2014年8月7日 星期四

[研究] OpenVAS 6 安裝與使用(yum)(CentOS 7.0 x64)

[研究] OpenVAS 6 安裝與使用(yum)(CentOS 7.0 x64)

2014-08-07

官方網站
http://www.openvas.org/

系統架構
http://www.openvas.org/pix/OpenVAS4-Structure.png

作業系統支援情形
http://www.openvas.org/install-packages.html

支援的 CentOS 版本
http://www6.atomicorp.com/channels/atomic/centos/

官方安裝說明
http://www.openvas.org/install-packages-v6.html#openvas_centos_atomic
http://www.openvas.org/install-packages.html


安裝

[root@localhost ~]# wget -q -O - http://www.atomicorp.com/installers/atomic |sh

Atomic Free Unsupported Archive installer, version 2.0.12

BY INSTALLING THIS SOFTWARE AND BY USING ANY AND ALL SOFTWARE
PROVIDED BY ATOMICORP LIMITED YOU ACKNOWLEDGE AND AGREE:

THIS SOFTWARE AND ALL SOFTWARE PROVIDED IN THIS REPOSITORY IS
PROVIDED BY ATOMICORP LIMITED AS IS, IS UNSUPPORTED AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ATOMICORP LIMITED, THE
COPYRIGHT OWNER OR ANY CONTRIBUTOR TO ANY AND ALL SOFTWARE PROVIDED
BY OR PUBLISHED IN THIS REPOSITORY BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
OF THE POSSIBILITY OF SUCH DAMAGE.

====================================================================
THIS SOFTWARE IS UNSUPPORTED.  IF YOU REQUIRE SUPPORTED SOFWARE
PLEASE SEE THE URL BELOW TO PURCHASE A NUCLEUS LICENSE AND DO NOT
PROCEED WITH INSTALLING THIS PACKAGE.
====================================================================

For supported software packages please purchase a Nucleus license:
https://www.atomicorp.com/products/nucleus.html
All atomic repository rpms are UNSUPPORTED.
Do you agree to these terms? (yes/no) [Default: yes]

Configuring the [atomic] yum archive for this system

Installing the Atomic GPG key: OK
Downloading atomic-release-1.0-19.el7.art.noarch.rpm: OK



The Atomic Rocket Turtle archive has now been installed and configured for your system
The following channels are available:
  atomic          - [ACTIVATED] - contains the stable tree of ART packages
  atomic-testing  - [DISABLED]  - contains the testing tree of ART packages
  atomic-bleeding - [DISABLED]  - contains the development tree of ART packages


[root@localhost ~]#

[root@localhost ~]# yum -y upgrade

[root@localhost ~]#  yum -y install openvas

# 安裝成功,但是要很久

[root@localhost ~]# yum list | grep openvas
openvas.noarch                             1.0-14.el7.art              @atomic
openvas-cli.x86_64                         1.3.0-5.el7.art             @atomic
openvas-libraries.x86_64                   7.0.3-12.el7.art            @atomic
openvas-manager.x86_64                     5.0.3-21.el7.art            @atomic
openvas-scanner.x86_64                     4.0.1-13.el7.art            @atomic
openvas-cli-debuginfo.x86_64               1.3.0-5.el7.art             atomic
openvas-libraries-debuginfo.x86_64         7.0.3-12.el7.art            atomic
openvas-libraries-devel.x86_64             7.0.3-12.el7.art            atomic
openvas-manager-debuginfo.x86_64           5.0.3-21.el7.art            atomic
openvas-scanner-debuginfo.x86_64           4.0.1-13.el7.art            atomic
[root@localhost ~]#

[root@localhost ~]# ls -al /etc/init.d/open*
-rwxr-xr-x. 1 root root 1603 Aug 31  2010 /etc/init.d/openvas-manager
-rwxr-xr-x. 1 root root 2013 Jun 10 02:13 /etc/init.d/openvas-scanner
[root@localhost ~]#


[root@localhost ~]# openvas-setup

Openvas Setup, Version: 0.5


Step 1: Update NVT's and SCAP data
Please note this step could take some time.
Once completed, NVT's and SCAP data will be updated automatically every 24 hours

Updating NVTs....
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed                                                                                                  .html'.
[i] NVT dir: /var/lib/openvas/plugins
[w] Could not determine feed version.
[i] rsync is not recommended for the initial sync. Falling back on http.
[i] Will use wget
[i] Using GNU wget: /usr/bin/wget
[i] Configured NVT http feed: http://www.openvas.org/openvas-nvt-feed-current.ta                                                                                                  r.bz2
[i] Downloading to: /tmp/openvas-nvt-sync.LFBHDapfmr/openvas-feed-2014-08-07-258                                                                                                  23.tar.bz2
--2014-08-07 22:07:20--  http://www.openvas.org/openvas-nvt-feed-current.tar.bz2
Resolving www.openvas.org (www.openvas.org)... 5.9.98.186
Connecting to www.openvas.org (www.openvas.org)|5.9.98.186|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 15332534 (15M) [application/x-bzip2]
Saving to: ‘/tmp/openvas-nvt-sync.LFBHDapfmr/openvas-feed-2014-08-07-25823.tar                                                                                                  .bz2’



...(略)

Updating OpenVAS Manager database....

Step 2: Configure GSAD
The Greenbone Security Assistant is a Web Based front end
for managing scans. By default it is configured to only allow
connections from localhost.

Allow connections from any IP? [Default: yes]
Restarting gsad (via systemctl):                           [  OK  ]

Step 3: Choose the GSAD admin users password.
The admin user is used to configure accounts,
Update NVT's manually, and manage roles.

Enter administrator username [Default: admin] :
Enter Administrator Password: (設定密碼 )
Verify Administrator Password:  (設定密碼 )


Setup complete, you can now access GSAD at:
  https://<IP>:9392

[root@localhost ~]#

[root@localhost ~]# firefox https://localhost:9392/







(用法待研究...)

(完)

相關

[研究] OpenVAS 6 安裝與使用(yum)(CentOS 7.0 x64)
http://shaurong.blogspot.tw/2014/08/openvas-6-yumcentos-70-x64.html

[研究] OpenVAS 安裝與使用(yum)(CentOS 6.5 x64)(失敗)
http://shaurong.blogspot.tw/2014/01/openvas-yumcentos-65-x64.html

[研究] OpenVAS 安裝與使用(yum)(CentOS 6.0 x86_64)(失敗)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=20323

[研究] OpenVAS 安裝與使用(LiveCD)(CentOS 5.5 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=19303

[研究] OpenVAS 安裝與使用(yum)(CentOS 5.5 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=19302


沒有留言:

張貼留言