Comlile and Install OpenVas 8 on Ubuntu Server 14.04
2016-09-27 11:29
435 查看
转自:https://www.mockel.se/index.php/2015/04/openvas-8-on-ubuntu-server-14-04/
After a question on the OpenVas7 howto, I tried to do an updated with OpenVas 8 and Ubuntu Server 14.04
[2015-05-19]: Fixed som pebkap on my side..
[2015-04-09]: Moved up openvas-smb config/compile to the beginning of the installation, after a suggestion from Malcolm in the comments
Like the last guides –
This installation is not made for public facing servers, there is no build in security in my setup.
Everything is run as root in this example below, including daemons and web servers…
I take no responsibility if this guide bork you server, burn your house down to ashes or just messes up your life.. It’s under the “it worked for me[tm]” clause
# Firstly install the build deps.
# Fix redis-server for some openvas default install settings.
# Move in to the right place to download some tarballs.
# Become almighty root (remember: safety off, segmented internal build on)
# Download ‘all the things’
After a question on the OpenVas7 howto, I tried to do an updated with OpenVas 8 and Ubuntu Server 14.04
[2015-05-19]: Fixed som pebkap on my side..
[2015-04-09]: Moved up openvas-smb config/compile to the beginning of the installation, after a suggestion from Malcolm in the comments
Like the last guides –
This installation is not made for public facing servers, there is no build in security in my setup.
Everything is run as root in this example below, including daemons and web servers…
I take no responsibility if this guide bork you server, burn your house down to ashes or just messes up your life.. It’s under the “it worked for me[tm]” clause
# Firstly install the build deps.
sudo apt-get install -y build-essential devscripts dpatch libassuan-dev \ libglib2.0-dev libgpgme11-dev libpcre3-dev libpth-dev libwrap0-dev libgmp-dev libgmp3-dev \ libgpgme11-dev libopenvas2 libpcre3-dev libpth-dev quilt cmake pkg-config \ libssh-dev libglib2.0-dev libpcap-dev libgpgme11-dev uuid-dev bison libksba-dev \ doxygen sqlfairy xmltoman sqlite3 libsqlite3-dev wamerican redis-server libhiredis-dev libsnmp-dev \ libmicrohttpd-dev libxml2-dev libxslt1-dev xsltproc libssh2-1-dev libldap2-dev autoconf nmap libgnutls-dev \ libpopt-dev heimdal-dev heimdal-multidev libpopt-dev mingw32
# Fix redis-server for some openvas default install settings.
cp /etc/redis/redis.conf /etc/redis/redis.orig ;\ echo "unixsocket /tmp/redis.sock" >> /etc/redis/redis.conf ;\ service redis-server restart
# Move in to the right place to download some tarballs.
cd /usr/local/src
# Become almighty root (remember: safety off, segmented internal build on)
sudo su
# Download ‘all the things’
wget --no-check-certificate https://wald.intevation.org/frs/download.php/2015/openvas-libraries-8.0.1.tar.gz ;\ wget --no-check-certificate https://wald.intevation.org/frs/download.php/2016/openvas-scanner-5.0.1.tar.gz ;\ wget --no-check-certificate https://wald.intevation.org/frs/download.php/2017/openvas-manager-6.0.1.tar.gz ;\ wget --no-check-certificate https://wald.intevation.org/frs/download.php/2018/greenbone-security-assistant-6.0.1.tar.gz ;\ wget --no-check-certificate https://wald.intevation.org/frs/download.php/1987/openvas-cli-1.4.0.tar.gz ;\ wget --no-check-certificate https://wald.intevation.org/frs/download.php/1975/openvas-smb-1.0.1.tar.gz ;\ wget --no-check-certificate https://wald.intevation.org/frs/download.php/1999/ospd-1.0.0.tar.gz ;\ wget --no-check-certificate https://wald.intevation.org/frs/download.php/2005/ospd-ancor-1.0.0.tar.gz ;\ wget --no-check-certificate https://wald.intevation.org/frs/download.php/2003/ospd-ovaldi-1.0.0.tar.gz ;\ wget --no-check-certificate https://wald.intevation.org/frs/download.php/2004/ospd-w3af-1.0.0.tar.gz[/code]
# unpackfind . -name \*.gz -exec tar zxvfp {} \;
# Configure and install openvas-smb:cd openvas-smb* ;\ mkdir build ;\ cd build/ ;\ cmake .. ;\ make ;\ make doc-full ;\ make install ;\ cd /usr/local/src
# config and build librariescd openvas-libraries-* ;\ mkdir build ;\ cd build ;\ cmake .. ;\ make ;\ make doc-full ;\ make install ;\ cd /usr/local/src
# config and build scannercd openvas-scanner-* ;\ mkdir build ;\ cd build/ ;\ cmake .. ;\ make ;\ make doc-full ;\ make install ;\ cd /usr/local/src
# reload librariesldconfig
#create certopenvas-mkcert
# Sync nvt’sopenvas-nvt-sync
# Start openvassdopenvassd
# Check with ps or htop if the daemon is started. or perhaps..root@hostilehamster:/usr/local/src# watch "ps -ef | grep openvassd" root 32078 1 27 16:09 ? 00:00:36 openvassd: Reloaded 6550 of 34309 NVTs (19% / ETA: 09:10) root 32079 32078 0 16:09 ? 00:00:00 openvassd (Loading Handler) # Wait until "openvassd: Reloaded is done".. and switches to "Waiting for ingcoming..."
