๐ Vulnerability Scanning with OpenVAS on AlmaLinux: Find Weaknesses Before Hackers Do!
Ever wondered how hackers find ways into systems? ๐ฐ They look for vulnerabilities - the digital equivalent of unlocked doors and broken windows! Today, weโre flipping the script and becoming the good guys who find these weaknesses first! Meet OpenVAS (now part of Greenbone Vulnerability Management) - your automated security scanner that checks for over 50,000 known vulnerabilities! Letโs turn your AlmaLinux system into a vulnerability-hunting machine! ๐
๐ค Why is Vulnerability Scanning Important?
Think of vulnerability scanning like a health check-up for your servers - but instead of checking blood pressure, weโre checking for security weaknesses! Itโs preventive medicine for your infrastructure! ๐
Hereโs why OpenVAS is absolutely critical:
- ๐ฏ Find vulnerabilities first - Discover weaknesses before attackers do
- ๐ Comprehensive scanning - Tests for 50,000+ known vulnerabilities
- ๐ Regular assessments - Continuous security posture monitoring
- ๐ Compliance reporting - Meet regulatory requirements easily
- ๐ก๏ธ Patch prioritization - Know what to fix first
- ๐ฐ Cost-effective - Free alternative to expensive commercial scanners
- ๐ Deep inspection - Tests services, ports, and configurations
- ๐ Detailed reports - Get actionable remediation steps
๐ฏ What You Need
Before we start hunting vulnerabilities, letโs check our requirements! Donโt worry, itโs manageable:
- โ AlmaLinux 8 or 9 (fresh installation recommended)
- โ Root or sudo access (scanner needs privileges! ๐ช)
- โ Minimum 4GB RAM (8GB recommended for better performance)
- โ 20GB free disk space (for vulnerability database)
- โ Stable internet connection (for updates)
- โ About 45 minutes for installation
- โ Target systems to scan (with permission! โ ๏ธ)
๐ Step 1: Install Dependencies and Prepare System
Letโs prepare your AlmaLinux system for OpenVAS installation! Weโll need several packages.
# Update system first
sudo dnf update -y
# Ensures latest packages
# Install EPEL repository
sudo dnf install -y epel-release
# Adds Extra Packages repository
# Install development tools
sudo dnf groupinstall -y "Development Tools"
# Installs compilers and tools
# Install required dependencies
sudo dnf install -y \
wget vim curl git \
python3 python3-pip \
nodejs npm \
redis postgresql postgresql-server \
xmlstarlet gnutls-utils \
nmap net-snmp
# Installs all required packages
# Initialize PostgreSQL
sudo postgresql-setup --initdb
# Creates database cluster
# Start and enable services
sudo systemctl enable --now postgresql
sudo systemctl enable --now redis
# Starts database services
Configure firewall for OpenVAS:
# Open required ports
sudo firewall-cmd --permanent --add-port=9392/tcp
# HTTPS web interface port
sudo firewall-cmd --permanent --add-port=9390/tcp
# GVM protocol port
sudo firewall-cmd --reload
# Apply firewall changes
# Verify ports are open
sudo firewall-cmd --list-ports
# Should show 9392/tcp and 9390/tcp
๐ง Step 2: Install Greenbone Vulnerability Management (GVM/OpenVAS)
Now letโs install GVM, which includes OpenVAS! Weโll use the atomic repository for easier installation.
# Add Atomicorp repository
wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo sh
# Installs atomic repo
# Install GVM/OpenVAS
sudo dnf install -y gvm
# Installs complete GVM suite
# Alternative: Install from source (more control)
cd /opt
sudo git clone https://github.com/greenbone/gvm-libs.git
sudo git clone https://github.com/greenbone/openvas-scanner.git
sudo git clone https://github.com/greenbone/ospd-openvas.git
# Downloads source code
# Configure GVM
sudo gvm-setup
# Initial configuration - This takes time!
# The setup will:
# - Create certificates
# - Sync vulnerability database (NVT)
# - Configure PostgreSQL
# - Set up Redis
# - Generate admin credentials
During setup, save the admin password shown! It looks like:
