The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.
Difference between revisions of "Package:OpenVAS"
| Line 2: | Line 2: | ||
|Summary=OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. | |Summary=OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. | ||
|CatPkg=net-analyzer/openvas | |CatPkg=net-analyzer/openvas | ||
|Homepage=http://www.openvas.org | |||
}} | }} | ||
| Line 56: | Line 57: | ||
timeout 0 | timeout 0 | ||
}} | }} | ||
== Check your Installation, Settings and Start Services == | == Check your Installation, Settings and Start Services == | ||
Check you Install Settings with default utility: | Check you Install Settings with default utility: | ||
| Line 63: | Line 62: | ||
###i## openvas-check-setup --v8 | ###i## openvas-check-setup --v8 | ||
}} | }} | ||
Check your | Check your service settings | ||
{{console|body= | {{console|body= | ||
###i## nano /etc/conf.d/openvassd | ###i## nano /etc/conf.d/openvassd | ||
| Line 70: | Line 69: | ||
}} | }} | ||
{{console|body= | |||
###i##/etc/init.d/openvasmd start | |||
###i##/etc/init.d/gsad start | |||
}} | |||
== Good Practices to Install and expand your OpenVas Setting == | == Good Practices to Install and expand your OpenVas Setting == | ||
Set a Password Policy for OpenVas: | Set a Password Policy for OpenVas: | ||
Revision as of 22:01, December 7, 2015
OpenVAS
We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.
Install
To install openvas, emerge it:
root # emerge openvas
Configure
Create a certificate for the server, choosing the default values if desired:
root # openvas-mkcert
Create a client certificate::
root # openvas-mkcert-client -n -i
Update the plugins and vulnerability data:
root # openvas-nvt-sync root # openvas-scapdata-sync root # openvas-certdata-sync
Start OpenvVas Scanner (Required for next steps):
root # /etc/init.d/openvassd start
This step can load for few minutes, use ps aux to check when done (Waiting for incoming connections) :
root # ps aux
Initializing OpenVas Manager Database:
root # /usr/sbin/openvasmd --rebuild --progress
Add an administrator user account:
root # openvasmd --create-user=admin --role=Admin root # openvasmd --user=admin --new-password=your_new_password
Configure Redis (Required Since OpenVas Manager 6)
Configure redis as perscribed by the OpenVAS redis configuration. In summary, amend the following to your /etc/redis.conf
unixsocket /tmp/redis.sock port 0 timeout 0
Check your Installation, Settings and Start Services
Check you Install Settings with default utility:
root # openvas-check-setup --v8
Check your service settings
root # nano /etc/conf.d/openvassd root # nano /etc/conf.d/openvasmd root # nano /etc/conf.d/gsad
root #/etc/init.d/openvasmd start root #/etc/init.d/gsad start
Good Practices to Install and expand your OpenVas Setting
Set a Password Policy for OpenVas:
root # nano /etc/openvas/pwpolicy.conf
Enable NVT signature checking: See http://www.openvas.org/trusted-nvts.html
Install RPM and Alien (for LSC credential package generation support on target systems):
root # emerge app-arch/alien app-arch/rpm
Install Haveged entropy (for speed up some actions):
root # emerge sys-apps/haveged root # rc-update add haveged defaul root # /etc/init.d/haveged start