Kali2.0 中安装openvas
上一篇 / 下一篇 2015-10-14 11:06:50 / 个人分类:Kali
openvas安装
参考:
书籍《Metasploit渗透测试魔鬼训练营》 第100页 该书较老应该是参考kali1.0系统版本的,网上许多类似和这个安装过程差不多的过程资料。
于是google 搜索了下 kali2.0 openvas 找到了一篇国内的玄魂的
和官网里的安装指引
参考官方 前提是我已经执行过 update和dist-upgrade 更新到最新的kali (同时安装了Linux-headers-4.0.0-kali1-amd64
和virtualbox guest additions)可参考该篇http://www.51testing.com/index.php?uid-121957-action-viewspace-itemid-3649839
实际kali2.0 已经安装好openvas相关 不用执行官方中的apt-get install openvas
最终尝试几次,在干净的kali2.0镜像中,如下顺序最简便,成功率最高
1 openvas initial setup
终端直接执行这个命令会这样
利用kali2.0 的这里搜索,直接点击执行
安装过程很长,因为会去openvas官方网同步一些扫描资源文件
以下的 openvas-setup 和openvas-check-setup 可以直接在终端执行。(为毛没有openvas initial setup)
2 openvas-setup
3 openvas-check-setup
root@MK:~# openvas-check-setup
openvas-check-setup 2.3.0
Test completeness and readiness of OpenVAS-8
(add '--v6' or '--v7' or '--9'
if you want to check for another OpenVAS version)
Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.
Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 5.0.1.
OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
OK: OpenVAS Scanner server certificate is valid and present as /var/lib/openvas/CA/servercert.pem.
OK: NVT collection in /var/lib/openvas/plugins contains 43636 NVTs.
WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
OK: The NVT cache in /var/cache/openvas contains 43636 files for 43636 NVTs.
OK: redis-server is present in version v=2.8.17.
OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/lib/redis/redis.sock
OK: redis-server is running and listening on socket: /var/lib/redis/redis.sock.
OK: redis-server configuration is OK and redis-server is running.
Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 6.0.1.
OK: OpenVAS Manager client certificate is valid and present as /var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: At least one user exists.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
OK: OpenVAS Manager database is at revision 146.
OK: OpenVAS Manager expects database at revision 146.
OK: Database schema is up to date.
OK: OpenVAS Manager database contains information about 43636 NVTs.
OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
OK: xsltproc found.
Step 3: Checking user configuration ...
WARNING: Your password policy is empty.
SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy.
Step 4: Checking Greenbone Security Assistant (GSA) ...
OK: Greenbone Security Assistant is present in version 6.0.1.
Step 5: Checking OpenVAS CLI ...
OK: OpenVAS CLI version 1.4.0.
Step 6: Checking Greenbone Security Desktop (GSD) ...
SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running ...
OK: netstat found, extended checks of the OpenVAS services enabled.
OK: OpenVAS Scanner is running and listening only on the local interface.
OK: OpenVAS Scanner is listening on port 9391, which is the default port.
WARNING: OpenVAS Manager is running and listening only on the local interface.
This means that you will not be able to access the OpenVAS Manager from the
outside using GSD or OpenVAS CLI.
SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless you want
a local service only.
OK: OpenVAS Manager is listening on port 9390, which is the default port.
WARNING: Greenbone Security Assistant is running and listening only on the local interface.
This means that you will not be able to access the Greenbone Security Assistant from the
outside using a web browser.
SUGGEST: Ensure that Greenbone Security Assistant listens on all interfaces.
OK: Greenbone Security Assistant is listening on port 9392, which is the default port.
Step 8: Checking nmap installation ...
WARNING: Your version of nmap is not fully supported: 6.49BETA5
SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.
Step 10: Checking presence of optional tools ...
OK: pdflatex found.
OK: PDF generation successful. The PDF report format is likely to work.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
WARNING: Could not find rpm binary, LSC credential package generation for RPM and DEB based targets will not work.
SUGGEST: Install rpm.
WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.
SUGGEST: Install nsis.
It seems like your OpenVAS-8 installation is OK.
If you think it is not OK, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.
3 但kali2.0以上命令过程并没有让设置admin账号的密码。
书里的 这段命令 openvasad 添加用户命令,在kali2.0已经没有这个命令了。
这里提到了 这个命令 于是openvasmd --help 果然看到了 --user 和 --new-passwd参数
openvasmd --user=admin --new-password=new_password
4
访问GSA地址 https://127.0.0.1:9392/ 输入刚设置好的admin 和密码
BINGGO
TAG:
标题搜索
日历
|
|||||||||
| 日 | 一 | 二 | 三 | 四 | 五 | 六 | |||
| 1 | 2 | 3 | 4 | ||||||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 | |||
| 12 | 13 | 14 | 15 | 16 | 17 | 18 | |||
| 19 | 20 | 21 | 22 | 23 | 24 | 25 | |||
| 26 | 27 | 28 | 29 | 30 | 31 | ||||
我的存档
数据统计
- 访问量: 45705
- 日志数: 11
- 建立时间: 2010-01-26
- 更新时间: 2015-10-14
