04.07.2023

How to install and use OpenVAS (GVM) on Ubuntu?

Utility vulnerability scanners are specialized tools designed to identify security weaknesses in critical infrastructure sectors such as energy, water, transportation, and manufacturing. These systems are often highly interconnected and interdependent, using proprietary technologies and protocols that may not have been originally designed with security in mind. Additionally, many of these systems have been in use for decades and may be difficult or expensive to replace.
Utility vulnerability scanners play a crucial role in identifying potential vulnerabilities within these critical systems and providing guidance on how to remediate them. By doing so, they can help prevent cyber attacks that could cause significant damage to physical infrastructure, disrupt essential services, and even pose a threat to public safety. The use of utility vulnerability scanners is therefore critical for protecting critical infrastructure systems against cyber threats, ensuring business continuity, and safeguarding public safety.

Software

Multiple types of bundled software are available as a solution for this problem. However, OpenVAS stands out as the ideal choice since it meets all the necessary requirements for building a system that is fast, easy to use, and straightforward to manage.

Install and exploit

Before using the main utility update and upgrade your system :

sudo apt update -y && sudo apt dist-upgrade -y

Screenshot №1 — Update OS

You need to log in to Docker Hub. If so, follow these steps. Register on the website, fill all the needed fields and confirm mail that you will receive after registration:

Screenshot №2 — Site

Install virtualization software for starting container:

apt install docker.io

Screenshot №3 — Installation

Press button for confirm installation process. Then you have to log in to Docker Pub via the console using the command:

docker login

Screenshot №4 — Log in

Enter your login details and wait for Docker to confirm a successful login that provide access to container in repositories. Now we need to pull container from repositories:

docker pull mikesplain/openvas

Screenshot №5 — Pull container

Amount data of the file is quiet big, please be patient in process of downloading! After this run container with parameters:

docker run -d -p 443:443 --name openvas mikesplain/openvas

Screenshot №6 — Run container

Retrieving the container from the docker registry and launching it will commence. Kindly note that Openvas startup may require a considerable amount of time as NVT's are scanned and databases reconstructed, hence please exercise patience. Upon sighting the message in the logs, you can proceed to access the web user interface by visiting https://localhost.

For login into the system use this credential:

Username: admin
Password: admin

For this software we need to install graphical shell Gnome:

apt install gnome-core

Screenshot №7 — Gnome install

Reboot the server and login through the web console. You have to look at login panel and enter you credentials:

Screenshot №8 — Login

After this go to the application panel and choose needed browser to search URL:

Screenshot №9 — Firefox

Enter in the Search field URL:

https://localhost

Screenshot №10 — Web page

Enter credentials which we consider above of this instruction. Now you have access to modern vulnerability scanner that can help build more secure system!

Screenshot №11 — Dashboard

If you want to change password, at first you need stop container and then use command for change credentials:

docker stop $(docker ps -a -q)
docker run -d -p 443:443 -e OV_PASSWORD=securepassword41 --name openvas mikesplain/openvas

And write complicated password with letters, numbers and special symbols.

Conclusion

Utility vulnerability scanners are crucial in identifying potential security weaknesses in critical infrastructure systems such as energy, water, transportation, and manufacturing. They play a crucial role in preventing cyber attacks that could cause significant damage to physical infrastructure, disrupt essential services, and even pose a threat to public safety. OpenVAS is an ideal choice of software for building a system that is fast, easy to use, and straightforward to manage. By following the steps outlined in this instruction, one can easily install and exploit OpenVAS to secure their critical infrastructure systems against cyber threats. Additionally, it is recommended to change the default password to a more complicated one with letters, numbers, and special symbols for enhanced security.