If you go to the OpenVAS site, they only have .rpm (aka RedHat) packages and can't be used on a Debian based distro like Ubuntu. Also, as a side note, if you want to do something else with OpenVAS which I am not covering, remember that you should best follow only the Ubuntu specific instructions and when that is not possible, for the Debian Etch instructions as Ubuntu uses the "Etch" branch of Debian.
The instructions below are for use with OpenVAS v1.x and not the new beta 2.0 (will write another article later when it gets out of beta).
Firstly, you will need to add the following repositories into aptitude by editing /etc/apt/sources.list and adding the following line into the sources.list file:
deb http://apt.intevation.de/ etch openvas
You then update your Ubuntu repositories by issuing the "apt-get update" command.
You then need to download the following source codes from the OpenVAS website. Which you can find at URL http://wald.intevation.org/frs/?group_id=29
They are:
openvas-libraries 1.0.2 (not needed, a .deb installer is available in the repository)
openvas-libnasl 1.0.1
openvas-server 1.0.2
openvas-plugins 1.0.4 (if there is a newer version > 1.0.4, download that instead)
Create a sub-directory in your home directory called "~/openvas1" and move all the .tar.gz source code files into this folder.
Then, you need to install certain libraries which OpenVAS uses prior to compiling the source codes you've downloaded by issuing the command:
apt-get install openvas-client libopenvas1 libopenvas1-dev libgpgme11 libgpgme11-dev bison build-essential
!
! in Ubuntu 8.10, prior to issuing the above command, you will need to install
! some libraries which are missing in Ubuntu 8.10.
!
! Download the following .deb (libgnutls13 and libopencdk10) files from the
! hardy packages (they'll work in Ubuntu 8.10)
!
! http://packages.ubuntu.com/hardy-updates/i386/libgnutls13/download
! http://packages.ubuntu.com/hardy/i386/libopencdk10/download
!
! You can install the two .deb files by issuing the command:
!
! dpkg -i libgnutls13_2.0.4-1ubuntu2.1_i386.deb
! dpkg -i libopencdk10_0.6.6-1ubuntu1_i386.deb
!
You will then need to open the three source code files, untar them and compile them. You can do this for all three packages by typing in:
tar zxvf [filename of .tar.gz file]
cd [sub-folder of same name as .tar.gz file]
./configure
make
make install
cd ..
You will need to do the above with all three files, mainly:
openvas-libnasl-1.0.1.tar.gz
openvas-server-1.0.2.tar.gz
openvas-plugins-1.0.4.tar.gz
in the above order.
You will then need to let your linux system know about the new libraries you have just compiled before the can be used by typing in:
ldconfig -v
You then need to copy the file openvas-services from the server source code folder into the /var/lib/openvas directory by issuing the following command in a bash shell:
mkdir /var/lib/openvas
cp ~/openvas1/openvas-server-1.0.2/openvas-services /var/lib/openvas/
For the first time use of OpenVAS, you will need to create a new cert and add in the first user that can login into the OpenVAS server by running both:
openvas-mkcert
openvas-adduser
To start OpenVAS, activate the server by typing in:
openvasd -D &
And running the OpenVAS client by typing:
openvas-client
If all works well, when you run openvasd, you will see it attempt to load in all the plug-ins and in the openvas-client, connect to the openvas server.
Feel free to comment!
Note: Tested on Ubuntu 7.10, 8.04 and 8.10, and I assume you are doing all this with root access and am running the kernel in i386 (32-bit) mode.
Hi,
ReplyDeleteI'm trying to install openVAS on my ubuntu 7.10 linux box. I get to the part where I'm untarring and compiling the 3 source code files and I get the following errors at the end when running the "make" command in the openvas-libnasl-1.0.1 dir:
grep: /usr/lib/libglib-2.0.la: No such file or directory
sed: can't read /usr/lib/libglib-2.0.la: No such file or directory
libtool: link: `/usr/lib/libglib-2.0.la' is not a valid libtool archive
make[1]: *** [libopenvasnasl.la] Error 1
make[1]: Leaving directory `/home/pavlik/openvas1/openvas-libnasl-1.0.1/nasl'
make: *** [all] Error 2
Does anybody have any ideas? Looks like I need some library file?
Thanks!
@Todd:
ReplyDeleteI think you are missing a library which I missed in my blog entry as I may have already installed it earlier. Can you try typing this in a terminal:
sudo apt-get install libglib2.0-dev
Do let me know if this fixes your problem.
Thanks, yes, it did fix the problem and allowed me to successfully complete the install. I'm now trying to get a connection set up and not having any luck. I'm trying on localhost, default port 9390, with the username and password I set up (following your instructions). I believe I created the certificate correctly as well, but it just won't let me connect. Still troubleshooting...
ReplyDelete