Openvas: di ubuntu
OpenVAS adalah open source suite yang dapat digunakan untuk men-scan kerentanan dan manajemen kerentanan. OpenVAS adalah singkatan dari Open Vulnerability Assessment System. OpenVAS adalah alternatif yang sangat baik bagi pen-scan keamanan komersial seperti Nessus, QualysGuard, dll. OpenVAS dibagi menjadi tiga bagian: OpenVAS Scanner, OpenVAS Manager, dan OpenVAS CLI.
Disini akan di perlihatkan cara instalasi OpenVAS Vulnerability Scanner di Ubuntu 16.04.
Prasyarat
- Ubuntu Server 16.04 kosong.
- User di server tersebut dengan kemampuan sudo.
- Server memiliki IP statik.
- Server memiliki rsync
Step 1: Update System
Update system
sudo apt update -y sudo apt-get upgrade -y sudo reboot
Step 2: Install dependency
Install
sudo apt install python-software-properties sqlite3
Step 3: Install OpenVAS
Tambahkan OpenVAS PPA & install openvas
sudo add-apt-repository ppa:mrazavi/openvas sudo apt update sudo apt install openvas
Setelah OpenVAS di instalasi. Jalankan OpenVAS menggunakan perintah:
sudo systemctl start openvas-scanner sudo systemctl start openvas-manager sudo systemctl start openvas-gsa
Step 4: Allow OpenVAS through the system firewall
By default, OpenVAS runs on port 443, so you will need to allow this port through the UFW firewall.
sudo ufw allow https
Step 5: Access OpenVAS web interface
Before accessing OpenVAS, you will need to update its vulnerability database.
sudo openvas-nvt-sync
Once the database is up-to-date, open your web browser and type the URL https://192.168.15.110/. On the login page, provide the default username (admin) and password (admin). After logging in, you will be presented with the OpenVAS dashboard.
If you want to change the admin user's password from command line, run the following command:
sudo openvasmd --user=admin --new-password=<new-password>
Congratulations! You have successfully installed OpenVAS on your Ubuntu 16.04 server.