aboutsummaryrefslogtreecommitdiff
path: root/network/greenbone-security-assistant/README
diff options
context:
space:
mode:
Diffstat (limited to 'network/greenbone-security-assistant/README')
-rw-r--r--network/greenbone-security-assistant/README65
1 files changed, 44 insertions, 21 deletions
diff --git a/network/greenbone-security-assistant/README b/network/greenbone-security-assistant/README
index 3681cc3a2148e..82c8f6f5bb3db 100644
--- a/network/greenbone-security-assistant/README
+++ b/network/greenbone-security-assistant/README
@@ -23,76 +23,99 @@ This is the UI the Open Vulnerability Assessment System (OpenVAS).
not available as slackbuilds at this time. Stay tuned.
- If you're running in a VM environment, or on a headless server, then
- installing haveged is recommended, particularly for step 9 below.
+ installing haveged is recommended, particularly for step 11 below.
+
+###### Upgrade Notes ######
+
+If you're updating from OpenVAS-7 to OpenVAS-8, please note the following.
+(See: http://www.openvas.org/install-source.html if you're unsure which
+version you're running.)
+
+Openvas now uses redis as a temporary database while running scans. You will
+need redis installed and running, as well as hiredis. See step 2 below on
+how to configure redis.
+
+Before running openvas-manager, you'll need to migrate the database. Simply
+run:
+# openvasmd --migrate
###### Installation Instructions ######
These instructions assume you're familiar with slackbuilds. If not, please
refer to http://slackbuilds.org/howto/ .
-1. Build and install openvas-libraries.
+1. Build and install hiredis.
+
+2. Build and install redis. You need to uncomment the following 2 lines in the
+ /etc/redis/redis.conf file:
+#unixsocket /tmp/redis.sock
+#unixsocketperm 700
+ Now start up redis:
+# sh /etc/rc.d/rc.redis start
+
+3. Build and install openvas-libraries.
-2. Build and install openvas-scanner.
+4. Build and install openvas-scanner.
-3. You need a Certificate Authority and server certificate. Run the following
+5. You need a Certificate Authority and server certificate. Run the following
command:
# openvas-mkcert
-4. You need the NVT's (Network Vulnerability Tests). Run the following
+6. You need the NVT's (Network Vulnerability Tests). Run the following
command to sync. In the future, you can do this through the
greenbone-security-assistant interface. This will take a minute or so
with a blazing fast internet connection. YMMV.
# openvas-nvt-sync
-5. Start the openvas-scanner daemon.
+7. Start the openvas-scanner daemon.
# sh /etc/rc.d/rc.openvassd start
-6. Build and install openvas-manager.
+8. Build and install openvas-manager.
-7. You need client certificates for manager to talk to scanner. Use the
+9. You need client certificates for manager to talk to scanner. Use the
following command.
# openvas-mkcert-client -n -i
-8. Initialize the manager database. This will take a while, so be patient.
+10. Initialize the manager database. This will take a while, so be patient.
# openvasmd --rebuild
-9. You want encrypted credentials in the DB, so do this now.
+11. You want encrypted credentials in the DB, so do this now.
# openvasmd --create-credentials-encryption-key
This may take a while, so it's best to create some entropy by skipping to
- #11-#13 and then coming back, if needed.
+ #13-#15 and then coming back, if needed.
-10. Create a user.
+12. Create a user.
# openvasmd --create-user=cary
If you find the assigned password hard to remember, you can change it
right now.
# openvasmd --user=cary --new-password=mekmitasdigoat
-11. Sync SCAP data. This will take some time.
+13. Sync SCAP data. This will take some time.
# openvas-scapdata-sync
-12. Sync CERT data.
+14. Sync CERT data.
# openvas-certdata-sync
-13. Update port names.
+15. Update port names.
# wget http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml
# openvas-portnames-update service-names-port-numbers.xml
# rm service-names-port-numbers.xml
-14. Start the openvas-manager daemon.
+16. Start the openvas-manager daemon.
# sh /etc/rc.d/rc.openvasmd start
-15. Build and install libmicrohttpd.
+17. Build and install libmicrohttpd.
-16. Build and install greenbone-security-assistant.
+18. Build and install greenbone-security-assistant.
-17. Launch the greenbone-security-assistant.
+19. Launch the greenbone-security-assistant.
# sh /etc/rc.d/rc.gsad start
-18. Point your browser at https://<YOUR IP OR HOSTNAME>:9392
+20. Point your browser at https://<YOUR IP OR HOSTNAME>:9392
You'll get a certificate error, of course (fixing this is left as an
excercise for the reader). Log in with your username/password from #10.
-19. [Optional] Build and install openvas-cli. You'll need this if you ever
+21. [Optional] Build and install openvas-cli. You'll need this if you ever
want to script tests.
That's it! If you run into any problems, you can try running the