Install OpenVAS on Rocky Linux 8

We are going to use Atomicorp repository to install OpenVAS on Rocky Linux 8.

OpenVAS is an open source full-featured vulnerability scanner.

Pre-requisites

We’re going to need a Rocky Linux 8 server with at least 2 CPU cores and 2GB of RAM.

Installation

For installation using Ansible, see the GitHub repository.

Disable SELinux and Reboot

OpenVAS requires SELinux to be disabled I’m afraid:

$ sudo setenforce 0
$ sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
$ sudo reboot

Verify:

$ sestatus 
SELinux status: disabled

Configure Sysctl Values

$ echo "vm.overcommit_memory=1" | sudo tee /etc/sysctl.d/10-openvas.conf
$ sudo sysctl -p /etc/sysctl.d/10-openvas.conf

Enable PowerTools Repository

$ sudo sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/Rocky-PowerTools.repo
$ sudo yum repolist

Install Atomicorp Repository

Import GPG keys:

$ sudo rpm --import https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt
$ sudo rpm --import https://www.atomicorp.com/RPM-GPG-KEY.art.txt

Setup the atomicorp repository:

$ VERSION="1.0-23"
$ sudo yum install https://updates.atomicorp.com/channels/atomic/centos/8/x86_64/RPMS/atomic-release-${VERSION}.el8.art.noarch.rpm

Install EPEL Repository

Setup the EPEL repository:

$ sudo yum install epel-release

Install gvm Package

$ sudo yum install gvm

Configure Firewall

If you use firewalld, then configure it to allow inbound traffic on TCP port 443 for HTTPS connections:

$ sudo firewall-cmd --permanent --add-service=https 
$ sudo firewall-cmd --reload

Setup OpenVAS

Note that this will take a very long time, it may be an hour or so before the setup is done.

$ sudo gvm-setup

You will be asked to set up an admin user password at the end of this.

Check OpenVAS version when setup is done:

$ openvas --version
OpenVAS 22.4.0
gvm-libs 22.4.0

Do note the following when working with systemd.

You may see port lists and scan configs empty because these are not baked into the product, but retrieved from feeds instead.

How to Reset gvm Admin Password

Use the following command if you need to reset the admin password:

$ runuser -u gvm -g gvm -- gvmd --user=admin --new-password=changeme

OpenVAS Web UI

Open a web browser and navigate to the server’s IP address, use the login credentials that you’ve set up in the previous step.

Happy vulnerability scanning.

Leave a Reply

Your email address will not be published. Required fields are marked *