华强北电脑城 龙岗电子世界 龙华电脑城  凯尔电脑

 找回密码
 立即注册

QQ登录

只需一步,快速开始

查看: 2076|回复: 0

Install OpenVAS on CentOS 7 – An easy way to secure the server

[复制链接]
发表于 2022-4-2 11:46:27 | 显示全部楼层 |阅读模式
Install OpenVAS on CentOS 7 – An easy way to secure the server
$ o8 l# w) h4 N$ r1 ^5 R! y$ o5 r8 T; _# e* }& e
5 ^' S' }0 M$ p( `
Why is OpenVAS so necessary to install on centos 7?
Server security is a key factor in the hosting industry. There are many tools available that help us to ensure the proper level of security to our servers. One of them that can protect the server from unauthenticated access is the Open Vulnerability Assessment System
In this article, we discuss how we support our customers to install OpenVAS as part of our Server Management Services.
What is the OpenVAS Vulnerability Scanner?
OpenVAS is a vulnerability scanner that is provided by Greenbone Networks. It has many built-in tests used to find any vulnerability on the server.
Also, it has a specially designed Web interface that is capable of setting up and running vulnerability scans fastly.
Moreover, OpenVAS has the following features.
1. Unauthenticated testing and authenticated testing.% G" |: S) l2 t- F
2. Various high level and low-level Internet and industrial protocols.
) E# C* k7 }" L& x  q3 y! `3. Performance tuning for large-scale scans.
/ V7 Q% [' J9 r& s6 J
How we install OpenVAS on CentOS
Here, let see how our Support Engineers install OpenVAS on CentOS.
Before getting into the installation procedure, we ensure that the following requirements set up with the server.
  • Disable SELinux.
  • Permit TCP port 9392, 443 and 80.5 V/ c/ r: a3 J+ E
1 }; k; X: n8 c1 i" s# F
1. After that, we download a script by using the following command.
wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo sh
2. Then, we clear YUM and install OpenVAS with the following command
yum clean allyum install openvas
4. After that, we start the OpenVAS setup and follow the prompts.
openvas-setup
5. Next, we configure the admin user.
openvasmd --user=admin --new-password=MySecretPassword
6. Also, we set the NVT signature check value from “YES to No” in /etc/openvas/openvassd.conf.
nasl_no_signature_check = no
6. Finally, we restart the following services too.
systemctl enable redissystemctl enable gsadsystemctl enable gvmdsystemctl enable openvas-managersystemctl enable openvas-scannersystemctl restart redissystemctl restart gsadsystemctl restart gvmdsystemctl restart openvas-managersystemctl restart openvas-scanner
That’s it!.
Now, we can access OpenVAS via https://localhost:9392 or https://localhost with the username and password that we’ve previously set.
. c  w: Z* M- q% W9 _  n* B3 b3 I* G
Install OpenVAS on CentOS – Common errors and fix
Now, let’s see the major reasons for OpenVAS error and how our  Support Engineers fix the top errors.

0 r7 J7 x0 j0 ?& a# u3 x& J3 L- pProblem with Redis
Often, many customers face an error after installing the OpenVAS on the system.
This is mainly due to a failure to start the Open Vulnerability Assessment System Scanner Daemon. Also,  when checks the status, it looks like,
It shows that openvas-scanner doesn’t communicate with Redis.
So, we recreate the/var/run/redis-openvas/redis-server.sock file to solve the error.
mv /var/run/redis-openvas/redis-server.sock redis-server.sock.bktouch /var/run/redis-openvas/redis-server.sock
Finally, we restart the openvas-scanner.
systemctl restart openvas-scanner
The service has been activated now.

6 M9 w/ e. b) h( k! x: q7 k: lNVT collection
Mostly, the script openvas-setup causes errors at the end of the NVT downloading. And, the log shows the below error.
(openvassd:2272): lib kb_redis-CRITICAL **: get_redis_ctx: redis connection error: No such file or directory. openvassd: no process found(openvassd:2272): lib kb_redis-CRITICAL **: redis_new: cannot access redis at '/var/run/redis/redis.sock'
Luckily, we have a command like openvas-check-setup to see what component is causing this error.  Also, it gives a detailed description of the error.
ERROR: The number of NVTs in the OpenVAS Manager database is too low.FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT collection and run 'openvasmd --rebuild'.
Therefore, rebuilding the NVT collection solve the error.
openvasmd --rebuild
1 T2 J4 c5 G& B9 d  N. q
[Need assistance to manage OpenVAS? We’ll help you.]
8 I! o  V4 p: A9 m1 L
Conclusion
In short, OpenVAS is a vulnerability scanner that helps to protect the server from unauthenticated accesses. Today, we saw how our Support Engineersinstall OpenVAS on CentOS 7 and fix the related errors.

7 ]% Q+ P' |0 K$ T0 c( f8 p3 P1 p
) z, z+ d' l/ W, g: \; h3 F0 M& o
1 u0 `) x4 h  j( _9 {
/ v" P0 z$ e% c% Y; _. t
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|华强北 电脑城 龙岗电子世界 龙华电脑城 pc4g.com ( 粤ICP备16039863号 )

GMT+8, 2024-11-9 18:50 , Processed in 0.176163 second(s), 15 queries .

Powered by Discuz! X3.4

Copyright © 2001-2021, Tencent Cloud.

快速回复 返回顶部 返回列表