Difference between revisions of "Openvas: di ubuntu"

From OnnoWiki
Jump to navigation Jump to search
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
==Introduction==
+
OpenVAS adalah open source suite yang dapat digunakan untuk men-scan kerentanan dan manajemen kerentanan. OpenVAS adalah singkatan dari Open Vulnerability Assessment System. OpenVAS adalah alternatif yang sangat baik bagi pen-scan keamanan komersial seperti Nessus, QualysGuard, dll. OpenVAS dibagi menjadi tiga bagian: OpenVAS Scanner, OpenVAS Manager, dan OpenVAS CLI.
  
OpenVAS is an open source suite that can be used for vulnerability scanning and vulnerability management. It stands for Open Vulnerability Assessment System. OpenVAS is an excellent alternative to commercial security scanners such as Nessus, QualysGuard, etc. OpenVAS is divided into three parts: OpenVAS Scanner, OpenVAS Manager, and OpenVAS CLI.
+
Disini akan di perlihatkan cara instalasi OpenVAS Vulnerability Scanner di Ubuntu 16.04.
  
In this tutorial, I will explain how to install OpenVAS Vulnerability Scanner on Ubuntu 16.04.
+
==Prasyarat==
  
==Prerequisites==
+
* Ubuntu Server 16.04 kosong.
 +
* User di server tersebut dengan kemampuan sudo.
 +
* Server memiliki IP statik.
 +
* Server memiliki rsync
  
* A newly deployed Vultr Ubuntu 16.04 server instance.
+
==Step 1: Update System==
* A non-root user with sudo privileges setup on your server.
 
* A static IP address of 192.168.15.110 configured on your system.
 
* The rsync package must be installed
 
  
==Step 1: Update the system==
+
Update system
  
First, update your system to the latest stable version by running the following commands:
+
sudo apt update -y
 +
sudo apt-get upgrade -y
 +
sudo reboot
  
sudo apt-get update -y
+
==Step 2: Install dependency==
sudo apt-get upgrade -y
 
sudo reboot
 
  
==Step 2: Install required dependencies==
+
Install
  
Before installing OpenVAS, you will need to install its required dependencies. To install them, run the following command:
+
  sudo apt install python-software-properties sqlite3
 
 
  sudo apt-get install python-software-properties
 
 
 
Next, you will also need to install SQLite for OpenVAS manager:
 
 
 
sudo apt-get install sqlite3
 
  
  
 
==Step 3: Install OpenVAS==
 
==Step 3: Install OpenVAS==
  
By default, the OpenVAS package is not available in the Ubuntu 16.04 repository, so you will need to add OpenVAS PPA to your system's repository list.
+
Tambahkan OpenVAS PPA & install openvas
 
 
Add the OpenVAS PPA.
 
  
 
  sudo add-apt-repository ppa:mrazavi/openvas
 
  sudo add-apt-repository ppa:mrazavi/openvas
  sudo apt-get update
+
  sudo apt update
 
+
  sudo apt -y install openvas
Finally, install OpenVAS.
 
 
 
  sudo apt-get install openvas
 
  
Once OpenVAS has finished installing, start the OpenVAS service with the following commands:
+
Setelah OpenVAS di instalasi.
 +
Jalankan OpenVAS menggunakan perintah:
  
 
  sudo systemctl start openvas-scanner
 
  sudo systemctl start openvas-scanner
Line 50: Line 40:
 
  sudo systemctl start openvas-gsa
 
  sudo systemctl start openvas-gsa
  
==Step 4: Allow OpenVAS through the system firewall==
+
Men-stop dengan perintah
 +
 
 +
sudo systemctl stop openvas-scanner
 +
sudo systemctl stop openvas-manager
 +
sudo systemctl stop openvas-gsa
  
By default, OpenVAS runs on port 443, so you will need to allow this port through the UFW firewall.
+
==Step 4: Buka Firewall==
 +
 
 +
Jika dibutuhkan buka firewall UFW melalui port 443
  
 
  sudo ufw allow https
 
  sudo ufw allow https
  
==Step 5: Access OpenVAS web interface==
+
==Step 5: Akses OpenVAS Web Interface==
  
Before accessing OpenVAS, you will need to update its vulnerability database.
+
Sebelum di akses, update vulnerability
  
 
  sudo openvas-nvt-sync
 
  sudo openvas-nvt-sync
  
Once the database is up-to-date, open your web browser and type the URL https://192.168.15.110/. On the login page, provide the default username (admin) and password (admin). After logging in, you will be presented with the OpenVAS dashboard.
+
Setelah database ter-update, buka browser ke
 +
 
 +
https://ip-address-server-openvas/
 +
 
 +
Default username & password
  
If you want to change the admin user's password from command line, run the following command:
+
admin
 +
admin
 +
 
 +
Untuk mengubah username & password,
  
 
  sudo openvasmd --user=admin --new-password=<new-password>
 
  sudo openvasmd --user=admin --new-password=<new-password>
 
Congratulations! You have successfully installed OpenVAS on your Ubuntu 16.04 server.
 

Latest revision as of 06:02, 18 May 2018

OpenVAS adalah open source suite yang dapat digunakan untuk men-scan kerentanan dan manajemen kerentanan. OpenVAS adalah singkatan dari Open Vulnerability Assessment System. OpenVAS adalah alternatif yang sangat baik bagi pen-scan keamanan komersial seperti Nessus, QualysGuard, dll. OpenVAS dibagi menjadi tiga bagian: OpenVAS Scanner, OpenVAS Manager, dan OpenVAS CLI.

Disini akan di perlihatkan cara instalasi OpenVAS Vulnerability Scanner di Ubuntu 16.04.

Prasyarat

  • Ubuntu Server 16.04 kosong.
  • User di server tersebut dengan kemampuan sudo.
  • Server memiliki IP statik.
  • Server memiliki rsync

Step 1: Update System

Update system

sudo apt update -y
sudo apt-get upgrade -y
sudo reboot

Step 2: Install dependency

Install

sudo apt install python-software-properties sqlite3


Step 3: Install OpenVAS

Tambahkan OpenVAS PPA & install openvas

sudo add-apt-repository ppa:mrazavi/openvas
sudo apt update
sudo apt -y install openvas

Setelah OpenVAS di instalasi. Jalankan OpenVAS menggunakan perintah:

sudo systemctl start openvas-scanner
sudo systemctl start openvas-manager
sudo systemctl start openvas-gsa

Men-stop dengan perintah

sudo systemctl stop openvas-scanner
sudo systemctl stop openvas-manager
sudo systemctl stop openvas-gsa

Step 4: Buka Firewall

Jika dibutuhkan buka firewall UFW melalui port 443

sudo ufw allow https

Step 5: Akses OpenVAS Web Interface

Sebelum di akses, update vulnerability

sudo openvas-nvt-sync

Setelah database ter-update, buka browser ke

https://ip-address-server-openvas/

Default username & password

admin
admin

Untuk mengubah username & password,

sudo openvasmd --user=admin --new-password=<new-password>