blob: ab3f4c8918c7577734c48e70b43008ce41d70ee1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
-----------------------------------------------------------------
--------------------------IMPORTANT------------------------------
-----------------------------------------------------------------
You will need to set up your /etc/redis.conf file properly before
running openvas-scanner for the first time.
For details, please see the example config file installed to:
--> /etc/openvas/redis.conf.example
Please configure /etc/openvas/openvassd.conf properly
according to redis listening unix socket.
e.g. /etc/openvas/openvassd.conf --> kb_location = /tmp/redis.sock
If you use first-start script it will check various issues and
automatically setup OpenVAS for first time use.
GSA(Greenbone Security Agent) WebUI listens port
9392(local) default. If you want to use nginx reverse proxy
to reach WebUI please see the example config file
--> /etc/openvas/gsa.nginx.reverse.proxy.example
otherwise you can change port to 443 or 80.
-----------------------------------------------------------------
---------------------------SCRIPTS-------------------------------
-----------------------------------------------------------------
'first-start'
--> Automatically setup OpenVAS for first time use
--> Installed in /etc/openvas/scripts
'openvas-feed-sync'
--> Updates Feeds | You can add this to cron
--> Installed in /etc/openvas/scripts
-----------------------------------------------------------------
----------ENVIRONMENT SETTINGS FOR SYSTEMD & OPEN-RC-------------
-----------------------------------------------------------------
'openvas-scanner-daemon.conf'
--> OpenVAS Scanner systemd daemon settings
--> Installed in /etc/openvas/sysconfig
'gvmd-daemon.conf'
--> OpenVAS Manager systemd daemon settings
--> Installed in /etc/openvas/sysconfig
'gsa-daemon.conf
--> Greenbone Security Agent systemd daemon settings
--> Installed in /etc/openvas/sysconfig
'openvas-scanner'
--> OpenVAS Scanner open-rc daemon settings
--> Installed in /etc/config.d
'gvmd'
--> OpenVAS Manager open-rc daemon settings
--> Installed in /etc/config.d
'gsa'
--> Greenbone Security Agent systemd daemon settings
--> Installed in /etc/config.d
-----------------------------------------------------------------
--------QUICK START COMMANDS (IF YOU DON'T USE SCRIPTS)----------
-----------------------------------------------------------------
'env-update && source /etc/profile'
--> Update PATHS
'openvas-manage-certs -a'
--> Create certificates automatically first time
'greenbone-nvt-sync'
--> Update NVT Feed
'greenbone-scapdata-sync'
--> Update scapdata Feed
'greenbone-certdata-sync'
--> Update certdata Feed
'openvassd --foreground --only-cache'
--> Generate initial NVT cache and quit
'rc-service openvas-scanner start or systemctl start openvas-scanner'
--> Start OpenVAS-Scanner
'openvasmd --rebuild --progress'
--> Initialize the Database
'openvasmd --create-user=admin --role=Admin'
--> Create User for WEBUI.Save your password
'rc-service gvmd start or systemctl start gvmd'
--> Start OpenVAS-Manager
'rc-service gsa start or systemctl start gsa'
--> Start the Greenbone Security Assistant
-----------------------------------------------------------------
---------------------PLUGIN KEY AND SIGNING----------------------
-----------------------------------------------------------------
'gpg --homedir=/etc/openvas/gnupg --gen-key'
--> Generate Key
'wget https://www.greenbone.net/GBCommunitySigningKey.asc'
--> Official OpenVAS Transfer Key
'gpg --homedir=/etc/openvas/gnupg --import GBCommunitySigningKey.asc'
--> Import OpenVAS Transfer Key
'gpg --homedir=/etc/openvas/gnupg --lsign-key 0ED1E580'
--> Sign
|
GitWeb