OpenVAS 9从源码安装到使用(填坑铺路)
2016-12-16 16:01
726 查看
直接写了一个python脚本来安装以下的步骤和检查版本,包括nmap5.51和redis(2016-12-27)
https://github.com/SuperSuperSuperSuper5/openvas9-check-depends我是先从openvas-libraries-9.0.0这个包开始的
安装顺序呢是根据那个Openvas官网上那个列表的顺序的,其实从哪个开始都无所谓,但是包太多,为了知道哪个包没有装,我决定还是安装官网上的那个源码包从上到下的安装。
首先我们看一下他的
INSTALL文件
截取的一段
General build environment: * a C compiler (e.g. gcc) * bison * flex * cmake >= 2.8 * pkg-config
基础build环境
这个大家都看得懂我就不翻译了,我们先来check一下吧,我这个刚刚装好热乎乎的虚拟机,所以基本啥都没有,here we go
我们先装一下编译器,这里使用的是gcc
sudo apt-get install gcc, flex, cmake pkg-config
一步到位
然后我们继续看INSTALL
Specific development libraries: * libglib >= 2.32 * libgnutls >= 3.2.15 * libgcrypt * zlib * libpcap * libgpgme >= 1.1.2 * uuid-dev (from e2fsprogs) * libssh >= 0.5.0 * libhiredis >= 0.10.1 * libksba >= 1.0.7
特殊开发环境
好嘛,我们一个一个来检查我们的环境富不符合要求
第一个是
libglib
不过它这里写的是名称而不是版本号,所以为了得到版本号,我们可以这样
sudo apt-cache search libglib
当然你也可以用
sudo aptitude search libglib
aptitude出来的结果更具体一点
hero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ sudo apt-cache search libglib libglib2.0-0 - GLib library of C routines libglib2.0-0-dbg - Debugging symbols for the GLib libraries libglib2.0-bin - Programs for the GLib library libglib2.0-cil - CLI binding for the GLib utility library 2.12 libglib2.0-cil-dev - CLI binding for the GLib utility library 2.12 libglib2.0-data - Common files for GLib library libglib2.0-dev - Development files for the GLib library libglib2.0-doc - Documentation files for the GLib library libglibmm-2.4-1v5 - C++ wrapper for the GLib toolkit (shared libraries) libglibmm-2.4-dbg - C++ wrapper for the GLib toolkit (debug symbols) libglibmm-2.4-dev - C++ wrapper for the GLib toolkit (development files) libglibmm-2.4-doc - C++ wrapper for the GLib toolkit (documentation) libglib-object-introspection-perl - Perl bindings for gobject-introspection libraries libglib-perl - interface to the GLib and GObject libraries libglib2.0-0-refdbg - GLib library of C routines - refdbg library libglib2.0-tests - GLib library of C routines - installed tests libglib3.0-cil - CLI binding for the GLib library of C routines libglib3.0-cil-dev - CLI binding for the GLib utility library 2.12
如果没装的同学直接装一下,装第一个就行,一般都有预装了的,除非你是邪教Arch,然后我们check版本
aptitude show libglib2.0-0
hero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude show libglib2.0-0 Package: libglib2.0-0 State: installed Automatically installed: no Multi-Arch: same Version: 2.48.1-1~ubuntu16.04.1 Priority: standard Section: libs Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> Architecture: amd64 Uncompressed Size: 5,081 k Depends: libc6 (>= 2.17), libffi6 (>= 3.0.4), libpcre3, libselinux1 (>= 1.32), zlib1g (>= 1:1.2.2) Recommends: libglib2.0-data, shared-mime-info, xdg-user-dirs Breaks: glib-networking (< 2.33.12), glib-networking:i386 (< 2.33.12), libgnome-desktop-3-2 (< 3.4.2-2), python-gi (< 3.7.2), python-gi:i386 (< 3.7.2), libglib2.0-0:i386 (!= 2.48.1-1~ubuntu16.04.1) Replaces: libglib2.0-0:i386 (< 2.48.1-1~ubuntu16.04.1) Description: GLib library of C routines GLib is a library containing many useful C routines for things such as trees, hashes, lists, and strings. It is a useful general-purpose C library used by projects such as GTK+, GIMP, and GNOME. This package contains the shared libraries. Homepage: http://www.gtk.org/[/code]
看到Version: 2.48.1-1~ubuntu16.04.1
这一行然后我们去看看要求是libglib >= 2.32
ok,符合了
