Linux-Tip News

We are proud to present Linux-Tip Europe. This page is designed to provide the Linux users community (not only in Europe) with news and articles that are of interest to them. It works by allowing members of the community to submit news and articles relating to Linux hardware and software. This same community can then decide what tips should be promoted based on what they consider to be the most important or interesting to the community by voting stories up and down. Stories that receive enough votes are promoted to the Linux-Tip Europe homepage. Bookmark and Share
 
Home
Open Vulnerability Assessment System Print E-mail
Friday, 19 December 2008
Article Index
Open Vulnerability Assessment System
Page 2
Page 3
Page 1 of 3
OpenVAS stands for Open Vulnerability Assessment System and is a complete tool for network security scanning including a graphical user front-end. I is used to  detect security problems in remote systems and applications. The OpenVAS development team consists of various interested parties from academia and commercial entities as well as individuals.
OpenVAS derives from the Nessus project which turned into a commercial product.  All OpenVAS products are Free Software under the GNU General Public License (GNU GPL).

The OpenVAS software consists of five different parts which are provided and maintained by the OpenVAS projects. These parts are:

  • OpenVAS-Server
  • OpenVAS-Libraries
  • OpenVAS-LibNASL
  • OpenVAS-Plugins
  • OpenVAS-Client
According to the documentation, only UNIX systems are supported by OpenVAS and out of this group, Linux distributions are tested most extensively. xBSD should work but has not been extensively tested.
Additionally OpenVAS-Client Packages for Microsoft Windows XP SP2 are available on the OpenVAS website.

Please notice that there are currently two different series available for download: the stable 1.0 series and the upcoming 2.0 series. The OpenVAS developers recently have announced the release of the 2.0-rc1 versions of openvas-libraries, openvas-libnasl, openvas-server and openvas-client.
In this step by step workshop we’ll describe how to compile, install and use OpenVAS on a Mandriva 2009 server and client. The workshop configuration could look like this:





Step 1: Installing Mandriva 2009 server

We think it is not necessary to explain how to install Mandriva 2009 and recommend reading the articles below in case of problems:

http://www.howtoforge.com/perfect-server-mandriva-2009.0-i386
http://www.howtoforge.com/perfect-server-mandriva-2009.0-x86_64


We recommend using the following website to add official media and latest update recourses:

http://easyurpmi.zarb.org

The automatic media setup usually works perfect and will help you to get an up-to-date system quickly.

Make sure to have the following packages available on your system. We’ll later need them to compile OpenVAS. Use the urpmi command like described in this article.

gcc
make
libglib2.0-devel
bison
libopenssl0.9.8-devel
libgtk+2.0_0-devel

Depending on your installation, you may need the following packages also. Watch for error messages during the pre-configuration process in the next step:

libgnutls-devel
libpcap-devel
libgpgme-devel


Step 2: Compiling OpenVAS from source

After downloading the source code please be aware that the installation process might copy files to places different from the ones expected by you or the distribution you are using. This may lead to unexpected results, especially if you install releases from different series or try to remove old copies of OpenVAS if you are not careful. Because of this, you should use a prefix (i.e. ./configure prefix=/opt/openvas). In this case you can easily isolate all the files belonging to this particular OpenVAS version. You can also later uninstall  OpenVAS from your machine by  removing the related subdirectory.

You have to compile and install the packages in the  following order:

1. openvas-libraries
2. openvas-libnasl
3. openvas-server
4. openvas-plugins
5. openvas-client

We recommend reading the files INSTALL and README inside the respective packages.
Let’s start with the libraries and end with the openvas-plugins:

mkdir /opt/openvas
tar xzf openvas-libraries-2.0.0.rc1.tar.gz
cd openvas-libraries-2.0.0.rc1
./configure prefix=/opt/openvas
make
make install

tar xzf openvas-libnasl-2.0.0.rc1.tar.gz
cd openvas-libnasl-2.0.0.rc1
./configure prefix=/opt/openvas
make
make install

tar xzf openvas-server-2.0.0.rc1.tar.gz
cd openvas-server-2.0.0.rc1
./configure prefix=/opt/openvas
make
make install

tar xzf openvas-plugins-1.0.5.tar.gz
cd openvas-plugins-1.0.5
./configure prefix=/opt/openvas
make
make install

On your client machine just compile the following package like this:

tar xzf openvas-client-2.0.0.rc1.tar.gz
cd openvas-client-2.0.0.rc1
./configure prefix=/opt/openvas
make
make install

Change the path variable like this:

Edit the root profile using your favourite editor as root and reboot your machine.

vi  ~/.bash_profile

Add the following line at the end:

export PATH=$PATH:/opt/openvas/bin:/opt/openvas/sbin

To avoid problems with the openvas libraries, we need to create this symbolic link:

ln –s /opt/openvas/lib/libopenvasnasl.so.2  /lib


Prev - Next >>
 
< Prev   Next >
[ Back ]

Main Menu

Home
News
Tips and Tricks
Workshops
Video-Tutorials
Search
Contact Us
Disclaimer

Virus Info Feed

Alexa Traffic Stats

Sedo - Domains kaufen und verkaufen das Projekt linux-tip.eu steht zum Verkauf Besucherstatistiken von linux-tip.eu etracker® Web-Controlling statt Logfile-Analyse