By Manny Fernandez

April 24, 2019

Installing Greenbone Vulnerability Manager

If you have even followed InfoSec, Cyber or whatever you want to call it, you will know that vulnerable code is the number one issue we face in the industry save that of humans. There are many excellent vulnerability scanners on the market today. They all have their weaknesses and strengths. Some are specific for certain platforms, some that are run and managed from your locations and others that report into and store reports in the cloud. Some of those comapnies, in no particular order are:

  • Rapid7
  • Qualys
  • NetSparker
  • Burp Suite
  • Nessus

To name a few. One of the solutions that was packaged with Alienvault is Greenbone Vulnerability Scanner; formally, OpenVAS. In this post, I will do a step-by-step walk through on deploying Greenbone Vulnerability Scanner on a CentOS 7 virtual machine.

Lets get started. What you will need:

  • ISO for CentOS 7 Minimal Install (Smaller and no fluff)
  • Internet connection
  • Firewall that allows RSync outbound from the inside.
  • I am using VMWare Fusion but you can use your hypervisor of choice.

 

Installing CentOS

We are going to “Create a customer virtual machine”

Next we will choose ‘Linux’ and ‘CentOS 7 64-bit’

I chose ‘Legacy BIOS’

Choose ‘Create a new virtual disk’

Name the VM

Now choose the CD so we can point it to the ISO you downloaded.

Now you can start the VM

 

Setting up CentOS

Once you power up the VM, you will need to run through the install process:

When presented with the above screen, choose ‘i’ and hit enter.

Choose the language and click ‘Continue’ on the bottom.

Now you will need to configure the interface and hostname
(1) Make sure you enable this, if not when the VM boots up, it will not load the interface at boot up.
(2) Give it a name (FQDN)
(3) Hit the ‘Apply’ button.

Assign a ‘root’ password and create a user

Once it completes, hit ‘Reboot’

Installing Greenbone Vulnerability Scanner

Once the VM reboots and you log in, you will want to install ‘net-tools’ which will give you the ‘ifconfig’ command.

You can repeat the same for tcpdump ‘yum install tcpdump’ and ‘yum install wget’ & do the same.

Next you will need to make some modifications:

vi /etc/redis.conf

Look for the following lines and place the # in front of them

Original

unixsocket /tmp/redis.sock 
unixsocketperm 700

After

# unixsocket /tmp/redis.sock 
# unixsocketperm 700

Also, you will need to disable SELINUX

vi /etc/selinux/config

and change the ‘enabled’ to ‘disabled’ (see below)

You will also need to modify the firewall to allow TCP 9392. In my lab, I am going to disable the firewall.

systemctl stop firewalld
systemctl disable firewalld

Once this is complete, you are ready to install the repos

As you can see, you should now be able to SSH to the VM with SecureCRT or the like.

wget -q -O - https://updates.atomicorp.com/installers/atomic | sh

This process may take some time. Be calm and dont lose it.

Once the install is complete, you will need to make some changes. Now you are ready to start the set up process.
run the following:

openvas-setup

The next section will take time. It uses RSYNC so ensure you are not blocking it. If you have a fast internet connection, this may or may not take a long time.

You will be asked to create an admin account and assign a password. The default user it will create is ‘admin’. Set the password and validate the passwortd again.

Setup complete, you can now access GSAD at:
https://%ip-address%:9392

When you see the above message, this section will be done. Now you need to configure GSAD to load automatically at start up.

systemctl enable redis 
systemctl restart redis

Now you can access the web GUI by browsing to https://%ip-address%:9392

Recent posts

  • If you've spent any time configuring user authentication on... Full Story

  • DNS is one of those technologies that quietly underpins... Full Story

  • BGP issues on FortiGate firewalls usually trace back to... Full Story

  • Every time your laptop talks to your router, a... Full Story

  • If you've spent any time configuring NAT on a... Full Story

  • If you have spent any time configuring firewall policies... Full Story

  • High availability on FortiGate is one of those features... Full Story

  • If you've configured SD-WAN on a FortiGate, you've almost... Full Story

  • FortiLink is the management protocol that turns a FortiSwitch... Full Story

  • FortiSwitches are pretty rock solid from Mean Time Between... Full Story

  • This is a quicky tip.  Have you ever gone... Full Story

  • DNS is one of those quiet pieces of internet... Full Story

  • This article is an updated version of the previous... Full Story

  • You will add ns2 as a secondary (slave) BIND9... Full Story

  • In the process of deploying my lab, I needed... Full Story

  • RFC 8805, used to be known as Self-Correcting IP... Full Story

  • Years back, I wrote an article about certificate pinning. ... Full Story

  • FortiGates have the ability to send alerts to Microsoft... Full Story

  • In this post, I am going to walk through... Full Story

  • Troubleshooting VoIP on a FortiGate can feel like trying... Full Story

  • Prior to FortiOS 7.0, there were three commands to... Full Story

  • In this post, I am going to go over... Full Story

  • What we are going to do:  We are going... Full Story

  • Choosing between FGCP (FortiGate Clustering Protocol) and FGSP (FortiGate... Full Story

  • Creating a VLAN on macOS (The "Pro" Move) A... Full Story

  • This blog post explores the logic behind how macOS... Full Story

  • Pretty Fly for a Wi-Fi Tell My Wi-Fi Love... Full Story

  • Part of my daily gig is creating BoMs (Bill-of-Materials)... Full Story

  • ICMP introduces several security risks, but careful filtering, rate... Full Story

  • The command diag debug application dhcps -1 enables full... Full Story

  • In the world of FortiOS, execute tac report is... Full Story

  • LLDP; What is it The Link Layer Discovery Protocol... Full Story

  • What it actually does When you run diagnose fdsm... Full Story

  • Monkey Bites are bite-sized, high-impact security insights designed for... Full Story

  • I have run macOS in macOS with Parallels but... Full Story

  • Don't be confused with my other FortiNAC posts where... Full Story

  • This is the third session in a multi-part article... Full Story

  • Today I was configuring key-based authentication on a FortiGate... Full Story

  • Netcat, often called the "Swiss Army knife" of networking,... Full Story

  • At its core, IEEE 802.1X is a network layer... Full Story

  • In case you did not see the previous FortiNAC... Full Story

  • This is our 5th session where we are going... Full Story

  • Now that we have Wireshark installed and somewhat configured,... Full Story

  • The Philosophy of Packet Analysis Troubleshooting isn't about looking... Full Story

  • Overview FortiOS 8.0 introduces custom tags as a first-class... Full Story

  • These are two distinct mechanisms on FortiOS, and conflating... Full Story

  • Replacement messages are the pages and text blocks that... Full Story