继续hero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude search libgnutls p libgnutls-dev - GNU TLS library - development files p libgnutls-dev:i386 - GNU TLS library - development files v libgnutls-openssl-dev - v libgnutls-openssl-dev:i386 - i libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper p libgnutls-openssl27:i386 - GNU TLS library - OpenSSL wrapper p libgnutls28-dev - dummy transitional package for GNU TLS library - devel p libgnutls28-dev:i386 - dummy transitional package for GNU TLS library - devel i libgnutls30 - GNU TLS library - main runtime library i libgnutls30:i386 - GNU TLS library - main runtime library p libgnutlsxx28 - GNU TLS library - C++ runtime library p libgnutlsxx28:i386 - GNU TLS library - C++ runtime library
p代表就是没有安装,我们安装一下就行sudo apt-get install libgnutls-devhero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude show libgnutls-dev Package: libgnutls-dev State: installed Automatically installed: no Multi-Arch: same Version: 3.4.10-4ubuntu1.1 Priority: optional Section: libdevel Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> Architecture: amd64 Uncompressed Size: 3,056 k Depends: libgnutls30 (= 3.4.10-4ubuntu1.1), libgnutls-openssl27 (= 3.4.10-4ubuntu1.1), libgnutlsxx28 (= 3.4.10-4ubuntu1.1), nettle-dev, libc6-dev | libc-dev, zlib1g-dev, libtasn1-6-dev, libp11-kit-dev, libidn11-dev (>= 1.31) Suggests: gnutls-doc, gnutls-bin, guile-gnutls Conflicts: gnutls-dev, gnutls-dev:i386 Breaks: libgnutls-dev:i386 (!= 3.4.10-4ubuntu1.1) Replaces: gnutls-dev, gnutls-dev:i386, libgnutls-dev:i386 (< 3.4.10-4ubuntu1.1) Provides: gnutls-dev, libgnutls-openssl-dev Description: GNU TLS library - development files GnuTLS is a portable library which implements the Transport Layer Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security (DTLS 1.0, 1.2) protocols. GnuTLS features support for: * TLS extensions: server name indication, max record size, opaque PRF input, etc. * authentication using the SRP protocol. * authentication using both X.509 certificates and OpenPGP keys. * TLS Pre-Shared-Keys (PSK) extension. * Inner Application (TLS/IA) extension. * X.509 and OpenPGP certificate handling. * X.509 Proxy Certificates (RFC 3820). * all the strong encryption algorithms (including SHA-256/384/512 and Camellia (RFC 4132)). This package contains the GnuTLS development files. Homepage: http://www.gnutls.org/[/code]
看到这一行说明也是符合的Version: 3.4.10-4ubuntu1.1
继续hero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude search libgcrypt v libgcrypt-dev - v libgcrypt-dev:i386 - p libgcrypt11-dev - transitional libgcrypt11-dev package i libgcrypt20 - LGPL Crypto library - runtime library i libgcrypt20:i386 - LGPL Crypto library - runtime library p libgcrypt20-dev - LGPL Crypto library - development files p libgcrypt20-dev:i386 - LGPL Crypto library - development files p libgcrypt20-doc - LGPL Crypto library - documentation
除了i以为,都是没安装的,所以安装呗sudo apt-get install libgcrypt-dev
这个包不要求版本,我们继续
