OpenVAS

一、openvas介紹

OpenVAS (Open Vulnerability Assessment System)是開(kāi)放式漏洞評(píng)估系統(tǒng),其核心部件是一個(gè)服務(wù)器,包括一套望樓漏洞測(cè)試程序,可以檢測(cè)遠(yuǎn)程系統(tǒng)和應(yīng)用程序中的安全問(wèn)題。

官網(wǎng):http://www.openvas.org/

注意:OpenVAS Server僅支持Linux系統(tǒng)。OpenVAS Client 沒(méi)有特殊的要求


**二、安裝**

1.配置網(wǎng)絡(luò)

[root@localhost ~]#vi /etc/sysconfig/network-scripts/ifcfg-eth0 

ONBOOT=yes

[root@localhost ~]#/etc/init.d/network restart

2.禁用selinux,重啟生效

[root@localhost ~]#vi /etc/selinux/config

SELINUX=disabled

[root@localhost ~]#reboot

因?yàn)槭翘摂M機(jī),所以把防火墻關(guān)掉了

[root@localhost ~]#/etc/init.d/iptables stop


3.安裝wget

[root@localhost ~]#yum -y install wget

4.配置yum源

[root@localhost ~]#wget -q -O - http://www.atomicorp.com/installers/atomic |sh

5.安裝openvas

[root@localhost ~]#yum -y install openvas

6.更新openvas數(shù)據(jù)庫(kù),設(shè)置用戶名密碼,我用了60分鐘左右 = =!

[root@localhost ~]#openvas-setup

7.同步,已經(jīng)更新到最新,可以不執(zhí)行

[root@localhost ~]#openvas-nvt-sync

8.下載檢查腳本,賦予權(quán)限并執(zhí)行

[root@localhost ~]#wget https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup --no-check-certificate

[root@localhost ~]#chmod 755 openvas-check-setup

[root@localhost ~]#./openvas-check-setup --server

9.檢查模塊進(jìn)程是否正常

[root@localhost src]# service gsad status 

gsad (pid  32259) is running...

[root@localhost src]#  service openvas-manager status

openvas-manager (pid  32639) is running...

[root@localhost src]# /etc/init.d/openvas-scanner status

openvassd (pid  32206) is running...

10.web登錄

https://127.0.0.1:9392

**三、配置**

openvas-check-setup腳本官方下載

https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup

# wget -q -O - http://www.atomicorp.com/installers/atomic |sh

# yum install openvas

# openvas-setup

檢查安裝

# openvas-check-setup

安裝redis

# vim /etc/redis.conf

    port 0

    unixsocket /tmp/redis.sock

    unixsocketperm 755

    timeout 0

啟動(dòng)時(shí)指定配置文件

# redis-server ./redis.conf

如果更改了端口,使用`redis-cli`客戶端連接時(shí),也需要指定端口,例如:

# redis-cli -p 6380

如果要使用Unix Socket連接方式

# ./src/redis-cli -s /tmp/redis.sock

#Initial setup

openvas-mkcert

openvas-mkcert-client -n -i

openvas-nvt-sync

openvas-scapdata-sync

openvas-certdata-sync

service openvas-scanner start     !!!

重建

# openvasmd --rebuild --progress

創(chuàng)建user

# openvasmd --create-user=admin --role=Admin && openvasmd --user=admin --new-password=123456

重啟redis

# service redis restart

啟動(dòng)服務(wù)

# openvasmd -p 9390 -a 0.0.0.0    !!!

# service gsad start              !!!

openvassd

openvasmd --rebuild

openvasmd --backup

openvasmd -p 9390 -a 127.0.0.1

openvasad -a 127.0.0.1 -p 9393

gsad --http-only --listen=127.0.0.1 -p 9392

配置防火墻

iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 9390 -j ACCEPT

iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 9392 -j ACCEPT

iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT

service iptables save

service iptables restart

查看安裝包

# rpm -qa | grep openvas

openvas-smb-1.0.1-1.el6.art.x86_64

openvas-cli-1.4.4-10.el6.art.x86_64

openvas-scanner-5.0.7-25.el6.art.x86_64

openvas-libraries-8.0.8-25.el6.art.x86_64

openvas-manager-6.0.9-36.el6.art.x86_64

openvas-1.0-17.el6.art.noarch

重新啟動(dòng) openvasmd服務(wù)

