1. First, update the system.
apt-get update && apt-get upgrade
2. The menu command to check the OpenVAS installation kept failing, so I decided to re-install the package. From here on I steered clear of Kali’s Application menu–at least for OpenVAS commands. You may not need to re-install and can skip this step.
apt-get remove openvas
apt-get install openvas
3. Fill holes. Just like fixing your code by compiling it, periodically run the below command to see what needs to happen next in order to complete the setup.
4. Create server certificate. Just need to answer some default questions. The below copy/paste is the output.
Congratulations. Your server certificate was properly created.
The following files were created:
. Certification authority:
Certificate = /var/lib/openvas/CA/cacert.pem
Private key = /var/lib/openvas/private/CA/cakey.pem
. OpenVAS Server :
Certificate = /var/lib/openvas/CA/servercert.pem
Private key = /var/lib/openvas/private/CA/serverkey.pem
Press [ENTER] to exit
5. Update NVTs. These are used to scan for vulnerabilities and you should probably run this every now and then to keep them up-to-date. This takes a little bit to complete.
6. Create the client certificate.
openvas-mkcert-client -n -i
7. Create a user.
openvasmd –create-user=user –role=Admin && openvasmd –user=user –new-password=userpass
8. Stop services. To avoid any conflicts, stop the manager and scanner services.
service openvas-manager stop
service openvas-scanner stop
9. Run the OpenVAS daemon.
10. Rebuild database generated by the scanner.
11. Update SCAP data. This is the security content automation protocal that OpenVAS uses. This sync can take a while.
takes a long time
12. And, another sync…
13. To do a clean restart of the OpenVAS system, kill all of the processes.
Check that the processes are actually killed:
ps aux | grep openvassd | grep -v grep
14. Start and restart the necessary services.
Note: You will have to do this after each reboot if OpenVAS does not start at boot.
service openvas-scanner start
service openvas-manager start
service greenbone-security-assistant restart