diff options
Diffstat (limited to 'network/greenbone-security-assistant/README')
-rw-r--r-- | network/greenbone-security-assistant/README | 65 |
1 files changed, 44 insertions, 21 deletions
diff --git a/network/greenbone-security-assistant/README b/network/greenbone-security-assistant/README index 3681cc3a2148e..82c8f6f5bb3db 100644 --- a/network/greenbone-security-assistant/README +++ b/network/greenbone-security-assistant/README @@ -23,76 +23,99 @@ This is the UI the Open Vulnerability Assessment System (OpenVAS). not available as slackbuilds at this time. Stay tuned. - If you're running in a VM environment, or on a headless server, then - installing haveged is recommended, particularly for step 9 below. + installing haveged is recommended, particularly for step 11 below. + +###### Upgrade Notes ###### + +If you're updating from OpenVAS-7 to OpenVAS-8, please note the following. +(See: http://www.openvas.org/install-source.html if you're unsure which +version you're running.) + +Openvas now uses redis as a temporary database while running scans. You will +need redis installed and running, as well as hiredis. See step 2 below on +how to configure redis. + +Before running openvas-manager, you'll need to migrate the database. Simply +run: +# openvasmd --migrate ###### Installation Instructions ###### These instructions assume you're familiar with slackbuilds. If not, please refer to http://slackbuilds.org/howto/ . -1. Build and install openvas-libraries. +1. Build and install hiredis. + +2. Build and install redis. You need to uncomment the following 2 lines in the + /etc/redis/redis.conf file: +#unixsocket /tmp/redis.sock +#unixsocketperm 700 + Now start up redis: +# sh /etc/rc.d/rc.redis start + +3. Build and install openvas-libraries. -2. Build and install openvas-scanner. +4. Build and install openvas-scanner. -3. You need a Certificate Authority and server certificate. Run the following +5. You need a Certificate Authority and server certificate. Run the following command: # openvas-mkcert -4. You need the NVT's (Network Vulnerability Tests). Run the following +6. You need the NVT's (Network Vulnerability Tests). Run the following command to sync. In the future, you can do this through the greenbone-security-assistant interface. This will take a minute or so with a blazing fast internet connection. YMMV. # openvas-nvt-sync -5. Start the openvas-scanner daemon. +7. Start the openvas-scanner daemon. # sh /etc/rc.d/rc.openvassd start -6. Build and install openvas-manager. +8. Build and install openvas-manager. -7. You need client certificates for manager to talk to scanner. Use the +9. You need client certificates for manager to talk to scanner. Use the following command. # openvas-mkcert-client -n -i -8. Initialize the manager database. This will take a while, so be patient. +10. Initialize the manager database. This will take a while, so be patient. # openvasmd --rebuild -9. You want encrypted credentials in the DB, so do this now. +11. You want encrypted credentials in the DB, so do this now. # openvasmd --create-credentials-encryption-key This may take a while, so it's best to create some entropy by skipping to - #11-#13 and then coming back, if needed. + #13-#15 and then coming back, if needed. -10. Create a user. +12. Create a user. # openvasmd --create-user=cary If you find the assigned password hard to remember, you can change it right now. # openvasmd --user=cary --new-password=mekmitasdigoat -11. Sync SCAP data. This will take some time. +13. Sync SCAP data. This will take some time. # openvas-scapdata-sync -12. Sync CERT data. +14. Sync CERT data. # openvas-certdata-sync -13. Update port names. +15. Update port names. # wget http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml # openvas-portnames-update service-names-port-numbers.xml # rm service-names-port-numbers.xml -14. Start the openvas-manager daemon. +16. Start the openvas-manager daemon. # sh /etc/rc.d/rc.openvasmd start -15. Build and install libmicrohttpd. +17. Build and install libmicrohttpd. -16. Build and install greenbone-security-assistant. +18. Build and install greenbone-security-assistant. -17. Launch the greenbone-security-assistant. +19. Launch the greenbone-security-assistant. # sh /etc/rc.d/rc.gsad start -18. Point your browser at https://<YOUR IP OR HOSTNAME>:9392 +20. Point your browser at https://<YOUR IP OR HOSTNAME>:9392 You'll get a certificate error, of course (fixing this is left as an excercise for the reader). Log in with your username/password from #10. -19. [Optional] Build and install openvas-cli. You'll need this if you ever +21. [Optional] Build and install openvas-cli. You'll need this if you ever want to script tests. That's it! If you run into any problems, you can try running the |