: | ||
=stop= | =stop= | ||
*gvm-stop | *gvm-stop | ||
+ | =letsencrypt= | ||
+ | *apt install certbot | ||
+ | *certbot certonly --standalone -d <FQDN> | ||
+ | =change gsad settings= | ||
+ | */etc/systemd/systemd/greenbone-security-assistant.service | ||
+ | <pre> | ||
+ | [Unit] | ||
+ | Description=Greenbone Security Assistant (gsad) | ||
+ | Documentation=man:gsad(8) https://www.greenbone.net | ||
+ | After=network.target | ||
+ | Wants=gvmd.service | ||
+ | |||
+ | [Service] | ||
+ | Type=forking | ||
+ | User=root | ||
+ | Group=root | ||
+ | ExecStart=/usr/sbin/gsad --no-redirect --listen=0.0.0.0 --port=443 --ssl-private-key=/etc/letsencrypt/live/scanner.tuxmen.de/privkey.pem --ssl-certificate=/etc/letsencrypt/live/scanner.tuxmen.de/cert.pem | ||
+ | Restart=always | ||
+ | TimeoutStopSec=10 | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=multi-user.target | ||
+ | Alias=gsad.service | ||
+ | |||
+ | </pre> | ||
=Finish= | =Finish= |
Version vom 11. September 2020, 10:10 Uhr
Install
- apt update
- apt install gvm
setup
- gvm-setup
start
- gvm-start
stop
- gvm-stop
letsencrypt
- apt install certbot
- certbot certonly --standalone -d <FQDN>
change gsad settings
- /etc/systemd/systemd/greenbone-security-assistant.service
[Unit] Description=Greenbone Security Assistant (gsad) Documentation=man:gsad(8) https://www.greenbone.net After=network.target Wants=gvmd.service [Service] Type=forking User=root Group=root ExecStart=/usr/sbin/gsad --no-redirect --listen=0.0.0.0 --port=443 --ssl-private-key=/etc/letsencrypt/live/scanner.tuxmen.de/privkey.pem --ssl-certificate=/etc/letsencrypt/live/scanner.tuxmen.de/cert.pem Restart=always TimeoutStopSec=10 [Install] WantedBy=multi-user.target Alias=gsad.service
Finish
... md main: DEBUG:6750:2016-08-15 17h32.43 CEST: sql_open: db open, max retry sleep time is 0 Rebuilding NVT cache... done. User created with password '4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2'.
Change Listing Interface
- cd /lib/systemd/system
- sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service
- add --allow-header-host <IP/Hostname> ad the end of ExecStart in greenbone-security-assistant.service
- systemctl daemon-reload
- openvas-stop
- openvas-start
- openvas-check-setup --server
Check Listing
- netstat -lntp
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 685/sshd tcp 0 0 0.0.0.0:9390 0.0.0.0:* LISTEN 10037/openvasmd tcp 0 0 0.0.0.0:9391 0.0.0.0:* LISTEN 10107/openvassd: Wa tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 254/rpcbind tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 10030/gsad tcp 0 0 0.0.0.0:9392 0.0.0.0:* LISTEN 10029/gsad tcp6 0 0 :::8472 :::* LISTEN 685/sshd tcp6 0 0 :::111 :::* LISTEN 254/rpcbind
Login
- URL: https://$OPENVASIP:9392
- USR: admin
- PWD: 4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2