下一个zlibhero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude search zlib p clisp-module-zlib - clisp module that adds zlib support for vectors p clisp-module-zlib:i386 - clisp module that adds zlib support for vectors p erlang-p1-zlib - erlang interface to zlib p erlang-p1-zlib:i386 - erlang interface to zlib p gambas3-gb-compress-bzlib2 - Gambas bzlib2 component p gambas3-gb-compress-bzlib2:i386 - Gambas bzlib2 component p gambas3-gb-compress-zlib - Gambas zlib compression component p gambas3-gb-compress-zlib:i386 - Gambas zlib compression component p gauche-zlib - zlib binding for Gauche p gauche-zlib:i386 - zlib binding for Gauche v haskell-zlib-doc - p libcompress-raw-zlib-perl - low-level interface to zlib compression library p libcompress-raw-zlib-perl:i386 - low-level interface to zlib compression library v libcompress-zlib-perl - v libcompress-zlib-perl:i386 - p libghc-bzlib-dev - Haskell bindings to the bzip2 library p libghc-bzlib-dev:i386 - Haskell bindings to the bzip2 library v libghc-bzlib-dev-0.5.0.5-38977 - v libghc-bzlib-dev-0.5.0.5-b1e77:i386 - p libghc-bzlib-doc - Documentation for the Haskell bindings to the bzip2 li p libghc-bzlib-prof - Profiling libraries for the Haskell bindings to the bz p libghc-bzlib-prof:i386 - Profiling libraries for the Haskell bindings to the bz v libghc-bzlib-prof-0.5.0.5-38977 - v libghc-bzlib-prof-0.5.0.5-b1e77:i386 - p libghc-pipes-zlib-dev - Zlib compression and decompression for Pipes streams p libghc-pipes-zlib-dev:i386 - Zlib compression and decompression for Pipes streams v libghc-pipes-zlib-dev-0.4.0.1-3c90f:i386 - v libghc-pipes-zlib-dev-0.4.0.1-4740a - p libghc-pipes-zlib-doc - Zlib compression and decompression for Pipes streams; p libghc-pipes-zlib-prof - Zlib compression and decompression for Pipes streams; p libghc-pipes-zlib-prof:i386 - Zlib compression and decompression for Pipes streams; v libghc-pipes-zlib-prof-0.4.0.1-3c90f:i386 - v libghc-pipes-zlib-prof-0.4.0.1-4740a - p libghc-zlib-bindings-dev - low-level bindings to zlib p libghc-zlib-bindings-dev:i386 - low-level bindings to zlib v libghc-zlib-bindings-dev-0.1.1.5-2b461:i386 - v libghc-zlib-bindings-dev-0.1.1.5-c36e1 - p libghc-zlib-bindings-doc - low-level bindings to zlib; documentation p libghc-zlib-bindings-prof - low-level bindings to zlib; profiling libraries p libghc-zlib-bindings-prof:i386 - low-level bindings to zlib; profiling libraries v libghc-zlib-bindings-prof-0.1.1.5-2b461:i38 - v libghc-zlib-bindings-prof-0.1.1.5-c36e1 - p libghc-zlib-dev - Compression and decompression in the gzip and zlib for p libghc-zlib-dev:i386 - Compression and decompression in the gzip and zlib for v libghc-zlib-dev-0.6.1.1-15b43 - v libghc-zlib-dev-0.6.1.1-2fdeb:i386 - p libghc-zlib-doc - Compression and decompression in the gzip and zlib for p libghc-zlib-enum-dev - enumerator interface for zlib compression p libghc-zlib-enum-dev:i386 - enumerator interface for zlib compression v libghc-zlib-enum-dev-0.2.3.1-51aa9:i386 - v libghc-zlib-enum-dev-0.2.3.1-54a11 - p libghc-zlib-enum-doc - enumerator interface for zlib compression; documentati p libghc-zlib-enum-prof - enumerator interface for zlib compression; profiling l p libghc-zlib-enum-prof:i386 - enumerator interface for zlib compression; profiling l v libghc-zlib-enum-prof-0.2.3.1-51aa9:i386 - v libghc-zlib-enum-prof-0.2.3.1-54a11 - p libghc-zlib-prof - Compression and decompression in the gzip and zlib for p libghc-zlib-prof:i386 - Compression and decompression in the gzip and zlib for v libghc-zlib-prof-0.6.1.1-15b43 - v libghc-zlib-prof-0.6.1.1-2fdeb:i386 - v libio-compress-zlib-perl - v libio-compress-zlib-perl:i386 - v libio-zlib-perl - p libjzlib-java - Java Zlib implementation p lua-zlib - zlib library for the Lua language p lua-zlib:i386 - zlib library for the Lua language p lua-zlib-dev - zlib development files for the Lua language p lua-zlib-dev:i386 - zlib development files for the Lua language v lua5.1-zlib - v lua5.1-zlib:i386 - v lua5.1-zlib-dev - v lua5.1-zlib-dev:i386 - v lua5.2-zlib - v lua5.2-zlib:i386 - v lua5.2-zlib-dev - v lua5.2-zlib-dev:i386 - p node-zlib - zlib bindings for node.js p node-zlib:i386 - zlib bindings for node.js p zlib-gst - Zlib bindings for GNU Smalltalk p zlib-gst:i386 - Zlib bindings for GNU Smalltalk i zlib1g - compression library - runtime i zlib1g:i386 - compression library - runtime p zlib1g-dbg - compression library - development p zlib1g-dbg:i386 - compression library - development i A zlib1g-dev - compression library - development p zlib1g-dev:i386 - compression library - development v zlib1g:i386 - p zlibc - An on-fly auto-uncompressing C library p zlibc:i386 - An on-fly auto-uncompressing C library
主要就是两个包zliblg zliblg-dev
看aptitude中都已经安装了,继续hero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude search libpcap p libpcap-dev - development library for libpcap (transitional package) i libpcap0.8 - system interface for user-level packet capture p libpcap0.8:i386 - system interface for user-level packet capture p libpcap0.8-dbg - debugging symbols for libpcap0.8 p libpcap0.8-dbg:i386 - debugging symbols for libpcap0.8 p libpcap0.8-dev - development library and header files for libpcap0.8 p libpcap0.8-dev:i386 - development library and header files for libpcap0.8 p libpcapnav0 - wrapper to libpcap that allows arbitrary navigation p libpcapnav0:i386 - wrapper to libpcap that allows arbitrary navigation p libpcapnav0-dev - development files for libpcapnav p libpcapnav0-dev:i386 - development files for libpcapnav p python-libpcap - Python wrapper for libpcap packet capture library p python-libpcap:i386 - Python wrapper for libpcap packet capture library v python2.7-libpcap - v python2.7-libpcap:i386 -
这次我们安装libcap
libcap显示是p未安装状态sudo apt-get install libpcap-dev
安装一下就好
下面我们继续安装libgpgmehero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude search libgpgme p libgpgme++2v5 - c++ wrapper library for gpgme p libgpgme++2v5:i386 - c++ wrapper library for gpgme i libgpgme11 - GPGME - GnuPG Made Easy (library) p libgpgme11:i386 - GPGME - GnuPG Made Easy (library) p libgpgme11-dev - GPGME - GnuPG Made Easy (development files) p libgpgme11-dev:i386 - GPGME - GnuPG Made Easy (development files)hero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ sudo apt-cache search libgpgme libgpgme11 - GPGME - GnuPG Made Easy (library) libgpgme11-dev - GPGME - GnuPG Made Easy (development files) libgpgme++2v5 - c++ wrapper library for gpgme
然后我们看到aptitude中libgpgme-dev的状态是p
所以安装一下devsudo apt-get install libgpgme11-devhero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude show libgpgme11-dev Package: libgpgme11-dev State: installed Automatically installed: no Version: 1.6.0-1 Priority: optional Section: libdevel Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> Architecture: amd64 Uncompressed Size: 1,408 k Depends: libassuan-dev, libc6-dev, libgpg-error-dev, libgpgme11 (= 1.6.0-1) Conflicts: libgpgme-dev, libgpgme10-dev, libgpgme11-dev:i386 Description: GPGME - GnuPG Made Easy (development files) GPGME is a wrapper library which provides a C API to access some of the GnuPG functions, such as encrypt, decrypt, sign, verify, ... This package contains the headers and other files needed to compile against this library. Homepage: https://www.gnupg.org/related_software/gpgme/[/code]Version: 1.6.0-1