# config and build managercd openvas-manager-* ;\ mkdir build ;\ cd build/ ;\ cmake .. ;\ make ;\ make doc-full ;\ make install ;\ cd /usr/local/src
# get scap feedopenvas-scapdata-sync
# get cert feedopenvas-certdata-sync
# create client cert..openvas-mkcert-client -n -i
# Initialize the Databaseopenvasmd --rebuild --progress (This is going to take some time, pehaps time to get coffee?)
#create useropenvasmd --create-user=admin --role=Admin (write down the password)
# config and build clicd openvas-cli-* ;\ mkdir build ;\ cd build/ ;\ cmake .. ;\ make ;\ make doc-full ;\ make install ;\ cd /usr/local/src
# configure and install gsacd greenbone-security-assistant-* ;\ mkdir build ;\ cd build/ ;\ cmake .. ;\ make ;\ make doc-full ;\ make install ;\ cd /usr/local/src
# Start the all the stuff.openvasmd --rebuild --progress openvasmd gsad --http-only
# check installationwget https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup --no-check-certificate chmod 0755 openvas-check-setup ./openvas-check-setup --v8 --server
This should be a working default installation of OpenVas 8.
To try is out, go to http://serverip and login with Admin and your generated password.
# If you want to have pdf reports and such, you can always install:apt-get install texlive-full (this is not optimal thou, this installs a bunch of packets..)
# And some autostart script for ubuntu 14.04. and OpenVas8
# Nothing fancy, I took the init.d scripts from the debs for OpenVas5 and changed some stuff to make it work in the above setup.
# So all credits goes to the creators of the scripts that are mentioned in the scripts comments..
# This below downloads my modded init.d, default, logrotate.d scripts
# Unpack the tarball, copy the thingies to etc/
# Create the symlink to /var/log/openvas
# Create the symlinks for the autostart jobs..cd /usr/local/src wget http://www.mockel.se/wp-content/uploads/2015/04/openvas-startupscripts-v8.tar.gz tar zxvfp openvas-startupscripts-v8.tar.gz cd openvas-startupscripts-v8 cp etc/* /etc/ -arvi update-rc.d openvas-manager defaults update-rc.d openvas-scanner defaults update-rc.d greenbone-security-assistant defaults
If you have any questions, answers or anything else regarding this article..
Don’t hesitate to ask in the comments.
I plan to do a little howto install the ospd package also.. But that will be later
相关文章推荐
- mysql -server-5.6 install master and slave on ubuntu 14.04server
- how-to-install-vnc-server-on-ubuntu-14.04
- How to install VNC server on ubuntu 14.04
- install redis and used in golang on ubuntu 14.04
- OpenVas 8 on Ubuntu Server 14.04
- 【转】How to build and install PHP 5.6.9 from source on Ubuntu 14.04 VPS
- Install MySQL 5.7.5-m15 on Ubuntu Server 14.04 LTS
- Install And Configure Nagios on Ubuntu 14.04 LTS
- install and config redis on ubuntu14.04
- How To Install Elasticsearch, Logstash, and Kibana (ELK Stack) on Ubuntu 14.04
- Install Cacti on Ubuntu 14.04 Server
- Install Virtualbox and Vagrant on Ubuntu 14.04 VM
- Install Scala and SBT using apt-get on Ubuntu 14.04 or any Debian derivative using apt-get
- Install ntopng on Ubuntu 14.04 Server
- How To Install DenyHosts On Ubuntu 14.04 Server
- Install MariaDB Server 10.0 on Ubuntu 14.04 LTS ( Trusty Tahr )
- Install MySQL 5.7.5-m15 on Ubuntu Server 14.04 LTS from Source
- How to Install OpenERP Odoo 8 on Ubuntu Server 14.04 LTS
- How to Install and Use Python Pip on Ubuntu 14.04 and pip install pytz