2018年6月21日 星期四

[研究] OpenVAS 9 安裝與使用(yum)(CentOS 7.5 x64)

[研究] OpenVAS 9 安裝與使用(yum)(CentOS 7.5 x64)

2018-06-21

官方網站
http://www.openvas.org/

OpenVAS 的版本,是根據 Libraries 的版本
http://www.openvas.org/install-source.html



系統架構
http://www.openvas.org/pix/OpenVAS4-Structure.png


作業系統支援情形
http://www.openvas.org/install-packages.html

支援的 CentOS 版本
http://www6.atomicorp.com/channels/atomic/centos/
目前支援 3、4、5、6、7

官方安裝說明
http://www.openvas.org/install-packages.html
https://wiki.atomicorp.com/wiki/index.php/Atomic

安裝

先關閉 SELinux

$  su  root
#  vi   /etc/selinux/config


# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled    <===  從 enforcing 改為 disabled
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted    別改錯,改到這個了


重新啟動作業系統,讓 SELinux 生效
#  vi   /etc/selinux/config

yum -y update
yum install -y wget bzip2 texlive net-tools alien gnutls-utils
wget -q -O - https://www.atomicorp.com/installers/atomic | sh
yum install openvas -y


6) edit /etc/redis.conf. Add/uncomment the following

vi   /etc/redis.conf
最後加上
unixsocket /tmp/redis.sock
unixsocketperm 700

systemctl enable redis
systemctl restart redis

openvas-setup

firewall-cmd --permanent --add-port=9392/tcp
firewall-cmd --reload
firewall-cmd --list-port

瀏覽器連上

https://<IP-ADDRESS>:9392

要檢查設定,可執行

openvas-check-setup --v9


********************************************************************************
實際情況

[root@localhost ~]# wget -q -O - http://www.atomicorp.com/installers/atomic |sh

Atomic Free Unsupported Archive installer, version 4.0.1

BY INSTALLING THIS SOFTWARE AND BY USING ANY AND ALL SOFTWARE
PROVIDED BY ATOMICORP LIMITED YOU ACKNOWLEDGE AND AGREE:

THIS SOFTWARE AND ALL SOFTWARE PROVIDED IN THIS REPOSITORY IS
PROVIDED BY ATOMICORP LIMITED AS IS, IS UNSUPPORTED AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ATOMICORP LIMITED, THE
COPYRIGHT OWNER OR ANY CONTRIBUTOR TO ANY AND ALL SOFTWARE PROVIDED
BY OR PUBLISHED IN THIS REPOSITORY BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
OF THE POSSIBILITY OF SUCH DAMAGE.

For supported software packages please contact us at:

  sales@atomicorp.com

Do you agree to these terms? (yes/no) [Default: yes]  (按下Enter)

Configuring the [atomic] repo archive for this system

Installing the Atomic GPG keys: OK

Downloading atomic-release-1.0-21.el7.art.noarch.rpm: Preparing...                          ################################# [100%]
Updating / installing...
   1:atomic-release-1.0-21.el7.art    ################################# [100%]
OK

Enable repo by default? (yes/no) [Default: yes]: (按下Enter)


The Atomic repo has now been installed and configured for your system
The following channels are available:
  atomic          - [ACTIVATED] - contains the stable tree of ART packages
  atomic-testing  - [DISABLED]  - contains the testing tree of ART packages
  atomic-bleeding - [DISABLED]  - contains the development tree of ART packages


[root@localhost ~]#


[root@localhost ~]# yum -y upgrade

[root@localhost ~]#  yum -y install openvas


[root@localhost ~]# yum list | grep openvas
openvas.noarch                              9.0.0-2796.el7.art         @atomic
openvas-cli.x86_64                          1.4.5-2739.el7.art         @atomic
openvas-libraries.x86_64                    9.0.1-2735.el7.art         @atomic
openvas-manager.x86_64                      7.0.2-2737.el7.art         @atomic
openvas-scanner.x86_64                      5.1.1-2736.el7.art         @atomic
openvas-smb.x86_64                          1.0.2-1980.el7.art         @atomic
openvas-cli-debuginfo.x86_64                1.4.5-2739.el7.art         atomic
openvas-libraries-debuginfo.x86_64          9.0.1-2735.el7.art         atomic
openvas-libraries-devel.x86_64              9.0.1-2735.el7.art         atomic
openvas-manager-debuginfo.x86_64            7.0.2-2737.el7.art         atomic
openvas-scanner-debuginfo.x86_64            5.1.1-2736.el7.art         atomic
openvas-smb-debuginfo.x86_64                1.0.2-1980.el7.art         atomic