符合要求
然后继续检查lib
uuid-devhero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude search uuid-dev p golang-github-nu7hatch-gouuid-dev - pure Go UUID implementation as specified in RFC 4122 p golang-github-pborman-uuid-dev - Go bindings to work with UUIDs p golang-uuid-dev - Transitional package for golang-github-pborman-uuid-de p libghc-uuid-dev - create, compare, parse and print Universally Unique Id p libghc-uuid-dev:i386 - create, compare, parse and print Universally Unique Id v libghc-uuid-dev-1.3.11-be09e - v libghc-uuid-dev-1.3.11-e0983:i386 - p libossp-uuid-dev - OSSP uuid ISO-C and C++ - headers and static libraries p libossp-uuid-dev:i386 - OSSP uuid ISO-C and C++ - headers and static libraries p uuid-dev - Universally Unique ID library - headers and static lib p uuid-dev:i386 - Universally Unique ID library - headers and static lib
显示未安装sudo apt-get install uuid-dev
下面检查libsshhero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude search libssh p libssh-4 - tiny C SSH library (OpenSSL flavor) p libssh-4:i386 - tiny C SSH library (OpenSSL flavor) p libssh-dbg - tiny C SSH library. Debug symbols p libssh-dbg:i386 - tiny C SSH library. Debug symbols p libssh-dev - tiny C SSH library. Development files (OpenSSL flavor) p libssh-dev:i386 - tiny C SSH library. Development files (OpenSSL flavor) p libssh-doc - tiny C SSH library. Documentation files p libssh-gcrypt-4 - tiny C SSH library (gcrypt flavor) p libssh-gcrypt-4:i386 - tiny C SSH library (gcrypt flavor) p libssh-gcrypt-dev - tiny C SSH library. Development files (gcrypt flavor) p libssh-gcrypt-dev:i386 - tiny C SSH library. Development files (gcrypt flavor) i A libssh2-1 - SSH2 client-side library p libssh2-1:i386 - SSH2 client-side library p libssh2-1-dbg - SSH2 client-side library (debug package) p libssh2-1-dbg:i386 - SSH2 client-side library (debug package) p libssh2-1-dev - SSH2 client-side library (development headers) p libssh2-1-dev:i386 - SSH2 client-side library (development headers) p python-libssh2 - Python binding for libssh2 library p python-libssh2:i386 - Python binding for libssh2 library v python2.7-libssh2 - v python2.7-libssh2:i386 -
可以看到libssh2-1已经安装了但是libssh2-1-dev没装
检查版本hero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude show libssh2-1 Package: libssh2-1 State: installed Automatically installed: yes Multi-Arch: same Version: 1.5.0-2 Priority: optional Section: universe/libs Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> Architecture: amd64 Uncompressed Size: 273 k Depends: libc6 (>= 2.14), libgcrypt20 (>= 1.6.1), zlib1g (>= 1:1.1.4) PreDepends: multiarch-support Breaks: libssh2-1:i386 (!= 1.5.0-2) Replaces: libssh2-1:i386 (< 1.5.0-2) Description: SSH2 client-side library libssh2 is a client-side C library implementing the SSH2 protocol. It supports regular terminal, SCP and SFTP (v1-v5) sessions; port forwarding, X11 forwarding; password, key-based and keyboard-interactive authentication. This package contains the runtime library. Homepage: http://libssh2.org/[/code]
version符合要求
然后我们装dev包sudo apt-get install libssh2-1-dev
现在检查libhiredishero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude search libhiredis p libhiredis-dbg - minimalistic C client library for Redis (debug) p libhiredis-dbg:i386 - minimalistic C client library for Redis (debug) p libhiredis-dev - minimalistic C client library for Redis (development f p libhiredis-dev:i386 - minimalistic C client library for Redis (development f p libhiredis0.13 - minimalistic C client library for Redis p libhiredis0.13:i386 - minimalistic C client library for Redis
