Work Together For The Benefit Of All ManKind…

There is nothing like fresh baked software…

To play with OpenVAS 2.0 from svn on a Ubuntu Hardy/Intrepid/Jaunty host is easier than one would think. I post this, so more people can see how easy it is, and maybe get the urge to test it.
(I might have had some libs pre-installed, poke me if this doesn’t work for you…)

$ sudo aptitude install bison libglib2.0-dev subversion build-essential libgnutls-dev libpcap-dev libgpgme11-dev cmake
$ mkdir openvas ; cd openvas/
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-libraries
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-libnasl
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-server
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-plugins
$ cd openvas-libraries/ ; ./configure
$ make
$ sudo make install

$ sudo echo “include /usr/local/lib/” >> /etc/ld.so.conf
$ sudo ldconfig

$ cd ../openvas-libnasl/ ; ./configure
$ make
$ sudo make install
$ cd ../openvas-server/ ; ./configure
$ make
$ sudo make install
$ cd ../openvas-plugins/ ; ./configure
$ make
$ sudo make install

# Make a Certificate
$ /usr/local/sbin/openvas-mkcert

# Add a user
$ /usr/local/sbin/openvas-adduser

# Try out the server with:
$ sudo /usr/local/sbin/openvasd -D

You should also install Nikto to get the extra web application vulnerability tests: http://www.cirt.net/nikto/nikto-current.tar.gz
or fresh from SVN

$ cd /usr/local/
$ sudo svn co http://svn2.assembla.com/svn/Nikto_2/trunk/ nikto-trunk
$ sudo ln -s /usr/local/nikto-trunk/nikto.pl /usr/local/bin/nikto

I also got the OpenVAS client from svn. On your Linux (Ubuntu Intrepid/Jaunty) desktop:

$ sudo aptitude install subversion build-essential cmake bison libgpgme11-dev
$ mkdir openvas; cd openvas
$ svn checkout https://svn.wald.intevation.org/svn/openvas/trunk/openvas-libraries
$ svn co https://svn.wald.intevation.org/svn/openvas/trunk/openvas-client
$ cd openvas-libraries ; ./configure
$ make
$ sudo make install
$ sudo echo “include /usr/local/lib/” >> /etc/ld.so.conf
$ sudo ldconfig
$ cd ../openvas-client ; ./configure
$ make
$ sudo make install
# To try it out:
$ /usr/local/bin/OpenVAS-Client

And you should keep an eye out for new Network Vulnerability Tests (NVTs) from OpenVAS. You should just run openvas-nvt-sync on your OpenVAS server, and thing should get updated.

Now scan your host(s)….

—
Updated 1. September 2009:
* Added ‘cmake, libgpgme11-dev and openvas-libraries’ to the client install
* Added nikto from svn
* Added Jaunty

OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.

OpenVAS products are Free Software under GNU GPL and a fork of Nessus.

The above is much cut and paste from the OpenVAS website. I’m writing this blog post because I have talked to many security professionals that miss-like that Nessus went closed source, and dont know about the OpenVAS fork.

OpenVAS-Server is a forked development of Nessus 2.2. The fork happened because the major development (Nessus 3) changed to a proprietary license model and the development of Nessus 2.2.x is practically closed for third party contributors. OpenVAS continues as Free Software under the GNU General Public License with a transparent and open development style.

And that is what we like, right?