Setting up and configuring OpenVAS

Recon is everything, so a good vulnerability scanner is essential. Kali used to come with OpenVAS installed. Now you have to install OpenVAS.

To install:

root@kalibook :~#  apt -y install openvas  

It must be configured and updated before use. Fortunately, Kali comes with a helpful script to set this up. This can be found under Applications | Vulnerability analysis | openvas initial setup. Clicking on this will open a Terminal window and run the script for you. This will set up self-signed certificates for SSL and download the latest vulnerability files and related data. It will also generate a password for the admin account on the system.

Kali also comes with a check set up script which will check the services and configuration. If an issue does come up it will give you help information on the issue. This script can be found at Applications | System Services | openvas check setup.

Click this and a Terminal window will open and run the script.

The script results are as shown in the following screenshot:

Note this check shows the running ports for the services. The check shows a warning to the effect that these services are only running on the local interface. This is fine for your work. It may at some point be useful for you to run the OpenVAS server on some other machine to improve the speed of your scans.

Next we will log into the Greenbone web interface to check Openvas.

1. Open the browser and go to https://localhost:9392. You will be shown a security warning for a self-signed certificate; accept this and you will get a login screen, as follows:

1. You will log in with the user name admin and the very long and complex password generated during the set up. Don't worry, we're going to change that once we get logged in. Once logged in you will see the following page.

1. Now go to the Administration | Users tab as follows:

This will take you to the user administration page.

1. Click the wrench link to the right of the name admin; this will open the edit page for the admin user.

1. Change the radio button for Use existing value to the blank field; add your new password and click the Save button.

We've now finished setting up OpenVAS and we're ready to do some real work.