Information, Linux Distributions, OpenSourceSoftware, OpenVAS, Ubuntu

OpenVAS 2.0 fresh from svn…

There is nothing like fresh baked software…

To play with OpenVAS 2.0 from svn on a Ubuntu Hardy/Intrepid/Jaunty host is easier than one would think. I post this, so more people can see how easy it is, and maybe get the urge to test it.
(I might have had some libs pre-installed, poke me if this doesn’t work for you…)

$ sudo aptitude install bison libglib2.0-dev subversion build-essential libgnutls-dev libpcap-dev libgpgme11-dev cmake
$ mkdir openvas ; cd openvas/
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-libraries
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-libnasl
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-server
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-plugins
$ cd openvas-libraries/ ; ./configure
$ make
$ sudo make install

$ sudo echo “include /usr/local/lib/” >> /etc/ld.so.conf
$ sudo ldconfig

$ cd ../openvas-libnasl/ ; ./configure
$ make
$ sudo make install
$ cd ../openvas-server/ ; ./configure
$ make
$ sudo make install
$ cd ../openvas-plugins/ ; ./configure
$ make
$ sudo make install

# Make a Certificate
$ /usr/local/sbin/openvas-mkcert

# Add a user
$ /usr/local/sbin/openvas-adduser

# Try out the server with:
$ sudo /usr/local/sbin/openvasd -D

You should also install Nikto to get the extra web application vulnerability tests: http://www.cirt.net/nikto/nikto-current.tar.gz
or fresh from SVN 🙂

$ cd /usr/local/
$ sudo svn co http://svn2.assembla.com/svn/Nikto_2/trunk/ nikto-trunk
$ sudo ln -s /usr/local/nikto-trunk/nikto.pl /usr/local/bin/nikto

I also got the OpenVAS client from svn. On your Linux (Ubuntu Intrepid/Jaunty) desktop:

$ sudo aptitude install subversion build-essential cmake bison libgpgme11-dev
$ mkdir openvas; cd openvas
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-libraries
$ svn co https://svn.wald.intevation.org/svn/openvas/trunk/openvas-client
$ cd openvas-libraries ; ./configure
$ make
$ sudo make install
$ sudo echo “include /usr/local/lib/” >> /etc/ld.so.conf
$ sudo ldconfig
$ cd ../openvas-client ; ./configure
$ make
$ sudo make install
# To try it out:
$ /usr/local/bin/OpenVAS-Client

And you should keep an eye out for new Network Vulnerability Tests (NVTs) from OpenVAS. You should just run openvas-nvt-sync on your OpenVAS server, and thing should get updated.

Now scan your host(s)….


Updated 1. September 2009:
* Added ‘cmake, libgpgme11-dev and openvas-libraries’ to the client install
* Added nikto from svn
* Added Jaunty

Advertisements
Standard

4 thoughts on “OpenVAS 2.0 fresh from svn…

  1. Kevin says:

    Thanks for this! The server instructions were right on.

    I tried the client instructions on a fresh install of Ubuntu 9.04 Desktop and found that I needed the openssl libraries and GTK2+. Just posting that in case it helps someone else.

    -Kevin

    Like

  2. dp says:

    I keep getting a error that states make sure your librart loader is configured properly and that openvasd is in your $PATH – When I run

    $ /usr/local/sbin/openvas-mkcert

    Any ideas?

    Like

  3. Yaggi says:

    Hi, I have a backtrack 4 final installed in my machine. Since openvas is version 2, i would like to change it to openvas 3.

    should I uninstall the version 2 and put the version 3?

    Thank you

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s