Greenbone/Installation: Unterschied zwischen den Versionen
Keine Bearbeitungszusammenfassung |
|||
| Zeile 24: | Zeile 24: | ||
== Weitere Informationen == | == Weitere Informationen == | ||
# https://greenbone.github.io/docs/latest/22.4/kali/index.html | # https://greenbone.github.io/docs/latest/22.4/kali/index.html | ||
== Verify installation == | |||
$ '''sudo gvm-check-setup''' | |||
I got an error (SCAP DATA are missing), but if you look through the error message, you can see that you can fix it by running: | |||
$ '''sudo runuser -u _gvm -- greenbone-feed-sync --type SCAP''' | |||
== Starting OpenVAS Service == | |||
sudo gvm-start | |||
[Image:Bild3.png|top|alt="Install OpenVAS on Kali"]] | |||
; Now your OpenVAS Service should be up and running | |||
; OpenVAS listens on the Ports | |||
* 9390 | |||
* 9391 | |||
* 9392 | |||
* 80 | |||
; Your web browser should automatically open and lead to the OpenVAS Login Page | |||
; If not, open a web browser manually and enter the URL | |||
https://127.0.0.1:9392 | |||
; Security warning | |||
The first time you want to open this URL you will get a security warning | |||
* Click on '''Advanced''' and '''Add an''' Exception | |||
[Image:Bild4.png|top|alt="Log in to OpenVAS on Kali"]] | |||
Remember the password you noted down before? Now we are going to need it. | |||
; Forgot your Admin Password? | |||
Reset it by typing | |||
$ sudo gvmd --user=admin --new-password=passwd; | |||
Log in to OpenVAS with admin // your password | |||
[Image:Bild5.png|top|alt="Install OpenVAS on Kali Linux"]] | |||
; First things first | |||
Navigate to '''To your User Profile''' / '''My Settings / Click on Edit''' and''' change the password'''. | |||
[Image:Bild6.png|top|alt="Change OpenVAS Password"]] | |||
== Benutzer == | |||
=== Password reset === | |||
Did you forget to note down the password? You can change the admin password using the following commands: | |||
# '''gvmd --user=admin --new-password=passwd;''' | |||
The next step is to accept the self-signed certificate warning and use the automatically generated admin credentials to login on to the web interface: | |||
== Starting and stopping == | |||
Before starting to install the virtual appliance, the last step I have to consider is to start and stop the OpenVAS service. OpenVAS services consume a lot of unnecessary resources, so it is recommended that you disable these services when you are not using OpenVAS. | |||
Run the following command to start the services: | |||
Sudo gvm-start | |||
To stop the OpenVAS services again, run: | |||
sudo gvm-stop | |||
To create a new user | |||
sudo runuser -u _gvm -- gvmd --create-user=admin2 --new-password=12345 | |||
To change the password of the existing user: | |||
sudo runuser -u _gvm -- gvmd --user='''admin''' --new-password='''new_password''' | |||
== Externer Zugriff == | |||
; Since we're on '''systemd''', you actually need to modify three ''.service'' files | |||
* greenbone-security-assistant.service | |||
* openvas-manager.service | |||
* openvas-scanner.service | |||
; To make it quick, you may want to use ''[[sed]]'' | |||
This line will replace all '''127.0.0.1''' to '''0.0.0.0''' which will allow all services to be available on all interfaces. | |||
; You should replace '''0.0.0.0''' to the address of your choice. | |||
# cd /lib/systemd/system | |||
# sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service | |||
; Verify that all will be done as you want | |||
If you're happy with the changes, just add ''-i'' to the end of previous command. | |||
# sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service -i | |||
; Reload daemons, since you've modified files and restart services | |||
# systemctl daemon-reload | |||
# systemctl restart greenbone-security-assistant.service openvas-manager.service openvas-scanner.service | |||
; Verify, that all services are listening on desired host | |||
ss -nalt | |||
If restarting services didn't work, try to restart the server itself. | |||
[[Kategorie:Greenbone]] | [[Kategorie:Greenbone]] | ||
Version vom 10. Mai 2024, 22:31 Uhr
Greenbone Community Edition auf Kali Linux installieren
Standard-Installation
Kali Linux aktualisieren
sudo apt update
Installation
sudo apt install gvm
Konfiguration
sudo gvm-setup
Passwort notieren!
Installationsstatus prüfen
gvm-check-setup
Anmeldung
Besuchen Sie https://127.0.0.1:9392
- Melden Sie sich mit oben angegebenen Anmeldedaten an
Feed-Status prüfen
- Vor dem ersten Scanvorgang
Weitere Informationen
Verify installation
$ sudo gvm-check-setup
I got an error (SCAP DATA are missing), but if you look through the error message, you can see that you can fix it by running:
$ sudo runuser -u _gvm -- greenbone-feed-sync --type SCAP
Starting OpenVAS Service
sudo gvm-start
[Image:Bild3.png|top|alt="Install OpenVAS on Kali"]]
- Now your OpenVAS Service should be up and running
- OpenVAS listens on the Ports
- 9390
- 9391
- 9392
- 80
- Your web browser should automatically open and lead to the OpenVAS Login Page
- If not, open a web browser manually and enter the URL
https://127.0.0.1:9392
- Security warning
The first time you want to open this URL you will get a security warning
- Click on Advanced and Add an Exception
[Image:Bild4.png|top|alt="Log in to OpenVAS on Kali"]]
Remember the password you noted down before? Now we are going to need it.
- Forgot your Admin Password?
Reset it by typing
$ sudo gvmd --user=admin --new-password=passwd;
Log in to OpenVAS with admin // your password
[Image:Bild5.png|top|alt="Install OpenVAS on Kali Linux"]]
- First things first
Navigate to To your User Profile / My Settings / Click on Edit and change the password.
[Image:Bild6.png|top|alt="Change OpenVAS Password"]]
Benutzer
Password reset
Did you forget to note down the password? You can change the admin password using the following commands:
# gvmd --user=admin --new-password=passwd;
The next step is to accept the self-signed certificate warning and use the automatically generated admin credentials to login on to the web interface:
Starting and stopping
Before starting to install the virtual appliance, the last step I have to consider is to start and stop the OpenVAS service. OpenVAS services consume a lot of unnecessary resources, so it is recommended that you disable these services when you are not using OpenVAS.
Run the following command to start the services:
Sudo gvm-start
To stop the OpenVAS services again, run:
sudo gvm-stop
To create a new user
sudo runuser -u _gvm -- gvmd --create-user=admin2 --new-password=12345
To change the password of the existing user:
sudo runuser -u _gvm -- gvmd --user=admin --new-password=new_password
Externer Zugriff
- Since we're on systemd, you actually need to modify three .service files
- greenbone-security-assistant.service
- openvas-manager.service
- openvas-scanner.service
- To make it quick, you may want to use sed
This line will replace all 127.0.0.1 to 0.0.0.0 which will allow all services to be available on all interfaces.
- You should replace 0.0.0.0 to the address of your choice.
# cd /lib/systemd/system # sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service
- Verify that all will be done as you want
If you're happy with the changes, just add -i to the end of previous command.
# sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service -i
- Reload daemons, since you've modified files and restart services
# systemctl daemon-reload # systemctl restart greenbone-security-assistant.service openvas-manager.service openvas-scanner.service
- Verify, that all services are listening on desired host
ss -nalt
If restarting services didn't work, try to restart the server itself.