Greenbone/Konfiguration: Unterschied zwischen den Versionen
Keine Bearbeitungszusammenfassung |
|||
Zeile 8: | Zeile 8: | ||
sudo gvm-start | sudo gvm-start | ||
[Image:Bild3.png|top|alt="Install OpenVAS on Kali"]] | |||
; Now your OpenVAS Service should be up and running | ; Now your OpenVAS Service should be up and running | ||
Zeile 25: | Zeile 25: | ||
* Click on '''Advanced''' and '''Add an''' Exception | * Click on '''Advanced''' and '''Add an''' Exception | ||
[Image:Bild4.png|top|alt="Log in to OpenVAS on Kali"]] | |||
Remember the password you noted down before? Now we are going to need it. | Remember the password you noted down before? Now we are going to need it. | ||
Zeile 35: | Zeile 35: | ||
Log in to OpenVAS with admin // your password | Log in to OpenVAS with admin // your password | ||
[Image:Bild5.png|top|alt="Install OpenVAS on Kali Linux"]] | |||
; First things first | ; First things first | ||
Navigate to '''To your User Profile''' / '''My Settings / Click on Edit''' and''' change the password'''. | Navigate to '''To your User Profile''' / '''My Settings / Click on Edit''' and''' change the password'''. | ||
[Image:Bild6.png|top|alt="Change OpenVAS Password"]] | |||
== Benutzer == | == Benutzer == |
Version vom 26. März 2024, 13:10 Uhr
Verify installation
$ sudo gvm-check-setup
I got an error (SCAP DATA are missing), but if you look through the error message, you can see that you can fix it by running:
$ sudo runuser -u _gvm -- greenbone-feed-sync --type SCAP
Starting OpenVAS Service
sudo gvm-start
[Image:Bild3.png|top|alt="Install OpenVAS on Kali"]]
- Now your OpenVAS Service should be up and running
- OpenVAS listens on the Ports
- 9390
- 9391
- 9392
- 80
- Your web browser should automatically open and lead to the OpenVAS Login Page
- If not, open a web browser manually and enter the URL
https://127.0.0.1:9392
- Security warning
The first time you want to open this URL you will get a security warning
- Click on Advanced and Add an Exception
[Image:Bild4.png|top|alt="Log in to OpenVAS on Kali"]]
Remember the password you noted down before? Now we are going to need it.
- Forgot your Admin Password?
Reset it by typing
$ sudo gvmd --user=admin --new-password=passwd;
Log in to OpenVAS with admin // your password
[Image:Bild5.png|top|alt="Install OpenVAS on Kali Linux"]]
- First things first
Navigate to To your User Profile / My Settings / Click on Edit and change the password.
[Image:Bild6.png|top|alt="Change OpenVAS Password"]]
Benutzer
Password reset
Did you forget to note down the password? You can change the admin password using the following commands:
# gvmd --user=admin --new-password=passwd;
The next step is to accept the self-signed certificate warning and use the automatically generated admin credentials to login on to the web interface:
Starting and stopping
Before starting to install the virtual appliance, the last step I have to consider is to start and stop the OpenVAS service. OpenVAS services consume a lot of unnecessary resources, so it is recommended that you disable these services when you are not using OpenVAS.
Run the following command to start the services:
Sudo gvm-start
To stop the OpenVAS services again, run:
sudo gvm-stop
To create a new user
sudo runuser -u _gvm -- gvmd --create-user=admin2 --new-password=12345
To change the password of the existing user:
sudo runuser -u _gvm -- gvmd --user=admin --new-password=new_password
Externer Zugriff
- Since we're on systemd, you actually need to modify three .service files
- greenbone-security-assistant.service
- openvas-manager.service
- openvas-scanner.service
- To make it quick, you may want to use sed
This line will replace all 127.0.0.1 to 0.0.0.0 which will allow all services to be available on all interfaces.
- You should replace 0.0.0.0 to the address of your choice.
# cd /lib/systemd/system # sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service
- Verify that all will be done as you want
If you're happy with the changes, just add -i to the end of previous command.
# sed -e 's/127.0.0.1/0.0.0.0/g' greenbone-security-assistant.service openvas-manager.service openvas-scanner.service -i
- Reload daemons, since you've modified files and restart services
# systemctl daemon-reload # systemctl restart greenbone-security-assistant.service openvas-manager.service openvas-scanner.service
- Verify, that all services are listening on desired host
ss -nalt
If restarting services didn't work, try to restart the server itself.