装吧sudo aptitude install libhiredis-dev
检查版本hero@hero-VirtualBox ~/Documents/openvas9/openvas-libraries-9.0.0 $ aptitude show libhiredis-devPackage: libhiredis-dev State: installed Automatically installed: no Multi-Arch: same Version: 0.13.3-2 Priority: optional Section: universe/libdevel Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> Architecture: amd64 Uncompressed Size: 167 k Depends: libhiredis0.13 (= 0.13.3-2) Breaks: libhiredis-dev:i386 (!= 0.13.3-2) Replaces: libhiredis-dev:i386 (< 0.13.3-2) Description: minimalistic C client library for Redis (development files) Hiredis is a minimalistic C client library for the Redis database. It is minimalistic because it just adds minimal support for the protocol, but at the same time it uses an high level printf-alike API in order to make it much higher level than otherwise suggested by its minimal code base and the lack of explicit bindings for every Redis command. Apart from supporting sending commands and receiving replies, it comes with a reply parser that is decoupled from the I/O layer. It is a stream parser designed for easy reusability, which can for instance be used in higher level language bindings for efficient reply parsing. Hiredis only supports the binary-safe Redis protocol, so you can use it with any Redis version >= 1.2.0. The library comes with multiple APIs. There is the synchronous API, the asynchronous API and the reply parsing API. This package provides the development files for hiredis. Homepage: https://github.com/redis/hiredis[/code]
符合的
检查
libksba
这个与上面相同,没有,安装吧sudo apt-get install libksba-dev
然后检查下一个文档构建的东西Prerequisites for building documentation: * doxygen * xmltoman (optional, for building man page) * sqlfairy (optional, for producing database diagram)
一样的办法找,如果没装那就装一下
废话我就不写了哈哈哈,大家把这些个依赖啥的安装检查安装完毕之后
大家把剩余的这些自己检查一下Prerequisites for building documentation: * doxygen * xmltoman (optional, for building man page) * sqlfairy (optional, for producing database diagram)
Recommended to have WMI support:
* openvas-smb >= 1.0.1
Recommended to have improved SNMP support:
* netsnmp
Recommended to have LDAP support:
* libldap >= 2.4.11
(LDAP can be disabled with -DBUILD_WITHOUT_LDAP=1)
Recommended to have RADIUS support:
* libfreeradius-client >= 1.1.6
(RADIUS can be enabled with -DBUILD_WITH_RADIUS=1)
然后最后还有一个Install prerequisites on Debian GNU/Linux 'Jessie' 8: # apt-get install dpkg-dev pkg-config libssh-dev libgnutls28-dev libglib2.0-dev \ libpcap-dev libgpgme11-dev uuid-dev bison libksba-dev libhiredis-dev \ libsnmp-dev libgcrypt20-dev libldap2-dev
也就是sudo apt-get install dpkg-dev pkg-config libssh-dev libgnutls28-dev libglib2.0-dev libpcap-dev libgpgme11-dev uuid-dev bison libksba-dev libhiredis-dev libsnmp-dev libgcrypt20-dev libldap2-dev
然后我们开始把lib迁移到他该有的地方,不迁移也可以,就怕以后不小心改到了哈哈哈
然后我们创建一个build目录mkdir build(此时我们在openvas-libvariy9.0.0目录下) cd build
然后执行cmakecmake ..
然后make # build the libraries make doc # build the documentation make doc-full # build more developer-oriented documentation sudo make install # install the build make rebuild_cache # rebuild the cmake cache
执行这些
然后openvas9-lib就安装完了
我们下一步进行安装Scanner 5.1.0
依旧是检查包,这个就不重复了
然后进去Scanner的目录mkdir build cd buildcmake ..
依旧是make # build the libraries make doc # build the documentation make doc-full # build more developer-oriented documentation sudo make install # install the build make rebuild_cache # rebuild the cmake cache
然后是安装Manager 7.0.0
这里要查看一个我们以前没有检查过的glibaptitude search glib
然后发现glib其实就是我们之前的libglib
还有一个libsqlite3也要查查sudo apt-get install libsqlite3-dev libpq-dev
这里我们还要装一个这个sudo apt-get install xsltproc
不然没法make doc
还是没法make doc
还缺这个sudo apt-get install libgd-gd2-perl
然后就可以了
然后依旧是make doc-full
这里要用root来makesudo make doc-full
才可以的
然后安装方法以及是sudo make install
下面我们安装 Greenbone Security Assistant (GSA) 7.0.0
这是缺的几个库sudo apt-get install python-polib ibmicrohttpd-dev libxml2-dev libxslt1-dev
然后依旧是老方法
下面 Commandline Interface (CLI) 1.4.5
openvas-cli-1.4.5
这里需要一个这个sudo apt-get install clang-3.8 libclang1-3.8
然后安装 openvas-smb 1.0.2
需要这几个sudo apt-get install gcc-mingw-w64 libgnutls-dev perl-base heimdal-dev heimdal-multidev libpopt-dev libglib2.0-dev
现在一般都是64位系统了,如果 你32的sudo apt-get install gcc-mingw32 libgnutls-dev perl-base heimdal-dev heimdal-multidev libpopt-dev libglib2.0-dev
然后我们安装 OSPd 1.2.0sudo apt-get install python-setuptools python-paramiko
然后就直接装了sudo python setup.py install
默认是安装在/usr/local/下,如果要自己改安装目录参考INSTALL文件
剩下的也是直接用setup.py安装就行
安装完后,我们还要继续做
启动redisredis-server
同步漏洞库sudo greenbone-nvt-sync
openvas-manager 重新buildsudo openvasmd --rebuild
这一步的时间有点长,大概有个好几十分钟,我也没注意看,反正不是马上就会好的,大家耐心一点
然后我们创建一个用户sudo openvasmd --create-user=<username> --role=Admin
然后改密码sudo openvasmd --user=<username> --new-password=12345
然后我们同步一下其他数据sudo greenbone-scapdata-sync
这一步是最费时间的。。。好多的数据,从2002年到如今的,好多的
然后还得继续同步数据sudo greenbone-certdata-sync
这几个同步数据的可执行文件都放在/usr/local/sbin/下面
然后我们还要安装一个叫certtool的玩意
但是这东西在任何地方都搜不到源码安装包啥的
我们这样安装sudo apt install gnutls-bin
任何再用这个check一个安装好没有certtool -h
如果出现帮助信息说明安装好了
然后继续安装证书sudo openvas-manage-certs -a
然后我们开一个窗口打开openvasmdsudo openvasmd
然后也是一样的找个窗口开启gsadsudo gsad
然后为了扩展功能我们要安装一个nmapsudo apt-get install nmap
但是这里有个问题,我们现在源里有的nmap不是他要求的5.51的(2016.12.20)WARNING: Your version of nmap is not fully supported: 7.31 SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.
我们还得从官网下5.51的来编译安装
(“▔□▔)额
nmap官网
找到download page然后下载就行了
直接wget命令wget https://nmap.org/dist/nmap-5.51.tar.bz2[/code]
解压命令有点奇葩哈哈bzip2 -cd nmap-5.51.tar.bz2 | tar xvf -
然后依旧老规矩./configure make sudo make install
然后依旧是安装sudo apt install texlive-latex-base
上面这一步是为了这个warning的提示WARNING: Could not find pdflatex binary, the PDF report format will not work. SUGGEST: Install pdflatex.
pdflatex是没有这个安装包的,我们安装texlive-latex-base就行了
这个包有100M多。。。
然后安装rpmsudo apt install rpm
然后继续安装,缺啥装啥sudo apt install nsis
还是继续装sudo apt-get install texlive-full
他说这个pdflatex缺少latex组件 o( ̄ヘ ̄o#)握拳!
