Install Greenbone Vulnerability Manager 10-beta2 on Ubuntu 18.04 to test is out...
Dec 13, 2018Edits:
-
2019-06-11 - _A new updated without beta tarballs is done » Install Greenbone Vulnerability Manager 10 on Ubuntu 18.04 from source… (Linked now fixed thanks to lupus721 )
-
2019-02-09 - Created a test docker image, if you want to test out GVM10b2 and not want to build from src » Github
-
2018-12-13 - Changed download and upack from root to normal user, a good comment in the communityforum
First try at GVM 10b2 on Ubuntu 18.04LTS.
Like the last guides –
This installation is not made for public facing servers, there is no build in security in my setup.
Everything is run as root in this example below, including daemons and web servers…
I take no responsibility if this guide bork you server, burn your house down to ashes or just messes up your life.. It’s under the “it worked for me[tm]” clause
This is work in progress.
Download the stuffz
cd /usr/local/src
sudo mkdir gse10b2
sudo chown $USER:$USER gse10b2
cd gse10b2
wget -O gvm-libs-1.0-beta2.tar.gz https://github.com/greenbone/gvm-libs/archive/v1.0+beta2.tar.gz ;\
wget -O openvas-scanner-6.0-beta2.tar.gz https://github.com/greenbone/openvas-scanner/archive/v6.0+beta2.tar.gz ;\
wget -O gvmd-8.0-beta2.tar.gz https://github.com/greenbone/gvmd/archive/v8.0+beta2.tar.gz ;\
wget -O gsa-8.0-beta2.tar.gz https://github.com/greenbone/gsa/archive/v8.0+beta2.tar.gz ;\
wget -O ospd-1.3.2.tar.gz https://github.com/greenbone/ospd/archive/v1.3.2.tar.gz ;\
wget -O openvas-smb-1.0.4.tar.gz https://github.com/greenbone/openvas-smb/archive/v1.0.4.tar.gz
unpack
find . -name \*.gz -exec tar zxvfp {} \;
Become almighty root
sudo su
install requirements
apt install software-properties-common ;\
add-apt-repository universe ;\
apt install -y cmake pkg-config libglib2.0-dev libgpgme11-dev uuid-dev libssh-gcrypt-dev libhiredis-dev \
gcc libgnutls28-dev libpcap-dev libgpgme-dev bison libksba-dev libsnmp-dev libgcrypt20-dev redis-server \
libsqlite3-dev libical-dev gnutls-bin doxygen nmap libmicrohttpd-dev libxml2-dev apt-transport-https curl \
xmltoman xsltproc gcc-mingw-w64 perl-base heimdal-dev libpopt-dev graphviz nodejs rpm nsis wget sshpass socat snmp
install gvm-libs
cd gvm-libs-1.0-beta2 ;\
mkdir build ;\
cd build ;\
cmake .. ;\
make ;\
make doc-full ;\
make install ;\
cd /usr/local/src/gse10b2
config and build openvas-smb
cd openvas-smb-1.0.4 ;\
mkdir build ;\
cd build/ ;\
cmake .. ;\
make ;\
make install ;\
cd /usr/local/src/gse10b2
config and build scanner
cd openvas-scanner-6.0-beta2 ;\
mkdir build ;\
cd build/ ;\
cmake .. ;\
make ;\
make doc-full ;\
make install ;\
cd /usr/local/src/gse10b2
Fix redis for default openvas install
cp /etc/redis/redis.conf /etc/redis/redis.orig ;\
cp /usr/local/src/gse10b2/openvas-scanner-6.0-beta2/build/doc/redis_config_examples/redis_4_0.conf /etc/redis/redis.conf ;\
sed -i 's|/usr/local/var/run/openvas-redis.pid|/var/run/redis/redis-server.pid|g' /etc/redis/redis.conf ;\
sed -i 's|/tmp/redis.sock|/var/run/redis/redis-server.sock|g' /etc/redis/redis.conf ;\
sed -i 's|dir ./|dir /var/lib/redis|g' /etc/redis/redis.conf
sysctl -w net.core.somaxconn=1024
sysctl vm.overcommit_memory=1
echo "net.core.somaxconn=1024" >> /etc/sysctl.conf
echo "vm.overcommit_memory=1" >> /etc/sysctl.conf
cat << EOF > /etc/systemd/system/disable-thp.service
[Unit]
Description=Disable Transparent Huge Pages (THP)
[Service]
Type=simple
ExecStart=/bin/sh -c "echo 'never' > /sys/kernel/mm/transparent_hugepage/enabled && echo 'never' > /sys/kernel/mm/transparent_hugepage/defrag"
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload ;\
systemctl start disable-thp ;\
systemctl enable disable-thp ;\
systemctl restart redis-server
cat << EOF > /usr/local/etc/openvas/openvassd.conf
db_address = /var/run/redis/redis-server.sock
EOF
update nvt’s
greenbone-nvt-sync
reload modules
ldconfig
start openvassd
openvassd
check out so that openvassd is running
root@hostilehamster:/usr/local/src/gse10b2# watch "ps -ef | grep openvassd"
root 32078 1 27 16:09 ? 00:00:36 openvassd: Reloaded 6550 of 34309 NVTs (19% / ETA: 09:10)1
root 32079 32078 0 16:09 ? 00:00:00 openvassd (Loading Handler)
Wait until “openvassd: Reloaded is done”.. and switches to “Waiting for ingcoming…”
config and build manager
cd gvmd-8.0-beta2 ;\
mkdir build ;\
cd build/ ;\
cmake .. ;\
make ;\
make doc-full ;\
make install ;\
cd /usr/local/src/gse10b2
configure and install gsa
curl --silent --show-error https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add - ;\
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list ;\
sudo apt-get update ;\
sudo apt-get install yarn
cd gsa-8.0-beta2 ;\
mkdir build ;\
cd build/ ;\
cmake .. ;\
make ;\
make doc-full ;\
make install ;\
cd /usr/local/src/gse10b2
fix certs
gvm-manage-certs -a
create admin user
gvmd --create-user=admin
start evrytnhg to test is out..
gvmd ;\
openvassd ;\
gsad
And point your browser to GSA with a new layout https://ipnumberofyourserver and login :)
Coffe..
There were som problems with dashboards and stuff for me with this version. But I havn’t checked that out more yet..
To be continued…