Admin password: AbCd1234-EfGh-5678-IjKl-MnOpQrStUvWx
# SAVE THIS PASSWORD!
๐ Step 3: Configure and Start OpenVAS Services
Letโs configure OpenVAS for optimal performance and start all services! ๐
# Start GVM services
sudo gvm-start
# Starts all GVM components
# Verify services are running
sudo gvm-check-setup
# Should show "Installation OK"
# Check individual components
sudo systemctl status gsad
# Greenbone Security Assistant (Web UI)
sudo systemctl status gvmd
# Greenbone Vulnerability Manager
sudo systemctl status ospd-openvas
# OpenVAS Scanner Daemon
# Update vulnerability feeds
sudo greenbone-feed-sync --type GVMD_DATA
# Updates vulnerability database
sudo greenbone-feed-sync --type SCAP
# Updates SCAP data
sudo greenbone-feed-sync --type CERT
# Updates CERT data
# This process takes 30-60 minutes!
Configure scanner optimization:
# Edit OpenVAS configuration
sudo nano /etc/openvas/openvas.conf
Add these performance settings:
# Scanner performance settings
max_hosts = 5
max_checks = 10
time_between_request = 0
optimize_test = yes
plugins_timeout = 320
scanner_plugins_timeout = 36000
safe_checks = yes
auto_enable_dependencies = yes
use_mac_addr = no
nasl_no_signature_check = yes
drop_privileges = no
โ Step 4: Access Web Interface and Create Scan Targets
Time to access the web interface and set up your first scan! ๐ฏ
# Get the web interface URL
echo "https://$(hostname -I | awk '{print $1}'):9392"
# Shows your OpenVAS URL
# If you forgot the admin password
sudo gvmd --user=admin --new-password=NewSecurePassword123!
# Resets admin password
# Create additional users
sudo gvmd --create-user=security_team --password=TeamPassword123!
# Adds new user
# Assign roles
sudo gvmd --modify-user=security_team --role=Admin
# Grants admin privileges
Access the web interface:
- Open browser:
https://your-server-ip:9392
- Accept the self-signed certificate warning
- Login with username:
admin
- Use the password from setup
๐ฎ Quick Examples
Letโs run real vulnerability scans! ๐ฅ
Example 1: Quick Network Scan
# Create target via command line
sudo gvmd --create-target="Local Network" \
--hosts="192.168.1.0/24" \
--exclude-hosts="192.168.1.1"
# Defines scan target
# Create scan task
sudo gvmd --create-task="Network Vulnerability Scan" \
--target="Local Network" \
--scanner="OpenVAS Default" \
--config="Full and fast"
# Sets up scan task
# Start the scan
sudo gvmd --start-task="Network Vulnerability Scan"
# Begins scanning
# Monitor scan progress
sudo gvmd --get-tasks
# Shows task status
# Get results
sudo gvmd --get-results
# Displays vulnerabilities found
Example 2: Web Application Scanning
# Create web app target
cat << EOF > web-target.xml
<create_target>
<name>Web Application</name>
<hosts>www.example.com</hosts>
<port_list>80,443,8080,8443</port_list>
<alive_test>Consider Alive</alive_test>
</create_target>
EOF
# Import target
sudo gvmd --xml=web-target.xml
# Creates web target
# Run web-focused scan
sudo gvmd --create-task="Web App Security" \
--target="Web Application" \
--config="Web application abuses"
# Specialized web scan
# Export results to PDF
sudo gvmd --get-report=[report-id] \
--format=PDF > vulnerability-report.pdf
# Creates PDF report
Example 3: Automated Scheduled Scanning
# Create scheduled scan script
cat << 'EOF' > /usr/local/bin/weekly-scan.sh
#!/bin/bash
# Weekly vulnerability scan
# Start scan
TASK_ID=$(sudo gvmd --start-task="Weekly Security Scan" | grep -oP '[\w-]+$')
echo "Started scan: $TASK_ID"
# Wait for completion
while true; do
STATUS=$(sudo gvmd --get-tasks | grep $TASK_ID | awk '{print $2}')
if [ "$STATUS" = "Done" ]; then
break
fi
sleep 300
done
# Get report
sudo gvmd --get-report=$TASK_ID --format=PDF > /var/reports/scan-$(date +%Y%m%d).pdf
# Email report
mail -s "Weekly Security Scan Complete" -a /var/reports/scan-$(date +%Y%m%d).pdf [email protected] < /dev/null
EOF
chmod +x /usr/local/bin/weekly-scan.sh
# Add to crontab
echo "0 2 * * 1 /usr/local/bin/weekly-scan.sh" | sudo crontab -
# Runs every Monday at 2 AM
๐จ Fix Common Problems
Donโt worry if you encounter issues! Here are solutions! ๐ช
Problem 1: โScanner wonโt start or database errorsโ
# Solution: Reset and rebuild database
sudo systemctl stop gvmd
sudo systemctl stop gsad
sudo systemctl stop ospd-openvas
# Clean database
sudo -u gvm psql -d gvmd -c "DELETE FROM tasks;"
sudo -u gvm psql -d gvmd -c "DELETE FROM targets;"
# Clears existing data
# Rebuild NVT cache
sudo openvas --update-vt-info
# Rebuilds vulnerability tests
# Restart services
sudo gvm-start
# Fresh start
# Verify with setup check
sudo gvm-check-setup
# Should show OK
Problem 2: โScans are extremely slowโ
# Solution: Optimize scanner settings
# Adjust Redis for better performance
sudo nano /etc/redis/redis.conf
# Add/modify these lines:
maxmemory 2gb
