linux安装openvas并进行系统漏洞检测

linux版本:centos 6.8

一、系统首先需要进行网络配置保证能够连通网络,dns访问正常

然后需要修改一下linux的配置

vi /etc/selinux/config

SELINUX=disabled 将当前参数改为disabled

二、开始安装openvas 可以参考: https://blog.csdn.net/imperman/article/details/24044507

1.Step 1: Configure Atomicorp Repository(下载相应的安装内容)
wget -q -O - http://www.atomicorp.com/installers/atomic |sh

2.Step 2: Quick-Install OpenVAS (下载相应软件并安装设置,下面三条命令依次执行,估计要半个到1个小时下载,网速有关)
yum upgrade
yum install openvas
openvas-setup

3.Step 3: 执行完上面三条命令后打印最后内容:(最后面的一些打印)

for managing scans. By default it is configured to only allow
connections from localhost.

Allow connections from any IP? [Default: yes] Invalid input
Allow connections from any IP? [Default: yes] yes
Stopping greenbone-security-assistant: [ OK ]
Starting greenbone-security-assistant: [ OK ]

Step 3: Choose the GSAD admin users password.
The admin user is used to configure accounts,
Update NVT’s manually, and manage roles.

Enter administrator username [Default: admin] : admin
Enter Administrator Password:
Verify Administrator Password:

/usr/sbin/openvasmd: symbol lookup error: /usr/sbin/openvasmd: undefined symbol: sqlite3_errstr

Setup complete, you can now access GSAD at:
https://:9392

You have new mail in /var/spool/mail/root

三、安装redis nosql数据库

可以参考:https://www.cnblogs.com/renzhicai/p/7773080.html

安装redis命令:依次执行下面命令

wget http://download.redis.io/releases/redis-4.0.2.tar.gz 默认会安装到当前目录,我新建目录 /usr/redis目录然后下载

解压安装包并安装
tar xzf redis-4.0.2.tar.gz
cd redis-4.0.2
make
make install

说明:Redis没有其他外部依赖,安装过程很简单。

启动redis: 直接运行redis-server即可启动Redis
[root@localhost bin]# redis-server

停止Redis

考虑到 Redis 有可能正在将内存中的数据同步到硬盘中,强行终止 Redis 进程可能会导致数据丢失。正确停止Redis的方式应该是向Redis发送SHUTDOWN命令,方法为:
redis-cli SHUTDOWN

当Redis收到SHUTDOWN命令后,会先断开所有客户端连接,然后根据配置执行持久化,最后完成退出。
Redis可以妥善处理 SIGTERM信号,所以使用 kill Redis 进程的 PID也可以正常结束Redis,效果与发送SHUTDOWN命令一样

redis启动完成后会输出界面并有打印如下参考:

2826:M 01 Apr 10:40:41.778 * DB loaded from disk: 0.000 seconds
2826:M 01 Apr 10:40:41.778 * Ready to accept connections

四、检查安装是否完成有问题并解决

可以参考:https://mp.weixin.qq.com/s?__biz=MzA5NDgzNTU0Ng==&mid=2665716617&idx=1&sn=92ab90795dbcbfa1396ea6fd37fa7995&scene=0

命令:执行命令会自动检查安装过程是否有欠缺,如检测出问题依次解决。

openvas-check-setup

1.问题:

ERROR: redis-server isnot running ornot listening on socket:/tmp/redis.sock

FIX:You should start the redis-server or configure it to listen onsocket:/tmp/redis.sock

解决办法:

vim redis.conf

进入redis安装目录 然后编辑 将下面两个参数注释打开

unixsocket /usr/redis/redis.sock #将路径改为这个路径 /usr/redis/redis.sock

unixsocketperm 700

然后命令:

vi /etc/openvas/openvassd.conf

在最后面添加一行 地址跟unixsocket的要一样

kb_location =/usr/redis/redis.sock

改完了,最后重启一下redis 命令:

先关闭redis ,在启动redis,启动时候加上配置文件加载

redis-cli shutdown

redis-server /usr/redis/redis.conf

2.问题:

ERROR:NoOpenVASManager(openvasmd) found.

FIX:Please install OpenVASManager.

并且在openvas-setup结果中可以看到

/usr/sbin/openvasmd: symbol lookup error:/usr/sbin/openvasmd:undefined symbol: sqlite3_errstr

解决方式:

yum install atomic-sqlite-sqlite-devel.x86_64 sqlite-devel

参考https://forums.atomicorp.com/viewtopic.php?f=31&t=8471

3.问题:
ERROR:No client certificate file of OpenVASManager found.
FIX:Run’openvas-mkcert-client -n -i’
解决方式:
openvas-mkcert-client -n -i

4.问题:
ERROR:No users found.You need to create at least oneuser to log in.
Itis recommended to have at leastone user with role Admin.
FIX: create a user by running ‘openvasmd–create-user= –role=Admin && openvasmd–user= –new-password=’
解决办法:
openvasmd –create-user=admin –role=Admin&& openvasmd –user=admin –new-password=123456

如果密码登录不上去,可能是openvas默认给的密码不是123456 需要在手动改一下,命令如下:

openvasmd –user admin –new-password 123456

5.问题:
ERROR:The number of NVTsin the OpenVASManager database is too low.
FIX:Make sure OpenVASScanneris running with an up-to-date NVT collection and run ‘openvasmd –rebuild’.
解决方式: 重新build数据库
openvasmd –rebuild

6.问题:
ERROR:OpenVASManageris NOT running!
FIX:StartOpenVASManager(openvasmd).
解决方法:
通过命令可以看到如下信息: netstat -an | grep 939查看
tcp 0 0 0.0.0.0:9391 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:9392 0.0.0.0:* LISTEN
tcp 0 0 :::9390 :::* LISTEN
unix 2 [ ACC ] STREAM LISTENING 17397 /tmp/orbit-root/linc-a92-0-463d2939763cc
unix 3 [ ] STREAM CONNECTED 17400 /tmp/orbit-root/linc-a92-0-463d2939763cc

通过观察 9390端口使用 :::没有通过地址来监听所以无法网络通信
办法命令: 通过修改 openvasmd的端口来启用openvasmd 将端口改为其他端口 不用9390,然后在 netstat -an | grep 939查看
openvasmd -p 9399 -a 127.0.0.1

以上所有问题解决完成之后可能启动成功了,输入命令: openvas-check-setup 显示如下打印:(安装成功了)

It seems like your OpenVAS-8 installation is OK.

If you think it is not OK, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

你可能感兴趣的:(linux安装openvas并进行系统漏洞检测)