OpenVAS – Open Vulnerability
Assessment SystemOpenVAS – 开放漏洞评估系统
OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.
OpenVAS是一个功能齐全的漏洞扫描程序。其功能包括未经验证的测试,经过身份验证的测试,各种高级和低级Internet和工业协议,用于大规模扫描的性能调整以及用于实现任何类型的漏洞测试的强大内部编程语言。
话不多说,直接开整:
系统:Centos 7.6
1、关闭selinux
# vim /etc/selinux/config
2、更新系统到最新
# yum -y update
3、安装必要组件
# yum install -y wget bzip2 texlive net-tools alien gnutls-utils
4、安装源站
# wget -q -O – https://www.atomicorp.com/installers/atomic | sh
5、yum安装openvas 9
# yum install openvas -y
6、编辑redis.conf放开sock和700权限
# vim /etc/redis.conf
unixsocket /tmp/redis.sock
unixsocketperm 700
7、重启redis并开机自启动
# systemctl enable redis && systemctl restart redis
8、开始安装openvas
# openvas-setup # 这一步需要等待很久,会下载非常多的文件
9、防火墙开放9392端口
# firewall-cmd –permanent –add-port=9392/tcp
# firewall-cmd –reload
# firewall-cmd –list-port
10、安装完毕后检测
# openvas-check-setup –v9
It seems like your OpenVAS-9 installation is OK.
# 出现上面这一句基本上没问题,上面还有有一些WARNING,视情况修复或者改正
11、内网登陆openvas
如果在内网安装的openvas,那么直接访问 http://
12、外网登陆openvas
假如openvas安装在ECS等外网环境,需要修改一些配置参数才可以访问,修改如下:
# vim /etc/sysconfig/gsad
OPTIONS=””
修改为
OPTIONS=”–http-only”
# systemctl restart gsad # 重启gsad
访问openvas,输入帐号密码
http://www.xxx.com:9392/login/login.html
13、每天更新安全库
# /usr/sbin/greenbone-nvt-sync && /usr/sbin/greenbone-scapdata-sync && /usr/sbin/greenbone-certdata-sync
你好,OPENVAS安装之后,刚开始正常,后面突然提示 GMP Service is down 无法登陆,这个GMP指的是什么服务,如果查看是否正常。
是OMP Service is down吧?
Attractive section of content. I just stumbled upon your website and in accession capital to assert
that I get actually enjoyed account your blog posts. Anyway
I will be subscribing to your augment and even I achievement you access consistently fast.
Thanks for the good writeup. It in fact used to be a leisure
account it. Look advanced to more introduced agreeable from
you! However, how can we communicate?
Hi there everyone, it’s my first pay a quick visit at this website, and paragraph is really fruitful in favor of me, keep up posting these content.
At this moment I am ready to do my breakfast, afterward having my breakfast coming over again to read additional news.
Awesome! Its truly remarkable piece of writing,
I have got much clear idea on the topic of from this
paragraph.
Very good article! We are linking to this particularly great article on our website.
Keep up the great writing.
This piece of writing is actually a fastidious one it helps new
the web visitors, who are wishing for blogging.