还不指定缺哪个。。。
我们最后可以把这个openvas-check软件铐到本地
用来检查openvas有没有安装好了
注:
链接地址可能以后会变动,请大家上openvas的官网找到openvas-check-setup自行下载(2016.12.19)wget https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup[/code]chmod +x openvas-check-setupsudo ./openvas-check-setup --v9--v9
说明我们的版本是9的版本,最好这里指明版本号,以免不必要的麻烦
如果check都没问题了,那说明装好了
然后我们打开浏览器直接输入localhost
这就出来了
下一次启动的时候
启动redisredis-server /etc/myredis.conf
说道redis时候,这里有个坑,就是如果你用openvas-check-setup,然后报错说是redis-server is not running or bound in /tmp/redis.sock,然后这个错误我是没法从源下载的redis-server解决的,解决办法是从redis官网下载redis的源码包自己编译安装,然后她源码包里面有个redis.conf,记住这个redis.conf,你把他拷到/etc/下或者哪里,然后里面有个unix sock的选项, 你把他的注释去掉,然后启动的时候指定配置文件,就像我刚刚上面那个命令一样,如果嫌redis的输出不好看,你可以试试用screen命令来让它在后台运行,或者加&也行redis-server /etc/myredis.conf &
但是这样你看不见redis的输出也是很麻烦的,建议还是screen命令
先用screen创建一个叫redis的窗口进程screen -S redis
然后现在你就马上切换到这个窗口了
然后在运行redis
最后按住ctrl依次按AD,注意是依次,然后就切换会原来的界面了,redis就在刚刚那个窗口在跑着,如果想回到那个窗口screen -r redis
如果想杀死这个窗口,切换到这个窗口后直接ctrl+D一直按,按到窗口切换会原来
然后启动其他的sudo openvassd sudo openvasmd sudo gsad
这里有个小脚本openvas_start.sh,启动openvas的#!/bin/bash # This script mush run as root redis-server /etc/myredis.conf if [$? -ne 0]; then echo "redis-server have NOT started" exit 1 openvasssd if [$? -ne 0]; then echo "openvassd have NOT started" exit 1 openvasmd if [$? -ne 0]; then echo "openvasmd have NOT started" exit 1 gsad if [$? -ne 0]; then echo "gsad have NOT started" exit 1 echo "Openvas9 is ok now"
直接用加一个权限然后sudo来run就行了chmod +x openvas_start.sh sudo ./opevas_start.sh
每次重启机子后都有启动openvas一遍,直接用这个脚本或者手输命令行就行
相关文章推荐
- 使用TAR源码包安装程序
- Tcpreplay3.x的安装、使用和源码分析
- RHEL4上安装基于postfix的全功能邮件服务器(全部使用目前最新源码包构建)(1)
- RHEL4上安装基于postfix的全功能邮件服务器(全部使用目前最新源码包构建) (2)
- 使用DotNetNuke(DNN)源码安装
- Ubuntu9。04下使用源码安装apache
- dnn源码安装使用应注意的问题(写的很简单)
- 使用源码分发版安装MySQL
- Linux平台使用源码安装MySQL 5.1到个人目录简易指南
- Linux下使用源码编译安装软件
- 在ubuntu下使用源码包安装mysql
- 在centos 6 64位下使用源码编译安装svn 1.7
- Ubuntu下MySql源码包安装、配置和使用
- Ubuntu下使用源码文件安装软件(二)
- 用shell部署lamp,使用源码包安装
- 将源码包安装的服务,加入系统服务,可以使用service开启和关闭
- 如何使用源码安装新版本的http服务
- 使用源码包在龙芯2F上安装mysql
- Mysql安装过程--使用源码安装 & 常用命令
- 使用脚本进行LAMP架构源码编译安装(经多次测试可行) 推荐