How to setup OpenVAS on Ubuntu Server LTS 12.0.4

I had some trouble setting up OpenVAS on Ubuntu 12.0.4, so I thought I would record the steps required in order to help anyone else that has the same issues. The steps are an amlagmation of the steps found in these sites hackertarget.com, alienvault.com and kaarposoft.dk.

Installation Steps

I installed to a VM running under VirtualBox. So first step is to install Ubuntu Server LTS 12.0.4 into a virtual machine. I took all the defaults, except to opt to install SSHD server. Once installed, perform an update as root

apt-get update; apt-get upgrade;

For some packaging reason libmicrohttpd needs special treatment, so run the following to download and install.

wget http://download.opensuse.org/repositories/security:/OpenVAS:/UNSTABLE:/v6/xUbuntu_12.10/amd64/libmicrohttpd10_0.9.26-1_amd64.deb
dpkg -i libmicrohttpd10_0.9.26-1_amd64.deb

Next add the OpenVAS repository and refresh apt-get

apt-get -y install python-software-properties
add-apt-repository "deb http://download.opensuse.org/repositories/security:/OpenVAS:/UNSTABLE:/v5/xUbuntu_12.04/ ./" 
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys BED1E87979EAFD54
apt-get update;

Next install some required packages

apt-get -y install libgpgme11 libpth20 sqlite3 xsltproc nmap

Next install OpenVAS

apt-get -y install greenbone-security-assistant openvas-cli openvas-manager openvas-scanner openvas-administrator sqlite3 rsync

To install support packages for report generation (downloads around 30 MB of additional packages):

apt-get -y install texlive-latex-base texlive-latex-extra texlive-latex-recommended htmldoc

With that all gone, you need to edit the following files to set the IP address. Search for 127.0.0.1 and change to your machines IP address.

vi /etc/default/greenbone-security-assistant 

vi /etc/default/openvas-manager 

vi /etc/default/openvas-administrator 

vi /etc/default/openvas-scanner

Finally run this script from the OpenVAS website

test -e /var/lib/openvas/CA/cacert.pem  || sudo openvas-mkcert -q

openvas-nvt-sync
openvas-scapdata-sync

test -e /var/lib/openvas/users/om || sudo openvas-mkcert-client -n om -i

/etc/init.d/openvas-manager stop

/etc/init.d/openvas-scanner stop

openvassd

openvasmd --migrate

openvasmd --rebuild

killall openvassd

sleep 15

/etc/init.d/openvas-scanner start

/etc/init.d/openvas-manager start

/etc/init.d/openvas-administrator restart

/etc/init.d/greenbone-security-assistant restart

test -e /var/lib/openvas/users/admin || sudo openvasad -c add_user -n admin -r Admin

There seems to be a problem running over ssl, so you have to turn that off. Yes not ideal, but better than a non working scanner. Change the line in /etc/init.d/greenbone-security-assistant from:

start_daemon() {

        start-stop-daemon --start --exec $DAEMON -- $DAEMONOPTS 2>&1 >/dev/null

to:

start_daemon() {

        start-stop-daemon --start --exec $DAEMON -- $DAEMONOPTS --http-only 2>&1 >/dev/null

Finally you should be able to connect via http://IP_ADDRESS:9392/.

Zero Results

After finally getting this to work, I was quite happy until I went to scan something. The results would come back in 20 seconds, with no records. It turns out, that by default OpenVAS ignores any host that it can't ping. To fix this, in the admin app Under Configuration -> Scan Configs find Ping Host and set Mark unrechable Hosts as dead (not scanning) to no and Report about unrechable Hosts to yes. Run the scan again, and it should work fine.

Run After Reboot

I discovered that the above steps work, but will not auto start the service after reboot. In the end I used the following to resolve. The first removes any old init.d settings, then the second creates new symlinks with dependencies.

update-rc.d -f openvas-scanner remove
update-rc.d -f openvas-manager remove
update-rc.d -f openvas-administrator remove
update-rc.d -f greenbone-security-assistant remove

update-rc.d openvas-scanner start 20 2 3 4 5 . stop 80 0 1 6 .
update-rc.d openvas-manager start 21 2 3 4 5 . stop 79 0 1 6 .
update-rc.d openvas-administrator start 22 2 3 4 5 . stop 78 0 1 6 .
update-rc.d greenbone-security-assistant start 23 2 3 4 5 . stop 77 0 1 6 .