2014年1月26日 星期日

[研究] OpenVAS 安裝與使用(yum)(CentOS 6.5 x64)

[研究] OpenVAS 安裝與使用(yum)(CentOS 6.5 x64)

2014-01-26

官方網站
http://www.openvas.org/

系統架構
http://www.openvas.org/pix/OpenVAS4-Structure.png


作業系統支援情形
http://www.openvas.org/install-packages.html

http://www6.atomicorp.com/channels/atomic/centos/5/x86_64/ 存在
http://www6.atomicorp.com/channels/atomic/centos/5/x86/ 不存在
似乎目前只支援 x86_64 版,不支援 x86 版 ?

官方安裝說明
http://www.openvas.org/install-packages.html

安裝

[root@localhost ~]# wget -q -O - http://www.atomicorp.com/installers/atomic |sh

[root@localhost ~]# yum -y upgrade
# 執行後有錯誤,先不理會

[root@localhost ~]# yum -y upgrade
...(略)
Error: Package: gstreamer-plugins-bad-free-0.10.19-2.el6.x86_64 (@anaconda-CentOS-201311272149.x86_64/6.5)
           Requires: libvpx.so.0()(64bit)
           Removing: libvpx-0.9.0-8.el6_0.x86_64 (@anaconda-CentOS-201311272149.x86_64/6.5)
               libvpx.so.0()(64bit)
           Updated By: libvpx-1.2.0-2.el6.art.x86_64 (atomic)
               Not found
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest

[root@localhost ~]#  yum -y install openvas

# 安裝成功,但是要很久


[root@localhost ~]# yum list | grep openvas
openvas.noarch                         1.0-9.el6.art                     @atomic
openvas-administrator.x86_64           1.3.2-5.el6.art                   @atomic
openvas-cli.x86_64                     1.2.0-4.el6.art                   @atomic
openvas-libraries.x86_64               6.0.1-7.el6.art                   @atomic
openvas-manager.x86_64                 4.0.4-13.el6.art                  @atomic
openvas-scanner.x86_64                 3.4.0-7.el6.art                   @atomic
openvas-libraries-devel.x86_64         6.0.1-7.el6.art                   atomic

[root@localhost ~]# ls /etc/init.d/open*
/etc/init.d/openvas-administrator  /etc/init.d/openvas-scanner
/etc/init.d/openvas-manager
[root@localhost ~]#

[root@localhost ~]# openvas-setup

...(略)

Updating OpenVAS Manager database....

Step 2: Configure GSAD
The Greenbone Security Assistant is a Web Based front end
for managing scans. By default it is configured to only allow
connections from localhost.

Allow connections from any IP? [Default: yes]
Stopping greenbone-security-assistant:                     [  OK  ]
Starting greenbone-security-assistant:                     [  OK  ]

Step 3: Choose the GSAD admin users password.
The admin user is used to configure accounts,
Update NVT's manually, and manage roles.

Enter administrator username [Default: admin] :
Enter Administrator Password:  (設定自己想要的密碼)
Verify Administrator Password:  (設定自己想要的密碼)

ad   main:MESSAGE:21335:2014-02-06 15h17.47 CST: No rules file provided, the new user will have no restrictions.
ad   main:MESSAGE:21335:2014-02-06 15h17.47 CST: User admin has been successfully created.

Step 4: Create a user

Using /var/tmp as a temporary file holder.

Add a new openvassd user
---------------------------------


Login : admin
This login already exists. Choose another one.
Login : lu  (設定自己想要的帳號)
Authentication (pass/cert) [pass] :
Login password :  (設定自己想要的密碼)
Login password (again) : (設定自己想要的密碼)

User rules
---------------
openvassd has a rules system which allows you to restrict the hosts that password has the right to test.
For instance, you may want him to be able to scan his own host only.

Please see the openvas-adduser(8) man page for the rules syntax.

Enter the rules for this user, and hit ctrl-D once you are done:
(the user can have an empty rules set)


Login             : lu
Password          : ***********

Rules             :


Is that ok? (y/n) [y]
user added.

Starting openvas-administrator...
Starting openvas-administrator:
                                                           [  OK  ]


Setup complete, you can now access GSAD at:
  https://<IP>:9392


[root@localhost ~]# https://localhost:9392/







無論如何都無法登入,terminal 出現訊息

[root@localhost ~]# Error: received handshake message out of context
Error: received handshake message out of context
Error: received handshake message out of context
Error: received handshake message out of context


(待研究...)

相關

[研究] OpenVAS 安裝與使用(yum)(CentOS 6.5 x64)(失敗)
http://shaurong.blogspot.tw/2014/01/openvas-yumcentos-65-x64.html

[研究] OpenVAS 安裝與使用(yum)(CentOS 6.0 x86_64)(失敗)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=20323

[研究] OpenVAS 安裝與使用(LiveCD)(CentOS 5.5 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=19303

[研究] OpenVAS 安裝與使用(yum)(CentOS 5.5 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=19302



沒有留言:

張貼留言