Greenbone/Konfiguration: Unterschied zwischen den Versionen

Aus Foxwiki
Zeile 71: Zeile 71:


== Externer Zugriff ==
== Externer Zugriff ==
; Since we're on '''systemd''', you actually need to modify 3 ''.service'' files
; Since we're on '''systemd''', you actually need to modify three ''.service'' files
  # cd /lib/systemd/system
  # cd /lib/systemd/system



Version vom 10. Februar 2023, 10:05 Uhr

Konfiguration

Dateien

Configuring

The installation is now finished. Next, we verify if our installation is working.

$ sudo gvm-check-setup

I got an error (SCAP DATA are missing), but if you look through the error message, you can see that you can fix it by running:

$ sudo runuser -u _gvm -- greenbone-feed-sync --type SCAP

This fixed my issue.

Starting the OpenVAS Service
sudo gvm-start

"Install OpenVAS on Kali"

Now your OpenVAS Service should be up and running

  • OpenVAS listens on the Ports: 9390, 9391, 9392, and on Port 80.
  • Your web browser should automatically open and lead to the OpenVAS Login Page.
If not, open a web browser manually and enter the URL
https://127.0.0.1:9392
The first time you want to open this URL you will get a security warning
  • Click on Advanced and Add an Exception.

"Log in to OpenVAS on Kali"

Remember the password you noted down before? Now we are going to need it.

Forgot your Admin Password?
Reset it by typing: sudo gvmd --user=admin --new-password=passwd;

Log in to OpenVAS with admin // your password

"Install OpenVAS on Kali Linux"

First things first – Navigate to To your User Profile / My Settings / Click on Edit and change the password.

"Change OpenVAS Password"

This is basically all you need to do. OpenVAS is now running and ready for use.

Password reset

Did you forget to note down the password? You can change the admin password using the following commands:

# gvmd --user=admin --new-password=passwd;

The next step is to accept the self-signed certificate warning and use the automatically generated admin credentials to login on to the web interface:

Starting and stopping

Before starting to install the virtual appliance, the last step I have to consider is to start and stop the OpenVAS service. OpenVAS services consume a lot of unnecessary resources, so it is recommended that you disable these services when you are not using OpenVAS.

Run the following command to start the services:

Sudo gvm-start

To stop the OpenVAS services again, run:

sudo gvm-stop

To create a new user

sudo runuser -u _gvm -- gvmd --create-user=admin2 --new-password=12345

To change the password of the existing user:

sudo runuser -u _gvm -- gvmd --user=admin --new-password=new_password

Externer Zugriff

Since we're on systemd, you actually need to modify three .service files
# cd /lib/systemd/system
Files are
greenbone-security-assistant.service
openvas-manager.service
openvas-scanner.service

To make it quick, you may want to use sed. This line will replace all 127.0.0.1 to 0.0.0.0 which will allow all services to be available on all interfaces.

You should replace 0.0.0.0 to the address of your choice.

# sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service
Verify that all will be done as you want.

If you're happy with the changes, just add -i to the end of previous command.

# sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service -i
Lastly, you need to reload daemons, since you've modified files and restart services.
# systemctl daemon-reload
# systemctl restart greenbone-security-assistant.service openvas-manager.service openvas-scanner.service
Verify, that all services are listening on desired host
ss -nalt

If restarting services didn't work, try to restart the server itself.