How to install free Openvas vulnerability scanner using package manager along with troubleshooting
Let’s learn another alternative way to install openvas. This time I choose to install it via package manager and share with you the findings. Here some challenge’s I faced during the installation phase and solved it. Let’s begin.
apt update && apt upgrade -y
apt install openvas
gvm-setup
Once you give the gvm-setup command then you will face some error like below image.
When i gave ls /etc/postgresql/ then i found following directories. 12, 13, 15, 16. You should only keep 16 and rest of others you need to disable or remove.
Here is how to do it. Don’t confuse by seeing the above screenshot totally. That’s just my mistakes :)
First you need to stop the postgresql service:
systemctl stop postgresql.service
Then type below commands one by one:
/usr/bin/pg_dropcluster --stop 12 main
/usr/bin/pg_dropcluster --stop 13 main
/usr/bin/pg_dropcluster --stop 15 main
Then you need to open postgresql.conf file of version 16 and change the port to 5432, and then restart the service:
vim /etc/postgresql/16/main/postgresql.conf
systemctl restart postgresql
Alternative way:
Say you found postgresql’s three version’s 13, 15 and 16 are installed and you want to remove 13 and 15 because that’s obsolete. You want to only keep 16.
psql --version (To check the current installed version)
ls /etc/postgresql/ (How many instance are installed, lets say 15 and 16 are installed)
pg_lsclusters (Check postgresql existing cluster)
systemctl stop postgresql.service
/usr/bin/pg_dropcluster --stop 15 main (Drop the obsolete cluster or other cluster rather than the required one)
systemctl status postgresql.service
systemctl start postgresql.service
systemctl enable postgresql.service
systemctl status postgresql.service
pg_lsclusters (Now again check the clusters)
Then I ran the following command again and it worked.
gvm-setup
Then I gave gvm-check-setup command but faced some errors. First error is to solve redis server issue. So I started redis-server.
systemctl start redis-server
systemctl enable redis-server
After that you need to give /var/log/gvm/openvas.log file 666 permission.
gvm-stop
chmod 666 /var/log/gvm/openvas.log
gvm-start
gvm-check-setup
Now finally you need to give the following command to update the feed.
gvm-stop
greenbone-feed-sync or greenbone-nvt-sync
gvm-start
Now hitting the above url will take you to the main page. You already given admin user and password. Use that to login and change it.
Now at the time of configuring scan, you will face the follwoing error:
Failed to find config ‘daba56c8–73ec-11df-a475–002264764cea’
This error means that, the NVT, SCAP, CERT and GVMD_DATA has not been updated yet.
To fix this just wait for 30 minutes for the convergence. Because once the feeds are downloaded/updated then gvm needs around 20–30 minutes inject that update into its database. After that you should see like below image.
Now your scan should work.
Everytime your system reboots, you need to give gvm-start command to access the web url.
Thanks. I hope this blog will help you to install openvas from scratch. See my this blog to find out how to use it.
If you find this helpful please consider to subscribe below.
Resources:
https://www.youtube.com/watch?v=DoNaGl1XHYE&ab_channel=DrChap
https://www.youtube.com/watch?v=jxbryT68_f0&ab_channel=InfoSecPat
https://www.youtube.com/watch?v=LGh2SetiKaY&t=46s&ab_channel=GetCyber
https://www.youtube.com/watch?v=koMo_fSQGlk&ab_channel=HackerSploit
https://www.youtube.com/watch?v=OUiRTv4Q80c&ab_channel=StefanRows
https://www.youtube.com/watch?v=r082Swj163Q&ab_channel=OPENVAS
LinkedIn:
https://www.linkedin.com/in/md-mahimbin-firoj-7b8a5a113/
YouTube: