Advertisement

OpenVAS 6 installation on Debian Wheezy

This article intends to fill the gaps that I found in the OpenVAS installation when installing the software on a Debian 7 "Wheezy" headless server.

I chose Debian due to standards of the environment and keeping Linux operating system deployment to one distribution.

Installation

The installation instructions provided on OpenVAS' website are very good, so I won't reproduce them here. Please install the packages as described.

Configuration

With the base OpenVAS system installed, you are going to need to manage the OpenVAS server remotely.

By default, remote access to the greenbone-security-assistant web portal is secured to localhost, so we need to allow access:

vi /etc/default/greenbone-security-assistant

Find and change the line from:

GSA_ADDRESS=127.0.0.1

to:

GSA_ADDRESS=0.0.0.0

Save your changes and exit the editor:

:wq!

Note: For the security minded, yes, I've been sloppy here. You can alternatively restrict access to a single IP address.

SCAP/CERT database

If you receive the following error on the "SecInfo Management" pages:

SCAP and/or CERT database missing on OMP server

You need to copy the following files to the /usr/share/openvas/cert directory:

  1. cert_db_init.sql

  2. dfn_cert_getbyname.xsl

  3. dfn_cert_update.xsl

Then run the openvas-certdata-sync command again.

Updating the database

If you want your OpenVAS server to update the local databases, it requires outbound access to rsync.openvas.org (the same IP address as feeds.openvas.org).

OpenVAS uses rsync for synchronisation. That means if you are behind a corporate firewall, you can make OpenVAS use proxy for rsync through RSYNC_PROXY enviroment variable.

From the rsync man page:

You may establish the connection via a web proxy by setting the environment variable RSYNC_PROXY to a hostname:port pair pointing to your web proxy. Note that your web proxy's configuration must support proxy connections to port 873.

About the author

Paul Angus

Paul is a security and infrastructure professional with over 13 years of experience in the Information Technology sector.

Before transitioning to the IT sector, the knowledge gained working along side senior management, civil engineers, surveyors, town planners and graphic designers helped to shape his unique perspective.
Last updated: 
2016-08-24 00:04
Tags: 
Share: 
Advertisement

Comments

Dear Mr. Angus, thank you for creating this post. I installed OpenVAS under Debian Wheezy but was still getting the "warning: secinfo database missing" when viewing the NVTs option under the SecInfo tab. This info fixed the problem.

I've read your post, and that of similiar others. What isn't clear to me, is what file/script should that RSYNC_PROXY variable assignment be made in. Also, is the 'right' structure to include "http://" at the beginning, or...?

Thank you.

On Debian Linux systems, the RSYNC_PROXY environment variable can be set by adding a line to /etc/environment (create this file if non-existent). For example:

RSYNC_PROXY=http://proxy:3128/

Don't forget the trailing slash. If the proxy server listens on a different port, change 3128 as necessary.

This is only necessary if you have a restrictive corporate environment requiring use of a HTTP proxy for outgoing rsync connections.

Add new comment