筆者最先在 CentOS 5.9 上安裝,安裝完成後使用瀏覽器無法連線,然後檢查出 9392 PORT並沒有任何服務上網查了一下解決辦法須執行下列指令,但是非常地不穩,索性就換成 CentOS 6.4,以下為安裝步驟。
#gsad --port 9392 -f -v --http-only
- 安裝最小化的 CentOS 6.4
- 關掉 selinux and eth 開機啟動
- 安裝 wget
#yum install wget
- Configure Atomicorp Repository
#wget -q -O - http://www.atomicorp.com/installers/atomic |sh
- 安裝openvas ,執行openvas-setup後,因為下載定義檔需要一段時間,請耐心等候。
#yum install openvas
#openvas-setup
Step 1: Update NVT's
Step 2: Configure GSADThe Greenbone Security Assistant is a Web Based front end for managing scans. By default it is configured to only allow connections from localhost. Allow connections from any IP? [Default: yes] Stopping greenbone-security-assistant: [ OK ] Starting greenbone-security-assistant: [ OK ] Step 3: Choose the GSAD admin users password. The admin user is used to configure accounts, Update NVT's manually, and manage roles. Enter administrator username [Default: admin] : Enter Administrator Password: Verify Administrator Password: ad main:MESSAGE:15385:2013-08-06 14h30.58 CST: No rules file provided, the new user will have no restrictions. ad main:MESSAGE:15385:2013-08-06 14h30.58 CST: User admin has been successfully created. Step 4: Create a user Using /var/tmp as a temporary file holder. Add a new openvassd user --------------------------------- Login : user Authentication (pass/cert) [pass] : Login password : Login password (again) : User rules --------------- openvassd has a rules system which allows you to restrict the hosts that chyau has the right to test. For instance, you may want him to be able to scan his own host only. Please see the openvas-adduser(8) man page for the rules syntax. Enter the rules for this user, and hit ctrl-D once you are done: (the user can have an empty rules set) Login : user Password : *********** Rules : Is that ok? (y/n) [y] Starting openvas-administrator... Starting openvas-administrator: [ OK ] Setup complete, you can now access GSAD at: https://<IP>:9392
#/etc/init.d/openvas-administrator start
#openvas-nvt-sync
#openvassd restart
#openvasmd restart- 檢查openvas是否安裝完成
#wget https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-#setup -O openvas-check-setup.sh --no-check-certificate
#chmod +x openvas-check-setup.sh
#./openvas-check-setup.sh --server - 定期更新定義檔
#vi /etc/crontab
00 5 * * * root openvas-nvt-sync
Service temporarily down 解決方式
openvas-mkcert -f
openvas-mkcert-client -i -n
#restart all daemons
沒有留言:
張貼留言