Skip to content

OpenVAS

DOCS: https://github.com/greenbone/openvas-scanner

OpenVAS (Greenbone Vulnerability Management) Setup and Usage on Parrot OS

OpenVAS, now known as Greenbone Vulnerability Management (GVM), is a powerful open-source tool for vulnerability scanning and network security assessments. Parrot OS includes OpenVAS in its repository, making installation and setup straightforward.

Step 1: Install OpenVAS on Parrot OS

First, update your system and install OpenVAS:

sudo apt update
sudo apt install openvas -y

Step 2: Setup OpenVAS

Run the initial setup:

sudo gvm-setup

This process downloads and configures the necessary components. After setup, verify the installation with:

sudo gvm-check-setup

If there are any issues, follow the script’s recommendations to fix them.

Step 3: Start OpenVAS Services

To start OpenVAS:

sudo gvm-start

To check the status of services:

sudo systemctl status gvmd
sudo systemctl status ospd-openvas

If you reboot your system, restart OpenVAS with:

sudo gvm-start

Step 4: Update Vulnerability Database

Manually sync the latest vulnerability feeds:

sudo greenbone-feed-sync --type gvmdata  # Updates GVM database
sudo greenbone-feed-sync --type cert     # Updates security advisories
sudo greenbone-feed-sync --type scap     # Updates SCAP data (CVE, OVAL, CPE)

Once completed, restart OpenVAS services:

sudo systemctl restart gvmd
sudo systemctl restart ospd-openvas

Verify the feed updates:

sudo gvmd --get-scanners
sudo gvmd --get-users

Step 5: Access OpenVAS Web Interface

  1. Open a browser and go to:

    https://127.0.0.1:9392

  2. Log in with:

    Username: admin
Password: <generated-during-setup>

    If you forgot the password, reset it with:

    sudo gvmd --user=admin --new-password=<newpassword>

Step 6: Create a Scan Target

  1. Navigate to Scans → Targets.

  2. Click New Target and enter:

    • Target Name: My Network

    • Hosts: 192.168.1.1-192.168.1.254

    • Port List: OpenVAS Default

  3. Click Save.

Step 7: Create and Run a Vulnerability Scan

  1. Go to Scans → Tasks.

  2. Click New Task.

  3. Configure the task:

    • Name: Vulnerability Scan

    • Scan Target: Select the previously created target.

  4. Click Save and then Start.

Step 8: View and Analyze Scan Results

  • Navigate to Scans → Reports.

  • Click on a completed scan report.

  • Review vulnerabilities and recommended fixes.

Step 9: Export Reports

To generate and download reports:

  • Open the scan report.

  • Click Export and select a format (PDF, XML, CSV).

Step 10: Automate Scans (Optional)

To schedule regular scans:

  1. Go to Configuration → Schedules.

  2. Click New Schedule (e.g., Weekly Scan).

  3. Assign it to a scan task.

Troubleshooting Common Issues

1. Web Interface Not Loading

Check if OpenVAS is running:

sudo systemctl status gvmd
sudo systemctl status ospd-openvas

If the service is down, restart it:

sudo gvm-start

Or manually start services:

sudo systemctl restart gvmd ospd-openvas

Check if port 9392 is listening:

sudo netstat -tulnp | grep 9392

If it's not listening, check firewall rules:

sudo ufw allow 9392/tcp

2. Password Reset

sudo gvmd --user=admin --new-password=<newpassword>