Installing OpenVAS in Kali Linux can be a bit confusing. Below I outlined the steps.
OpenVAS is sometimes also referred to as GVM, or “Greenbone Vulnerability Management”, that is why sometimes you need to use the gvm command, and sometimes the Greenbone command. Below are some of the components that make up OpenVAS:
- Greenbone Vulnerability Manager (GVM): This is the central management component of the suite. It integrates several tools and databases to facilitate vulnerability scanning, management, and reporting.
- OpenVAS Scanner: This is the scanner component responsible for actively scanning networks and systems for vulnerabilities. It uses a database of Network Vulnerability Tests (NVTs) to perform these scans.
- Greenbone Security Assistant (GSA): GSA is the web interface provided by GVM. It allows users to configure and manage scans, view scan results, generate reports, and manage user accounts.
- Greenbone Community Feed: This is a free feed provided by Greenbone that includes a collection of NVTs, SCAP data, and other security content. It’s essential for keeping the scanning tools up-to-date with the latest vulnerability information.
- SCAP (Security Content Automation Protocol) Data: SCAP data includes standardized formats for expressing and manipulating security-related information, such as vulnerability checks, configuration benchmarks, and security checklists.
- Greenbone Management Protocol (GMP): GMP is the protocol used for communication between components within GVM, allowing for automation and integration with other systems.
How to install OpenVAS in Kali Linux
sudo apt install gvm
This will configure the postgresDB, create a new user called _gvm, download Notus files, NASL files (scripts), SCAP data, etc.
This command takes quite a while to run, so just leave it.
After the command is done, it will display your admin password. We will reset it later on, so if you missed it, don’t worry.
Run the setup command
sudo gvm-setup
This will check that everything was installed and configured properly. It can also take a few minutes to run so be patient.
Start the OpenVAS server
To start the OpenVAS service, run this command.
sudo gvm-start
And to stop the OpenVAS server run this command.
sudo gvm-stop
If you want to change your password, stop the OpenVAS server and run the below commands.
How to open the Web Interface
Go to “https://localhost:9392” and log in using “admin” as your username and your password.
“SCAP database is required” error
When you start OpenVAS for the first time and log into the web interface, go to the menu option “SecInfo” and then click on “NVTs”. I you get the error “SCAP database is required”, don’t worry.
OpenVAS does a bunch of stuff in the background the first time you run it, so leave the web interface open and give it about an hour to do its thing (this is a once off and should never happen again).
You will also notice quite high CPU usage during this time, it is normal. Just wait a while.
Reset your OpenVAS admin password
Stop the service, run the below command, start the service, and try to log in with your newly set password. If it did not work, stop the service again, then run the second command, and start the service again.
sudo gvmd --user=admin --new-password=myNewPass
The second command
This command executes gvmd as the _gvm user (which got created when we ran “sudo apt install gvm“).
sudo runuser -u _gvm -- gvmd --user=admin --new-password=myNewPass
How to create a new user
sudo runuser -u _gvm -- gvmd --create-user=newUser --new-password=newUserPass
How to update the vulnerability feeds
This will update everyting
greenbone-feed-sync
To update only certain feeds
greenbone-nvt-sync
greenbone-scapdata-sync
greenbone-certdata-sync
Brief summary of each of the feeds
NVT (Network Vulnerability Tests): NVTs are scripts or test definitions used by the OpenVAS scanner to detect vulnerabilities in network services, applications, and operating systems.
SCAP Data (Security Content Automation Protocol): SCAP basically contains your CVEs. it is a suite of standards for automating the management of vulnerabilities and ensuring security compliance. SCAP data includes standardized formats for expressing and manipulating security-related information, such as vulnerability descriptions, configuration benchmarks, and security checklists. (but it does so much more)
CERT data (Computer Emergency Response Team): CERT data includes information about security advisories, incident reports, and other threat intelligence provided by CERT organizations.
Enable Postgres to start when Kali starts
My postgreSQL only starts when openVAS starts, but I need postgreSQL to start when Kali boots up because Metsaploit and other services also need postgreSQL.
I am running both postgreSQL 16 and 17, so your output might look different from mine:
systemctl list-units --type=service | grep postgresql
The output will look something like this:
[email protected]
[email protected]
Now enable the postgreSQL services to start on boot:
sudo systemctl enable [email protected]
sudo systemctl enable [email protected]
If you want to start up postgreSQL now, then run these commands:
sudo systemctl start [email protected]
sudo systemctl start [email protected]
Lastly, verify the status of these 2 services:
sudo systemctl status [email protected]
sudo systemctl status [email protected]
postgreSQL 16 and 17 clashes
At some point when I upgraded Kali, postgreSQL 17 got installed and openVAS did not want to start anymore because it needed to connect to postgreSQL 17 and not 16.
The issue is, postgreSQL 16 was listening on port 5432 (standard port) and postgreSQL 17 on a non-standard port. Or both were listening on the same port preventing any postgreSQL to start. Either way, whatever the problem was, here is the fix:
- Modify /etc/postgresql/16/main/postgresql.conf and change its port to e.g. 5434
- Then modify /etc/postgresql/17/main/postgresql.conf and change its port to 5432 (the standard postgreSQL port)