maxmemory-policy allkeys-lru
# Restart Redis
sudo systemctl restart redis
# Optimize scanner
sudo nano /etc/default/ospd-openvas
# Increase workers:
OSPD_OPENVAS_OPTIONS="--max-scans 3 --max-queued-scans 10"
# Use faster scan configs
# In web UI, use "Discovery" for quick scans
# Use "Full and fast" for balance
# Avoid "Ultimate" unless necessary
Problem 3: โCannot access web interfaceโ
# Solution: Check certificates and services
# Regenerate certificates
sudo gvm-manage-certs -f
# Forces new certificates
# Check if services are listening
sudo ss -tlnp | grep -E "9392|9390"
# Should show listening ports
# Check logs for errors
sudo tail -f /var/log/gvm/gsad.log
# Web interface logs
# Allow through SELinux
sudo setsebool -P httpd_can_network_connect 1
sudo setsebool -P httpd_can_network_connect_db 1
# Permits connections
# Restart web service
sudo systemctl restart gsad
# Restarts web UI
Problem 4: โFeed sync fails or takes foreverโ
# Solution: Use alternative sync methods
# Use rsync instead of http
sudo greenbone-feed-sync --type=GVMD_DATA --method=rsync
# Faster sync method
# Sync only essential feeds
sudo greenbone-nvt-sync
# Just vulnerability tests
# Use community feed mirror
export COMMUNITY_NVT_RSYNC_FEED=rsync://feed.community.greenbone.net:/nvt-feed
sudo greenbone-nvt-sync
# Alternative feed source
# Check available space
df -h /var/lib/gvm
# Needs at least 10GB free
๐ Simple Commands Summary
Your OpenVAS command cheat sheet - essential reference! ๐
Command | What It Does | Example |
---|---|---|
gvm-start | Start all services | sudo gvm-start |
gvm-stop | Stop all services | sudo gvm-stop |
gvm-check-setup | Verify installation | sudo gvm-check-setup |
greenbone-feed-sync | Update vulnerabilities | sudo greenbone-feed-sync |
gvmd --get-tasks | List scan tasks | sudo gvmd --get-tasks |
gvmd --get-results | Show scan results | sudo gvmd --get-results |
gvmd --create-user | Add new user | sudo gvmd --create-user=john |
openvas --update-vt-info | Update scanner | sudo openvas --update-vt-info |
gvm-manage-certs | Manage certificates | sudo gvm-manage-certs -f |
๐ก Tips for Success
Ready to become a vulnerability scanning expert? Here are pro tips! ๐
Scanning Best Practices
- ๐ฏ Always get written permission before scanning
- ๐ Schedule scans during maintenance windows
- ๐ Start with discovery scans, then detailed
- ๐ Prioritize critical systems first
Report Management
# Create report template script
cat << 'EOF' > /usr/local/bin/generate-report.sh
#!/bin/bash
DATE=$(date +%Y%m%d)
sudo gvmd --get-reports --format=PDF > reports/scan-$DATE.pdf
sudo gvmd --get-reports --format=CSV > reports/scan-$DATE.csv
sudo gvmd --get-reports --format=XML > reports/scan-$DATE.xml
# Generate summary
echo "High: $(grep -c High reports/scan-$DATE.csv)"
echo "Medium: $(grep -c Medium reports/scan-$DATE.csv)"
echo "Low: $(grep -c Low reports/scan-$DATE.csv)"
EOF
chmod +x /usr/local/bin/generate-report.sh
Integration Ideas
- ๐ง Email reports to security team automatically
- ๐ Send critical findings to Slack/Teams
- ๐ Export to SIEM for correlation
- ๐ซ Create tickets for remediation
Performance Optimization
- ๐พ Use SSD for database storage
- ๐ Scan in segments for large networks
- โฐ Schedule feed updates during off-hours
- ๐ Monitor resource usage during scans
๐ What You Learned
Amazing work! Look at what youโve accomplished! ๐ Youโre now a vulnerability scanning expert:
- โ Installed and configured OpenVAS/GVM on AlmaLinux
- โ Set up PostgreSQL and Redis for backend
- โ Configured web interface access
- โ Created and managed scan targets
- โ Ran comprehensive vulnerability scans
- โ Generated professional security reports
- โ Automated scanning workflows
- โ Troubleshot common issues
- โ Optimized scanner performance
- โ Built enterprise-grade vulnerability assessment
๐ฏ Why This Matters
Youโve just deployed the same technology that security professionals use to protect Fortune 500 companies! ๐ข OpenVAS gives you the power to find vulnerabilities before they become breaches. Youโre not waiting for attacks - youโre actively hunting for weaknesses and fixing them proactively.
This isnโt just about running scans - itโs about taking ownership of your security posture. You can now identify risks, prioritize patches, prove compliance, and sleep better knowing your systems are checked regularly. Youโve transformed from reactive to proactive security!
Your AlmaLinux system is now a professional vulnerability assessment platform. Youโre equipped to protect not just one server, but entire networks. Youโve got the tools that cost thousands of dollars in commercial versions - for free! ๐ช
Keep scanning, keep securing, and remember - the best defense is knowing your weaknesses! Youโve got this! โญ
Happy hunting, AlmaLinux security guardian! ๐