Difference between revisions of "Openvas: di ubuntu"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | OpenVAS adalah open source suite yang dapat digunakan untuk men-scan kerentanan dan manajemen kerentanan. OpenVAS adalah singkatan dari Open Vulnerability Assessment System. OpenVAS adalah alternatif yang sangat baik bagi pen-scan keamanan komersial seperti Nessus, QualysGuard, dll. OpenVAS dibagi menjadi tiga bagian: OpenVAS Scanner, OpenVAS Manager, dan OpenVAS CLI. | |
| − | OpenVAS | + | Disini akan di perlihatkan cara instalasi OpenVAS Vulnerability Scanner di Ubuntu 16.04. |
| − | + | ==Prasyarat== | |
| − | + | * Ubuntu Server 16.04 kosong. | |
| + | * User di server tersebut dengan kemampuan sudo. | ||
| + | * Server memiliki IP statik. | ||
| + | * Server memiliki rsync | ||
| − | + | ==Step 1: Update System== | |
| − | |||
| − | |||
| − | |||
| − | + | Update system | |
| − | + | sudo apt update -y | |
| + | sudo apt-get upgrade -y | ||
| + | sudo reboot | ||
| − | + | ==Step 2: Install dependency== | |
| − | |||
| − | |||
| − | + | Install | |
| − | + | sudo apt install python-software-properties sqlite3 | |
| − | |||
| − | sudo apt | ||
| − | |||
| − | |||
| − | |||
| − | |||
==Step 3: Install OpenVAS== | ==Step 3: Install OpenVAS== | ||
| − | + | Tambahkan OpenVAS PPA & install openvas | |
| − | |||
| − | |||
sudo add-apt-repository ppa:mrazavi/openvas | sudo add-apt-repository ppa:mrazavi/openvas | ||
| − | sudo apt | + | sudo apt update |
| − | + | sudo apt -y install openvas | |
| − | |||
| − | |||
| − | sudo apt- | ||
| − | + | Setelah OpenVAS di instalasi. | |
| + | Jalankan OpenVAS menggunakan perintah: | ||
sudo systemctl start openvas-scanner | sudo systemctl start openvas-scanner | ||
| Line 50: | Line 40: | ||
sudo systemctl start openvas-gsa | sudo systemctl start openvas-gsa | ||
| − | + | Men-stop dengan perintah | |
| + | |||
| + | sudo systemctl stop openvas-scanner | ||
| + | sudo systemctl stop openvas-manager | ||
| + | sudo systemctl stop openvas-gsa | ||
| − | + | ==Step 4: Buka Firewall== | |
| + | |||
| + | Jika dibutuhkan buka firewall UFW melalui port 443 | ||
sudo ufw allow https | sudo ufw allow https | ||
| − | ==Step 5: | + | ==Step 5: Akses OpenVAS Web Interface== |
| − | + | Sebelum di akses, update vulnerability | |
sudo openvas-nvt-sync | sudo openvas-nvt-sync | ||
| − | + | Setelah database ter-update, buka browser ke | |
| + | |||
| + | https://ip-address-server-openvas/ | ||
| + | |||
| + | Default username & password | ||
| − | + | admin | |
| + | admin | ||
| + | |||
| + | Untuk mengubah username & password, | ||
sudo openvasmd --user=admin --new-password=<new-password> | sudo openvasmd --user=admin --new-password=<new-password> | ||
| − | |||
| − | |||
Latest revision as of 06:02, 18 May 2018
OpenVAS adalah open source suite yang dapat digunakan untuk men-scan kerentanan dan manajemen kerentanan. OpenVAS adalah singkatan dari Open Vulnerability Assessment System. OpenVAS adalah alternatif yang sangat baik bagi pen-scan keamanan komersial seperti Nessus, QualysGuard, dll. OpenVAS dibagi menjadi tiga bagian: OpenVAS Scanner, OpenVAS Manager, dan OpenVAS CLI.
Disini akan di perlihatkan cara instalasi OpenVAS Vulnerability Scanner di Ubuntu 16.04.
Prasyarat
- Ubuntu Server 16.04 kosong.
- User di server tersebut dengan kemampuan sudo.
- Server memiliki IP statik.
- Server memiliki rsync
Step 1: Update System
Update system
sudo apt update -y sudo apt-get upgrade -y sudo reboot
Step 2: Install dependency
Install
sudo apt install python-software-properties sqlite3
Step 3: Install OpenVAS
Tambahkan OpenVAS PPA & install openvas
sudo add-apt-repository ppa:mrazavi/openvas sudo apt update sudo apt -y install openvas
Setelah OpenVAS di instalasi. Jalankan OpenVAS menggunakan perintah:
sudo systemctl start openvas-scanner sudo systemctl start openvas-manager sudo systemctl start openvas-gsa
Men-stop dengan perintah
sudo systemctl stop openvas-scanner sudo systemctl stop openvas-manager sudo systemctl stop openvas-gsa
Step 4: Buka Firewall
Jika dibutuhkan buka firewall UFW melalui port 443
sudo ufw allow https
Step 5: Akses OpenVAS Web Interface
Sebelum di akses, update vulnerability
sudo openvas-nvt-sync
Setelah database ter-update, buka browser ke
https://ip-address-server-openvas/
Default username & password
admin admin
Untuk mengubah username & password,
sudo openvasmd --user=admin --new-password=<new-password>