This is more of a way to collect my notes than a proper article, but it may help others. What seemed like a reasonably strait-forward process had a few bumps in the road that I expect will be extremely frustrating for linux newbies. So here we go.
- Search for notes on installing OpenVAS on your specific flavor of Linux. Oh, I wish it were standard and consistent, but … nope. I used instructions for installing on CentOS 7.
- After following the directions and installing, which is generally not that hard, test your installation. It is surprisingly not that easy to figure out what to do. The “Greenbone” assistant seems to have gone through so many iterations that they forgot that new people might try to use it. This document is a soup-to-nuts tutorial, but has some screen shots on how to quickly get a scan started if you have never done it before.
- After your first successful scan of a test host, reboot your machine. Trust me, you want to do it, because tons of things may have changed that you didn’t expect, and you won’t know about it until you reboot.
- Problem 1: *sometimes* Greenbone assistant will auto-magically hijack your port 80. Yep, so all your wonderful running web site stuff is now redirected to Greenbone assistant. To make things worse, the default screen or Greenbone generates an SSL warning that would scare most people into thinking the server was hacked. I HATE that the default behavior is to redirect port 80. It shouldn’t be. DON’T PANIC. Look at this thread and this thread for some tips to turn off that horrible default behavior. Restart gsad (greenbone) to test if you fixed it. Reboot again after you fix that.
- Problem 2: After reboot, greenbone works, but scans won’t run with a “Service Not Available” error. This is of course because the OpenVAS installation doesn’t start all the required services it installed. #fail. On CentOS 7, I had to use OpenVas Check Setup command to see why my fragile installation was having problems. Ultimately I had to enable the redis and openvas-scanner services to auto-start. Greenbone auto starts, but why not the others? Because of #stupid, that’s why.
Lots of other people have lots of other problems. I wish I could help them, but alas, too many different ways for things to go wrong. Now that it is working, it seems to be running stable. Not bad, but so very fragile, and intrusive to other services. I was VERY surprised that it hijacked port 80. If that is default behavior, there should at least be a warning that it will take over port 80 so you know.
Don’t let this dissuade you from installing and playing with OpenVAS. It is worth it once you get through the annoyances and your blood pressure normalizes. Have fun!