Friday, January 8, 2010

Check Ubuntu 8.04 server security using OpenVAS

Install openvas server from source in ubunutu 8.04

apt-get install build-essential libgtk2.0-dev libglib2.0-dev libssl-dev htmldoc libgnutls-dev libpcap0.8-dev bison libgpgme11-dev libsmbclient-dev snmp pnscan

add the following line to /etc/apt/sources.list

deb sid main

Install the server

apt-get install openvas-server openvas-server-dev openvas-plugins-dfsg openvas-plugins-base libopenvas2 libopenvas2-dev libopenvasnasl2 libopenvasnasl2-dev

Add your user


Update the feeds


start the server

/etc/init.d/openvas-server start

Install the client

It would ask you to upgrade php etc and hence I compiled the agent from source. The trunk is incompatible with the openvas-server provided by debian repository.

svn co openvas-client

cd openvas-client

./configure && make && make install

Running the agent in batch mode:

You can run the client to produce beautiful html with graphs using the following command line.

create a file named target with the host you want to check

cat >target

OpenVAS-Client -q localhost 9390 ovasuser mypasswd target localhost-result -T html_graph -x

The run would take around 15 minutes and you will get the results in the localhost-result directory. View the HTML files using browser.

1 comment: