{"id":10304,"date":"2017-07-25T14:18:57","date_gmt":"2017-07-25T13:18:57","guid":{"rendered":"https:\/\/myworldofit.net\/?p=10304"},"modified":"2017-08-15T09:42:15","modified_gmt":"2017-08-15T08:42:15","slug":"a-windows-sysadmin-installs-and-uses-openvas-end-to-end-guide","status":"publish","type":"post","link":"https:\/\/myworldofit.net\/?p=10304","title":{"rendered":"A Windows SysAdmin installs and uses OpenVAS &#8211; End to end guide &#8211; Installation"},"content":{"rendered":"<div class=\"pps-series-post-details pps-series-post-details-variant-classic pps-series-post-details-11445\" data-series-id=\"412\"><div class=\"pps-series-meta-content\"><div class=\"pps-series-meta-text\">This entry is part 1 of 4 in the series <a href=\"https:\/\/myworldofit.net\/?series=a-windows-sysadmin-installs-and-uses-openvas\">A Windows SysAdmin installs and uses OpenVAS<\/a><\/div><\/div><\/div><p><a href=\"https:\/\/myworldofit.net\/wp-content\/uploads\/2017\/07\/OpenVAS.png\"><img loading=\"lazy\" decoding=\"async\" width=\"600\" height=\"304\" class=\"aligncenter wp-image-10313\" alt=\"\" src=\"https:\/\/myworldofit.net\/wp-content\/uploads\/2017\/07\/OpenVAS-1024x519.png\" srcset=\"https:\/\/myworldofit.net\/wp-content\/uploads\/2017\/07\/OpenVAS-1024x519.png 1024w, https:\/\/myworldofit.net\/wp-content\/uploads\/2017\/07\/OpenVAS-300x152.png 300w, https:\/\/myworldofit.net\/wp-content\/uploads\/2017\/07\/OpenVAS-768x389.png 768w, https:\/\/myworldofit.net\/wp-content\/uploads\/2017\/07\/OpenVAS.png 1208w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/a><\/p>\n<p>This guide covers one (of I&#8217;m sure a 1,000) ways to deploy and use <a href=\"http:\/\/www.openvas.org\/\">OpenVAS<\/a> 9 in your environment on Ubuntu Server 16.04 for the purpose of <a href=\"https:\/\/en.wikipedia.org\/wiki\/White_hat_%28computer_security%29\">White Hat<\/a> <a href=\"https:\/\/en.wikipedia.org\/wiki\/Penetration_test\">Penetration Testing<\/a>, more so it&#8217;s also written from the viewpoint of a SysAdmin who mainly works with Windows Systems (Windows Server\/Hyper-V\/PowerShell\/suchlike) and so takes a very simplistic approach to the setup.<\/p>\n<p>The goals of this project are to<\/p>\n<ul>\n<li>Install Ubuntu Server 16.04 LTS on Hyper-V<\/li>\n<li>Deploy OpenVAS to that server<\/li>\n<li>Execute scripted commands against OpenVAS from a remote system<\/li>\n<li>Light up with a big warning sign all of the unknown issues within a network<\/li>\n<\/ul>\n<p>Lets get started!<\/p>\n<p>To start out you will need<\/p>\n<ul>\n<li>A Hyper-V host (although no reason not to run it on VMWare\/whatnot)<\/li>\n<li>The latest ISO for Ubuntu Server 16.04 LTS saved somewhere your Hyper-V server can get to\n<ul>\n<li>Download from &#8211;&nbsp;<a href=\"https:\/\/www.ubuntu.com\/download\/server\">https:\/\/www.ubuntu.com\/download\/server<\/a><\/li>\n<li>Worth noting that only the 16.04 LTS release is going to work with this guide, when I first tried getting OpenVAS to work with 17.04 (a newer release) there were various blocking issues that I could not overcome. In short &#8211; use 16.04!!!<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Step 0 &#8211; Get DNS in the right place<\/h2>\n<p>Configuring DNS correctly in particular with relation to Reverse Lookup will help your OpenVAS deployment loads, for a good guide on how to setup Reverse Lookup take a look at this link &#8211;&nbsp;<a href=\"http:\/\/de.community.dell.com\/techcenter\/os-applications\/w\/wiki\/684.how-to-configure-dns-reverse-lookup-zone-in-windows-server-2012\">http:\/\/de.community.dell.com\/techcenter\/os-applications\/w\/wiki\/684.how-to-configure-dns-reverse-lookup-zone-in-windows-server-2012<\/a> (don&#8217;t worry about the de. its in English!).<\/p>\nngg_shortcode_0_placeholder\n<h2>Step 1 &#8211; Configure a Hyper-V VM for OpenVAS<\/h2>\n<p>In this next step we configure a Hyper-V VM running on <a href=\"https:\/\/www.microsoft.com\/en-us\/evalcenter\/evaluate-hyper-v-server-2016\">Windows Hyper-V Server 2016<\/a> (which is free by the way!).<\/p>\nngg_shortcode_1_placeholder\n<h2>Step 2 &#8211; Install Ubuntu Server<\/h2>\n<p>Next up the install of Ubuntu Linux, as I understand OpenVAS can be installed on all kinds of flavours of Linux however the support I&#8217;ve seen in the past around Ubuntu seems much better than other options. This portion of the guide assumes you are not running your OpenVAS server on a network that&#8217;s got DHCP enabled (in this example it&#8217;s on our Servers VLAN).