#!/bin/bash

/etc/init.d/openvas-scanner stop

/etc/init.d/openvas-manager stop

/etc/init.d/gsad stop

/etc/init.d/openvas-scanner start

openvas-nvt-sync

service redis restart

openvasmd --rebuild --progress

openvasmd --create-user=admin --role=Admin && openvasmd --user=admin --new-password=admin

openvasmd -p 9390 -a 0.0.0.0

service gsad start

批量殺死openvas進(jìn)程

# ps -ef |grep openvas|grep -v grep|awk '{print $2}'|xargs kill -9

#注意腳本名字一定不要和grep過(guò)濾的內(nèi)容相同,這樣腳本就很容易被誤殺

===========================================

配置掃描

全局設(shè)置

  設(shè)置--時(shí)區(qū)--上海

1.新建端口列表

2.新建主機(jī)列表

3.新建任務(wù)列表

  大興IDC(生產(chǎn)環(huán)境)

4.策略模板

5.定時(shí)任務(wù)

6.報(bào)警

Metasploit中使用OpenVas

msf > load openvas

msf > openvas_connect

msf > openvas_target_create

msf > openvas_config_list

msf > openvas_task_create

msf > openvas_task_start

msf > openvas_task_list

msf > openvas_report_list

msf > openvas_format_list

msf > openvas_report_download

===========================================

openvas相關(guān)報(bào)錯(cuò)

1.###openvasmd: symbol lookup error: openvasmd: undefined symbol: sqlite3_errstr

#安裝

atomic-sqlite-sqlite-devel.x86_64

atomic-sqlite-sqlite.x86_64 

2.###當(dāng)$OPENVASMD_HOST為空時(shí)會(huì)提示ERROR:OpenVAS Manager is NOT running!

# vim openvas-check-setup

OPENVASMD_HOST=`netstat-A inet -ntlp 2> /dev/null | grep openvasmd | awk -F\ '{print $4}' | awk -F:'{print $1}'`

如果是使用serviceopenvas-manager start 和 openvasmd -p 9390 -a 127.0.0.1啟動(dòng)

[root@VM-ON-106 openvas-manager-6.0.1]# netstat -anlp | grep 9390

tcp 00:::9390:::* LISTEN 19727/openvasmd

發(fā)現(xiàn)9390是監(jiān)聽(tīng)I(yíng)PV6,所以netstat -A inet -ntlp獲取結(jié)果為空,導(dǎo)致會(huì)提示ERROR: OpenVAS Manager is NOT running!

修改啟動(dòng)命令為:openvasmd -p 9390 -a 0.0.0.0

[root@VM-ON-106 admin]# netstat -anlp | grep 9390

tcp  0  0  0.0.0.0:9390 0.0.0.0:* LISTEN 22283/openvasmd

安裝完成后,看一下openvas使用到的進(jìn)程和端口:

1)9390所對(duì)應(yīng)的是openvasmd服務(wù),(使用service openvas-manager start啟動(dòng)的話,會(huì)報(bào)ERROR: OpenVAS Manager is NOT running!)

openvasmd -p 9390 -a 0.0.0.0

2)9391所對(duì)應(yīng)的是openvassd服務(wù),用于掃描。

service openvas-scanner start

3)9392所對(duì)應(yīng)的gsad服務(wù),用于提供Web UI。

service gsad start

3.###重建openvasmd --rebuild --progress卡死

重啟redis服務(wù)

# service redis restart

4.###不同服務(wù)器掃描結(jié)果有差異!

1)openvas版本不同,漏洞庫(kù)更新不一致

2)掃描器網(wǎng)絡(luò)限制問(wèn)題

3)服務(wù)器配置不一樣,掃描結(jié)果也有差異,慢的可能延時(shí)長(zhǎng),會(huì)誤識(shí)別或少識(shí)別檢查項(xiàng)![namp掃描原理有介紹,如果時(shí)間太短,則影響精確性]

5.###Login failed. Waiting for OMP service to become available.

考慮是沒(méi)有開(kāi)啟openvas服務(wù),在終端首先開(kāi)啟openvas

# openvasmd -p 9390 -a 0.0.0.0

#禁用開(kāi)機(jī)啟動(dòng)

# chkconfig  openvas-manager off

#打開(kāi)rc.local文件

[root@openvas ~]# vim /etc/rc.local

#填入到尾部并保存

openvasmd --listen=127.0.0.1

6.發(fā)郵件沒(méi)有附件報(bào)錯(cuò)

Note: This report exceeds the maximum length of 1048576 characters and thus
was truncated.

#原因是因?yàn)楦郊鬅o(wú)法添加【autofp=0 apply_overrides=1 notes=1 overrides=1 result_hosts_only=1 first=1 rows=100sort-reverse=severity levels=hm min_qod=80 timezone=Asia/Shanghai sort=name】

將rows大小改的小一些就可以了。
最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

友情鏈接更多精彩內(nèi)容