On Wed, Aug 12, 2020 at 4:05 PM Kaushal Shriyan kaushalshriyan@gmail.com wrote:
On Wed, 12 Aug 2020 at 13:11, Nicolas Kovacs info@microlinux.fr wrote:
Le 11/08/2020 à 17:42, Kaushal Shriyan a écrit :
I am running CentOS Linux release 8.2.2004 (Core). Are there any instructions to install OpenVAS for CentOS Linux release 8.2.2004
(Core)?
Thanks in advance and I look forward to hearing from you.
For what it's worth, here's my archived blog article about installing OpenVAS on CentOS 7:
https://oldblog.microlinux.fr/openvas-centos-epel/
As far as I can tell, installing OpenVAS with Docker is the easiest way nowadays.
Cheers,
Niki
Thanks Niki for the email and much appreciated. I will go through it and get in touch if I encounter any issues. Thanks in Advance
Best Regards,
Kaushal
Hi Niki,
I am running CentOS Linux release 7.8.2003 (Core) and have followed https://oldblog.microlinux.fr/openvas-centos-epel/ I am encountering errors and the details are as below:-
Error: md5sums not correct. Your NVT collection might be broken now.
ERROR: The NVT collection is very small. ERROR: Your OpenVAS-8 installation is not yet complete!
#openvas-check-setup openvas-check-setup 2.3.3 Test completeness and readiness of OpenVAS-8 (add '--v6' or '--v7' or '--v9' if you want to check for another OpenVAS version) Please report us any non-detected problems and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem. Use the parameter --server to skip checks for client tools like GSD and OpenVAS-CLI. Step 1: Checking OpenVAS Scanner ... OK: OpenVAS Scanner is present in version 5.0.6. OK: OpenVAS Scanner CA Certificate is present as /etc/pki/openvas/CA/cacert.pem. OK: redis-server is present in version v=3.2.12. OK: scanner (kb_location setting) is configured properly using the redis-server socket: /run/redis/redis.sock OK: redis-server is running and listening on socket: /run/redis/redis.sock. OK: redis-server configuration is OK and redis-server is running. ERROR: The NVT collection is very small. FIX: Run a synchronization script like openvas-nvt-sync or greenbone-nvt-sync. ERROR: Your OpenVAS-8 installation is not yet complete! Please follow the instructions marked with FIX above and run this script again. If you think this result is wrong, please report your observation and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem. [root@openvascentos7 ~]# cat /tmp/openvas-check-setup.log openvas-check-setup 2.3.3 Mode: desktop Date: Wed, 12 Aug 2020 22:58:45 +0530 Checking for old OpenVAS Scanner <= 2.0 ... /usr/bin/openvas-check-setup: line 163: openvasd: command not found Checking presence of OpenVAS Scanner ... OpenVAS Scanner 5.0.6 Most new code since 2005: (C) 2015 Greenbone Networks GmbH Nessus origin: (C) 2004 Renaud Deraison deraison@nessus.org License GPLv2: GNU GPL version 2 This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
Checking OpenVAS Scanner version ... OK: OpenVAS Scanner is present in version 5.0.6. plugins_folder = /var/lib/openvas/plugins cache_folder = /var/cache/openvas include_folders = /var/lib/openvas/plugins max_hosts = 30 max_checks = 10 be_nice = no logfile = /var/log/openvas/openvassd.log log_whole_attack = no log_plugins_name_at_load = no dumpfile = /var/log/openvas/openvassd.dump cgi_path = /cgi-bin:/scripts optimize_test = yes checks_read_timeout = 5 network_scan = no non_simult_ports = 139, 445 plugins_timeout = 320 scanner_plugins_timeout = SCANNER_NVT_TIMEOUT safe_checks = yes auto_enable_dependencies = yes use_mac_addr = no nasl_no_signature_check = yes drop_privileges = no unscanned_closed = yes unscanned_closed_udp = yes vhosts = vhosts_ip = report_host_details = yes cert_file = /etc/pki/openvas/CA/servercert.pem key_file = /etc/pki/openvas/private/CA/serverkey.pem ca_file = /etc/pki/openvas/CA/cacert.pem kb_location = /run/redis/redis.sock timeout_retry = 3 rules = /etc/openvas/openvassd.rules port_range = default silent_dependencies = no save_knowledge_base = no kb_restore = no only_test_hosts_whose_kb_we_dont_have = no only_test_hosts_whose_kb_we_have = no kb_dont_replay_scanners = no kb_dont_replay_info_gathering = no kb_dont_replay_attacks = no kb_dont_replay_denials = no kb_max_age = 864000 slice_network_addresses = no config_file = /etc/openvas/openvassd.conf Checking OpenVAS Scanner CA cert ... OK: OpenVAS Scanner CA Certificate is present as /etc/pki/openvas/CA/cacert.pem. Checking presence of redis ... OK: redis-server is present in version v=3.2.12. Checking if redis-server is configured properly to run with openVAS ... OK: scanner (kb_location setting) is configured properly using the redis-server socket: /run/redis/redis.sock Checking if redis-server is running ... OK: redis-server is running and listening on socket: /run/redis/redis.sock. OK: redis-server configuration is OK and redis-server is running. Checking NVT collection ... ERROR: The NVT collection is very small. FIX: Run a synchronization script like openvas-nvt-sync or greenbone-nvt-sync. [root@openvascentos7 ~]#
#openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'. [i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'. [i] Online information about this feed: ' http://www.openvas.org/openvas-nvt-feed.html'. [i] NVT dir: /var/lib/openvas/plugins [w] Could not determine feed version. [i] rsync is not recommended for the initial sync. Falling back on http. [i] Will use wget [i] Using GNU wget: /usr/bin/wget [i] Configured NVT http feed: http://www.openvas.org/openvas-nvt-feed-current.tar.bz2 [i] Downloading to: /tmp/openvas-nvt-sync.GwFkbeYeaE/openvas-feed-2020-08-12-22369.tar.bz2 --2020-08-12 23:00:04-- http://www.openvas.org/openvas-nvt-feed-current.tar.bz2 Resolving www.openvas.org (www.openvas.org)... 45.135.105.67, 2a0e:6b40:10::67 Connecting to www.openvas.org (www.openvas.org)|45.135.105.67|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://www.openvas.org/openvas-nvt-feed-current.tar.bz2 [following] --2020-08-12 23:00:04-- https://www.openvas.org/openvas-nvt-feed-current.tar.bz2 Connecting to www.openvas.org (www.openvas.org)|45.135.105.67|:443... connected. HTTP request sent, awaiting response... 404 Not Found 2020-08-12 23:00:05 ERROR 404: Not Found. [i] Checking dir: ok [i] Checking MD5 checksum: /usr/bin/md5sum: /var/lib/openvas/plugins/md5sums: No such file or directory not ok Error: md5sums not correct. Your NVT collection might be broken now. Please try this for details: cd "/var/lib/openvas/plugins" ; /usr/bin/md5sum -c "/var/lib/openvas/plugins/md5sums" | less
Thanks in advance and I look forward to hearing from you.
Best Regards,
Kaushal