Openvas Kali Installation: Unterschied zwischen den Versionen

Aus xinux.net
Zur Navigation springen Zur Suche springen
 
Zeile 1: Zeile 1:
 +
 +
=Source List=
 +
*cat /etc/apt/sources.list
 +
deb http://http.kali.org/kali kali-rolling main non-free contrib
 
=Install=
 
=Install=
*apt update  
+
*apt-get update ; apt-get -y dist-upgrade ; apt-get install -y openvas rpm nsis alien
*apt install gvm
 
  
=setup=
+
=Setup=
*gvm-setup
+
*openvas-setup
=start=
 
*gvm-start
 
 
=Finish=
 
=Finish=
 
<pre>
 
<pre>
Zeile 14: Zeile 15:
 
User created with password '4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2'.
 
User created with password '4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2'.
 
</pre>
 
</pre>
=stop=
+
=Change Listing Interface=
*gvm-stop
+
*cd /lib/systemd/system
=letsencrypt=
+
*sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service
*apt install certbot
+
* add '''--allow-header-host <IP/Hostname>''' ad the end of ExecStart in greenbone-security-assistant.service
*certbot certonly --standalone  -d <FQDN>
+
*systemctl daemon-reload
==pre and post stuff==
+
*openvas-stop
*echo '#!bin/bash' >  /etc/letsencrypt/renewal-hooks/pre/stuff
+
*openvas-start
*echo  'systemctl stop greenbone-security-assistant.service' >>  /etc/letsencrypt/renewal-hooks/pre/stuff
+
*openvas-check-setup --server
*chmod +x  /etc/letsencrypt/renewal-hooks/pre/stuff
 
*echo '#!bin/bash' >  /etc/letsencrypt/renewal-hooks/post/stuff
 
*echo  'systemctl start greenbone-security-assistant.service' >>  /etc/letsencrypt/renewal-hooks/post/stuff
 
*chmod +x  /etc/letsencrypt/renewal-hooks/post/stuff
 
  
=change gsad settings=
+
=Check Listing=
*/etc/systemd/systemd/greenbone-security-assistant.service
+
*netstat -lntp
 
<pre>
 
<pre>
[Unit]
+
Active Internet connections (only servers)
Description=Greenbone Security Assistant (gsad)
+
Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name   
Documentation=man:gsad(8) https://www.greenbone.net
+
tcp        0      0 0.0.0.0:22              0.0.0.0:*              LISTEN      685/sshd           
After=network.target
+
tcp        0      0 0.0.0.0:9390            0.0.0.0:*              LISTEN      10037/openvasmd   
Wants=gvmd.service
+
tcp        0      0 0.0.0.0:9391            0.0.0.0:*              LISTEN      10107/openvassd: Wa
 
+
tcp        0      0 0.0.0.0:111            0.0.0.0:*              LISTEN      254/rpcbind       
[Service]
+
tcp        0      0 0.0.0.0:80              0.0.0.0:*              LISTEN      10030/gsad         
Type=forking
+
tcp        0      0 0.0.0.0:9392            0.0.0.0:*              LISTEN      10029/gsad         
User=root
+
tcp6      0      0 :::8472                :::*                    LISTEN      685/sshd           
Group=root
+
tcp6      0      0 :::111                  :::*                    LISTEN      254/rpcbind
ExecStart=/usr/sbin/gsad  --no-redirect  --listen=0.0.0.0 --port=443 --ssl-private-key=/etc/letsencrypt/live/scanner.tuxmen.de/privkey.pem --ssl-certificate=/etc/letsencrypt/live/scanner.tuxmen.de/cert.pem
 
Restart=always
 
TimeoutStopSec=10
 
 
 
[Install]
 
WantedBy=multi-user.target
 
Alias=gsad.service
 
 
 
 
</pre>
 
</pre>
 
=dameon reloas=
 
*systemctl daemon-reload
 
*gvm-stop
 
*gvm-start
 
*gvm-check-setup --server
 
 
=Check Listing=
 
*netstat -lntp | grep gsad
 
tcp        0      0 0.0.0.0:443            0.0.0.0:*              LISTEN      4204/gsad
 
 
 
=Login=
 
=Login=
*URL: https://<FQDN>
+
*URL: https://$OPENVASIP:9392
 
*USR: admin
 
*USR: admin
 
*PWD: 4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2
 
*PWD: 4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2

Aktuelle Version vom 11. September 2020, 10:24 Uhr

Source List

  • cat /etc/apt/sources.list
deb http://http.kali.org/kali kali-rolling main non-free contrib

Install

  • apt-get update ; apt-get -y dist-upgrade ; apt-get install -y openvas rpm nsis alien

Setup

  • openvas-setup

Finish

...
md   main:  DEBUG:6750:2016-08-15 17h32.43 CEST:    sql_open: db open, max retry sleep time is 0
Rebuilding NVT cache... done.
User created with password '4dxxxx7-exx9-4xx4-axxc-6xxxx20xxx2'.

Change Listing Interface

  • cd /lib/systemd/system
  • sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service
  • add --allow-header-host <IP/Hostname> ad the end of ExecStart in greenbone-security-assistant.service
  • systemctl daemon-reload
  • openvas-stop
  • openvas-start
  • openvas-check-setup --server

Check Listing

  • netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      685/sshd            
tcp        0      0 0.0.0.0:9390            0.0.0.0:*               LISTEN      10037/openvasmd     
tcp        0      0 0.0.0.0:9391            0.0.0.0:*               LISTEN      10107/openvassd: Wa 
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      254/rpcbind         
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      10030/gsad          
tcp        0      0 0.0.0.0:9392            0.0.0.0:*               LISTEN      10029/gsad          
tcp6       0      0 :::8472                 :::*                    LISTEN      685/sshd            
tcp6       0      0 :::111                  :::*                    LISTEN      254/rpcbind

Login

Abgerufen von „https://xinux.net/index.php?title=Openvas_Kali_Installation&oldid=20952