Installing Network Scanning (OpenVAS)

Acunetix can be configured to use OpenVAS to perform network scans of the Targets configured in Acunetix. The network scan results will be displayed in the Acunetix UI. The following will show how to configure OpenVAS on Ubuntu, Kali Linux, and using the Greenbone virtual appliance, and how to connect Acunetix to each one of these.

Installing OpenVAS on Ubuntu (Version 18.04.2 LTS or later)

  1. Install OpenVAS:
    sudo apt-get install openvas
  1. During the installation you will see a dialog about enabling the "redis" database. You will need to answer "Yes" to this dialog.
  1. Create or edit the following file:
    sudo nano /etc/openvas/openvassd.conf
  2. If the ‘kb_location’ is not present in openvassd.conf, add it as follows:
    kb_location=/var/run/redis/redis.sock
  3. Exit nano and save openvassd.conf.
  4. By default, OpenVAS listens on 127.0.0.1. If Acunetix is going to run on a different machine, OpenVAS needs to be configured to listen on the machine’s IP address:
  1. Open /lib/systemd/system/openvas-manager.service:
    sudo nano /lib/systemd/system/openvas-manager.service
  2. Change:
    ExecStart=/usr/sbin/openvasmd --listen=127.0.0.1 --port=9390 --database=/var/lib/openvas/mgr/tasks.db
    to:
    ExecStart=/usr/sbin/openvasmd --listen=internal_ip --port=9390 --database=/var/lib/openvas/mgr/tasks.db
  1. Launch the OpenVAS setup process:
    sudo openvas-setup
  2. During the installation take note of the password used to create the OpenVAS Administrator.
  3. Reboot the openVAS machine.
  4. Run the following commands:
    sudo openvasmd --rebuild

sudo systemctl daemon-reload
sudo openvas-stop
sudo openvas-start

  1. You will now need to enable Acunetix to connect to OpenVAS. From the Acunetix Web Interface:
  1. Select "Network Scanner" from the sidebar
  2. Click the "Enable" button
  3. Set the "Address" field to the IP Address of the OpenVAS machine (or "127.0.0.1" if OpenVAS and Acunetix are on the same machine)
  4. Set the "Port" field to "9390"
  5. Set the "Username" field to "admin"
  6. Set the "Password" field to the password of the HTTP Admin from step 3 above
  7. Set the "Protocol" field to "OMP"
  8. Click the "Save" button

 

Installing OpenVAS on Kali Linux

  1. Install OpenVAS:
    sudo apt-get install openvas
  2. Launch the OpenVAS setup process:
    sudo openvas-setup
  3. During the installation take note of the password used to create the OpenVAS Administrator.
  4. By default, OpenVAS listens on 127.0.0.1. If Acunetix is going to run on a different machine, OpenVAS needs to be configured to listen on the machine’s IP address. Open /lib/systemd/system/openvas-manager.service:
    sudo nano /lib/systemd/system/openvas-manager.service
  5. Change:
    ExecStart=/usr/sbin/openvasmd --listen=127.0.0.1 --port=9390 --database=/var/lib/openvas/mgr/tasks.db
    to:
    ExecStart=/usr/sbin/openvasmd --listen=internal_ip --port=9390 --database=/var/lib/openvas/mgr/tasks.db
  6. Run the following commands:
    sudo systemctl daemon-reload
    sudo openvas-stop
    sudo openvas-start
  7. You will now need to enable Acunetix to connect to OpenVAS. From the Acunetix Web Interface:
  1. Select "Network Scanner" from the sidebar
  2. Click the "Enable" button
  3. Set the "Address" field to the IP Address of the OpenVAS machine (or "127.0.0.1" if OpenVAS and Acunetix are on the same machine)
  4. Set the "Port" field to "9390"
  5. Set the "Username" field to "admin"
  6. Set the "Password" field to the password of the HTTP Admin from step 3 above
  7. Set the "Protocol" field to "OMP"
  8. Click the "Save" button

Installing the GreenBone OpenVAS GCE VirtualAppliance

** Note: Versions of GreenBone OpenVAS GCE VirtualAppliance up to V4.x are supported. V5 and later are not yet supported at this time.

  1. Follow the instructions at https://www.greenbone.net/en/install_use_gce/ to install the OpenVAS Virtual Appliance
  2. During the initial setup, take note of the password used to create the OpenVAS Administrator.
  3. Take note also of the HTTP Admin credentials. These will need to be used later. If the creation of the HTTP Admin was not done at the initial setup, this can be created from the Greenbone OS Administration Menu. (Setup > User > Users > Admin User to create a new HTTP Admin)
  4. When the Greenbone OpenVAS installation is complete, it will trigger a feed update. This needs to finish in order for OpenVAS to work correctly. You can check the status of this operation from the Greenbone OS Administration Menu, in the About section. When the update is done, the About section will indicate the Feed Version that you are using and that “No system operation is currently running”
  5. In order for Acunetix to connect to OpenVAS, you will need to enable SSH on OpenVAS. This can be done from the Greenbone OS Administration Menu > Setup > Services > SSH > State. Change this to Enabled and Save the change.
  6. You will also need to enable GMP in OpenVAS. This needs to be done from the Greenbone OS shell, which can be accessed from the Greenbone OS Administration Menu > Advanced > Support > Shell > Continue. From the shell, enter the following command:
    gos-state-manager set public_gmp enabled
  7. Make this change permanent by executing the following command from the shell:

gos-state-manager save

  1. You will now need to enable Acunetix to connect to OpenVAS. From the Acunetix Web Interface:
  1. Select "Network Scanner" from the sidebar
  2. Click the "Enable" button
  3. Set the "Address" field to the IP Address of the OpenVAS machine
  4. Set the "Port" field to "22"
  5. Set the "Username" field to the username of the HTTP Admin from step 3 above
  6. Set the "Password" field to the password of the HTTP Admin from step 3 above
  7. Set the "Protocol" field to "SSH"
  8. Click the "Save" button

 

« Back to the Acunetix Support Page