OpenVAS 7 會有這兩個
[root@localhost ~]# ls -al /etc/init.d/open*
-rwxr-xr-x. 1 root root 1603 Aug 31  2010 /etc/init.d/openvas-manager
-rwxr-xr-x. 1 root root 2013 Jun 10 02:13 /etc/init.d/openvas-scanner
[root@localhost ~]#

OpenVAS 9 沒有
[root@localhost ~]# ls -al /etc/init.d/open*
ls: cannot access /etc/init.d/open*: No such file or directory
[root@localhost ~]#


[root@localhost ~]# openvas-setup


Openvas Setup, Version: 3.0


Step 1: Update NVT, CERT, and SCAP data
Please note this step could take some time.
Once completed, this will be updated automatically every 24 hours

Select download method
* wget (NVT download only)
* curl (NVT download only)
* rsync

  Note: If rsync requires a proxy, you should define that before this step.

Downloader [Default: rsync]   (按下Enter)

... (略,會下載安裝一堆)

Step 2: Configure GSAD
The Greenbone Security Assistant is a Web Based front end
for managing scans. By default it is configured to only allow
connections from localhost.

Allow connections from any IP? [Default: yes] Redirecting to /bin/systemctl restart gsad.service

Step 3: Choose the GSAD admin users password.
The admin user is used to configure accounts,
Update NVT's manually, and manage roles.

Enter administrator username [Default: admin] : (按下Enter)
Enter Administrator Password: (設定密碼)
Verify Administrator Password:  (再次輸入密碼)


Rebuilding NVT cache... done.

Setup complete, you can now access GSAD at:
  https://<IP>:9392

Created symlink from /etc/systemd/system/multi-user.target.wants/openvas-scanner.service to /usr/lib/systemd/system/openvas-scanner.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openvas-manager.service to /usr/lib/systemd/system/openvas-manager.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/gsad.service to /usr/lib/systemd/system/gsad.service.
[root@localhost ~]#




















(用法待研究...)

(完)

相關

[研究] OpenVAS 9 安裝與使用(yum)(CentOS 7.5 x64)
http://shaurong.blogspot.com/2018/06/openvas-9-yumcentos-75-x64.html

[研究] OpenVAS 9 安裝
http://shaurong.blogspot.com/2017/06/openvas-9.html

[研究] OpenVAS-8 DEMO Virtual Appliance 1.0 安裝
http://shaurong.blogspot.com/2015/05/openvas-8-demo-virtual-appliance-10.html

[研究] OpenVAS-7 DEMO Virtual Appliance 2.4 安裝
http://shaurong.blogspot.com/2015/03/openvas-7-demo-virtual-appliance-24.html

[研究] OpenVAS 7 安裝與使用(yum)(CentOS 7.0 x64)
http://shaurong.blogspot.com/2014/11/openvas-7-yumcentos-70-x64.html

[研究] OpenVAS 6 安裝與使用(yum)(CentOS 7.0 x64)
http://shaurong.blogspot.com/2014/08/openvas-6-yumcentos-70-x64.html

[研究] OpenVAS 6.0 beta 5 安裝與使用(yum)(Fedora 20 x64)
http://shaurong.blogspot.com/2014/02/openvas-60-beta-5-yumfedora-20-x64.html

[研究] OpenVAS 安裝與使用(yum)(CentOS 6.5 x64)
http://shaurong.blogspot.com/2014/01/openvas-yumcentos-65-x64.html


沒有留言:

張貼留言