English | Deutsch
Home » OpenVAS Ausprobieren

OpenVAS konfigurieren und starten

Ist OpenVAS korrekt installiert?

Um den Zustand ihrer Installation zu überprüfen gibt es ein nützliches Script namens openvas-check-setup. Dies können Sie mit den folgenden drei Schritten verwenden:

  1. Die neuste Version von openvas-check-setup herunterladen.
  2. Sicherstellen das das Script ausführbar ist:
    chmod +x openvas-check-setup
  3. Das Script ausführen:
    ./openvas-check-setup
  4. für das aktuelle stabile OpenVAS oder
    ./openvas-check-setup [ --v4 | --v5 | --v6 | ... ]
    für jeweils andere Generationen von OpenVAS.

openvas-check-setup wird dann den Zustand ihrer OpenVAS Installation überprüfen und Maßnahmen vorschlagen sollte es Fehler oder Fehlkonfigurationen finden. Es wird außerdem überprüfen ob alle notwendigen OpenVAS Dienste laufen und auf den korrekten Ports Verbindungen akzeptieren.

Im Falle das die Hinweise des Scripts nicht helfen eine funktionierende OpenVAS Installation zu erhalten melden Sie uns bitte das Problem auf der OpenVAS Nutzer Mailing-Liste damit wir openvas-check-setup aktualisieren können.

Wenn Sie die OpenVAS Dienste auf einem Server installieren wollen und keine Klienten wie etwa OpenVAS CLI oder GSD benötigen, können Sie die Überprüfung der Klienten ausschalten. Starten Sie dazu openvas-check-setup mit dem --server Parameter.

./openvas-check-setup --server

Beispielausgaben von openvas-check-setup

Die folgenden Beispiele zeigen wonach openvas-check-setup prüft und wie es dabei helfen kann die Installation von OpenVAS abzuschließen.

Erster Start:

openvas-check-setup 2.0.1
  Test completeness and readiness of OpenVAS-4

  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

  Use the parameter --server to skip checks for client tools
  like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ... 
        OK: OpenVAS Scanner is present in version 3.2.3.
        OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
        OK: NVT collection in /var/lib/openvas/plugins contains 20380 NVTs.
Step 2: Checking OpenVAS Manager ... 
        OK: OpenVAS Manager is present in version 3.0.0.
        OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
        OK: OpenVAS Manager database is at revision 42.
        OK: OpenVAS Manager expects database at revision 42.
        OK: Database schema is up to date.
        OK: xsltproc found.
Step 3: Checking OpenVAS Administrator ... 
        OK: OpenVAS Administrator is present in version 1.1.2.
        OK: At least one user exists.
        ERROR: No admin user found. You need to create at least one admin user to log in.
        FIX: Create a user using 'openvasad -c 'add_user' -n <name> -r Admin'

 ERROR: Your OpenVAS-4 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

If you think this result is wrong, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.

Zweiter Start, nachdem man wie beschrieben einen admin Nutzer angelegt hat:

openvas-check-setup 2.0.1
  Test completeness and readiness of OpenVAS-4

  Please report us any non-detected problems and
  help us to improve this check routine:
  http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

  Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.

  Use the parameter --server to skip checks for client tools
  like GSD and OpenVAS-CLI.

Step 1: Checking OpenVAS Scanner ... 
        OK: OpenVAS Scanner is present in version 3.2.3.
        OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
        OK: NVT collection in /var/lib/openvas/plugins contains 20380 NVTs.
Step 2: Checking OpenVAS Manager ... 
        OK: OpenVAS Manager is present in version 3.0.0.
        OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
        OK: OpenVAS Manager database is at revision 42.
        OK: OpenVAS Manager expects database at revision 42.
        OK: Database schema is up to date.
        OK: xsltproc found.
Step 3: Checking OpenVAS Administrator ... 
        OK: OpenVAS Administrator is present in version 1.1.2.
        OK: At least one user exists.
        OK: At least one admin user exists.
Step 4: Checking Greenbone Security Assistant (GSA) ... 
        OK: Greenbone Security Assistant is present in version 3.0.0.
Step 5: Checking OpenVAS CLI ... 
        OK: OpenVAS CLI version 1.1.2.
Step 6: Checking Greenbone Security Desktop (GSD) ... 
        OK: Greenbone Security Desktop is present in Version 1.1.1.
Step 7: Checking if OpenVAS services are up and running ... 
        OK: netstat found, extended checks of the OpenVAS services enabled.
        OK: OpenVAS Scanner is running and listening on all interfaces.
        OK: OpenVAS Scanner is listening on port 9391, which is the default port.
        OK: OpenVAS Manager is running and listening on all interfaces.
        OK: OpenVAS Manager is listening on port 9390, which is the default port.
        OK: OpenVAS Administrator is running and listening on all interfaces.
        OK: OpenVAS Administrator is listening on port 9393, which is the default port.
        OK: Greenbone Security Assistant is running and listening on all interfaces.
        OK: Greenbone Security Assistant is listening on port 9392, which is the default port.

It seems like your OpenVAS-4 installation is OK.

If you think it is not OK, please report your observation
and help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Please attach the log-file (/tmp/openvas-check-setup.log) to help us analyze the problem.