<\/p>\nngg_shortcode_2_placeholder\n<h2>Step 3 &#8211; First Boot<\/h2>\n<p>Next up we have some housekeeping for Ubuntu, making sure it&#8217;s up to date and getting OpenSSH server running so we can move to using something like <a href=\"https:\/\/www.chiark.greenend.org.uk\/~sgtatham\/putty\/\">PuTTY<\/a> (download from &#8211;&nbsp;<a href=\"https:\/\/www.chiark.greenend.org.uk\/~sgtatham\/putty\/latest.html\">https:\/\/www.chiark.greenend.org.uk\/~sgtatham\/putty\/latest.html<\/a>) to manage the server.<\/p>\n<p>For this portion of the guide you will need the following lines of script-<\/p>\n<blockquote><p>sudo apt-get update<br \/>\nsudo apt-get upgrade<\/p>\n<p>sudo apt-get install openssh-server<\/p>\n<p>sudo reboot<\/p><\/blockquote>\nngg_shortcode_3_placeholder\n<h2>Step 4 &#8211; Install OpenVAS<\/h2>\n<p>Here comes the good bit! The initial installation of OpenVAS and downloading of the lists of vulnerabilities.<\/p>\n<p>For this portion of the guide you will need the following lines of script-<\/p>\n<div class=\"oembed-gist\"><script src=\"https:\/\/gist.github.com\/jamesfed\/e3470f66e2f8ddddb3a65257ba39db19.js\"><\/script><noscript>View the code on <a href=\"https:\/\/gist.github.com\/jamesfed\/e3470f66e2f8ddddb3a65257ba39db19\">Gist<\/a>.<\/noscript><\/div>\nngg_shortcode_4_placeholder\n<h2>Step 5 &#8211; Change the default password!!!<\/h2>\n<p>Now that OpenVAS is running it&#8217;ll be using the default username\/password combination of admin\/admin, how brilliant is that!<\/p>\nngg_shortcode_5_placeholder\n<h2>Step 6 &#8211; Allow API Access<\/h2>\n<p>For the last step in this guide we will set it so that the port for API Access to OpenVAS is enabled on every boot of the machine.<\/p>\n<blockquote><p>sudo nano \/etc\/rc.local<\/p>\n<p>sudo openvasmd -p 9390 -a 0.0.0.0<\/p>\n<p>sudo \/etc\/rc.local<\/p><\/blockquote>\nngg_shortcode_6_placeholder\n<h2>Next up&#8230;.<\/h2>\n<p>So that&#8217;s things setup, in the next guide (hopefully following in a day or two) we will be using the API to create a list of victims to test against and generate reports for a &#8216;list of things to do&#8217;.<\/p>\n","protected":false},"excerpt":{"rendered":"<div class=\"pps-series-post-details pps-series-post-details-variant-classic pps-series-post-details-11445 pps-series-meta-excerpt\" data-series-id=\"412\"><div class=\"pps-series-meta-content\"><div class=\"pps-series-meta-text\">This entry is part 1 of 4 in the series <a href=\"https:\/\/myworldofit.net\/?series=a-windows-sysadmin-installs-and-uses-openvas\">A Windows SysAdmin installs and uses OpenVAS<\/a><\/div><\/div><\/div><p>This guide covers one (of I&#8217;m sure a 1,000) ways to deploy and use OpenVAS 9 in your environment on Ubuntu Server 16.04 for the purpose of White Hat Penetration Testing, more so it&#8217;s also written from the viewpoint of a SysAdmin who mainly works with Windows Systems (Windows Server\/Hyper-V\/PowerShell\/suchlike) and so takes a very simplistic approach to the setup&#8230;. <a class=\"read-more\" href=\"https:\/\/myworldofit.net\/?p=10304\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"footnotes":""},"categories":[11,20],"tags":[35,410,411,409],"series":[412],"class_list":["post-10304","post","type-post","status-publish","format-standard","hentry","category-servers","category-software","tag-linux","tag-openvas","tag-pen-testing","tag-ubuntu","series-a-windows-sysadmin-installs-and-uses-openvas"],"_links":{"self":[{"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/posts\/10304","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/myworldofit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10304"}],"version-history":[{"count":10,"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/posts\/10304\/revisions"}],"predecessor-version":[{"id":10435,"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/posts\/10304\/revisions\/10435"}],"wp:attachment":[{"href":"https:\/\/myworldofit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10304"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/myworldofit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10304"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/myworldofit.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10304"},{"taxonomy":"series","embeddable":true,"href":"https:\/\/myworldofit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fseries&post=10304"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}