Centos7设备Openvas(GVM-10)


设备进程

首要介绍GVM-10在CentOS 7 64位体系上的设备进程,在root账户下实施各项操作。

查看操作体系版别
cat /etc/redhat-release

操作进程:
vi /etc/selinux/config
修改参数:
SELINUX=disabled

更新:
yum -y update

重启:
reboot

设备依托:
yum install -y wget bzip2 texlive net-tools alien gnutls-utils
增加库房:
wget -q -O - https://www.atomicorp.com/installers/atomic | sh
或许
wget -q -O – https://www6.atomicorp.com/installers/atomic | sh

设备:
yum install gvm -y

修改文件:
vi /etc/redis.conf
修改装备:
unixsocket /tmp/redis.sock
unixsocketperm 700

重启redis:
systemctl enable redis && systemctl restart redis

建议openvas初始环境装备:
openvas-setup
留神:时刻有点长这一步实施进程中可能会呈现几回交互操作,实施完毕之后,会呈现体系运用的处理员账户默以为admin及其暗码设置,不允许为空暗码,这一步按要求设置暗码即可,稍等片刻!

设备完毕后需求重启
reboot

进程查看,正常应该为三个Active: active (running)
进程查看:
systemctl status gvmd # manager
systemctl status openvas-scanner # scanner
systemctl status gsad # web ui
示例如下:

systemctl status gvmd

● gvmd.service - OpenVAS Manager
Loaded: loaded (/usr/lib/systemd/system/gvmd.service; disabled; vendor preset: disabled)
Active: active (running) since Wed 2019-10-30 03:44:57 CST; 10s ago
Process: 10835 ExecStart=/usr/sbin/gvmd $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 10836 (gvmd)
CGroup: /system.slice/gvmd.service

       ├─10836 gvmd: Waiting for incoming connections
├─10858 gvmd: Reloading NVTs
└─10859 gvmd: Syncing SCAP

Oct 30 03:44:57 VM_0_17_centos systemd[1]: Starting OpenVAS Manager...
Oct 30 03:44:57 VM_0_17_centos systemd[1]: Started OpenVAS Manager.

systemctl status openvas-scanner

● openvas-scanner.service - OpenVAS Scanner
Loaded: loaded (/usr/lib/systemd/system/openvas-scanner.service; disabled; vendor preset: disabled)
Active: active (running) since Wed 2019-10-30 03:44:30 CST; 47s ago
Process: 10771 ExecStart=/usr/sbin/openvassd $SCANNER_SOCKET $SCANNER_MODE $SCANNER_GROUP $SCANNER_OWNER (code=exited, status=0/SUCCESS)
Main PID: 10772 (openvassd)
CGroup: /system.slice/openvas-scanner.service

       ├─10772 /usr/sbin/openvassd
├─10773 openvassd: Waiting for incoming connections
└─10774 openvassd: Reloaded 25350 of 53156 NVTs (47% / ETA: 00:50)

Oct 30 03:44:30 VM_0_17_centos systemd[1]: Starting OpenVAS Scanner...
Oct 30 03:44:30 VM_0_17_centos systemd[1]: Started OpenVAS Scanner.

systemctl status gsad

● gsad.service - Greenbone Security Assistant (OpenVAS)
Loaded: loaded (/usr/lib/systemd/system/gsad.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2019-10-30 03:38:10 CST; 7min ago
Process: 1248 ExecStart=/usr/sbin/gsad $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 1356 (gsad)
CGroup: /system.slice/gsad.service

       ├─1356 /usr/sbin/gsad
└─1357 /usr/sbin/gsad

拜访登录:
在浏览器中输入https://192.168.1.1(此处的IP为你安顿OpenVAS的主机ip),输入账号admin,或许设置好的用户名及暗码,登录成功!现在默许设备完openvas的gsad会监听443端口,也可以查验拜访https://192.168.1.1:9392

假定未照顾可以直接进行端口查看:
查看TCP端口
netstat -ntlp
假定端口443为翻开状况且被监听就需求设置防火墙端口放行

防火墙放行端口:(假定体系默许封闭可通过该指令翻开)
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload
firewall-cmd --list-port


其他的一些操作

用户操作:
增加用户
sudo gvmd --create-user=unicorn
体系为默许生成暗码:
User created with password '6sds652f-f43f-49e8-bc9d-a5s89d483'.
修改用户暗码:
sudo gvmd --user=unicorn --new-password=unicorn2019
可通过以下指令删去已增加用户
sudo gvmd --delete-user=unicorn

库更新:
sudo greenbone-nvt-sync
sudo greenbone-scapdata-sync
sudo greenbone-certdata-sync

进程查看:
systemctl status gvmd # manager
systemctl status openvas-scanner # scanner
systemctl status gsad # web ui

启用引导服务:
sudo systemctl enable openvas-scanner
sudo systemctl enable gvmd
sudo systemctl enable gsad

从头建议OpenVAS:
sudo systemctl restart gvmd
sudo systemctl restart openvas-scanner
sudo systemctl restart gsad

WEB处理修改端口:
指令
gsad --http-only --listen=0.0.0.0 -p 5555
或许
echo 'OPTIONS="--listen=0.0.0.0 --port=5555"' > /etc/sysconfig/gsad
systemctl start gsad

服务文件目录
/lib/systemd/system/gvmd.service
/lib/systemd/system/gsad.service
/lib/systemd/system/openvas-scanner.service


陈述PDF格局无法下载下载为0K,无法翻开问题处理办法
首要,为CentOS 7设备其他texlive软件包。
sudo yum -y install texlive-collection-fontsrecommended texlive-collection-latexrecommended texlive-changepage texlive-titlesec
创立一个目录,下载comment.sty文件,更改对新下载文件的权限,然后运用texhash从头创立数据库。您可以正常的运用以下指令
mkdir -p /usr/share/texlive/texmf-local/tex/latex/comment
cd /usr/share/texlive/texmf-local/tex/latex/comment
wget http://mirrors.ctan.org/macros/latex /contrib/comment/comment.sty
chmod 644 comment.sty
texhash


默许库为自动更新
离线更新
只需守时下载漏洞库压缩包解压掩盖到如下目录:
/var/lib/openvas/plugins/