Installing Network Scanning (OpenVAS)

Acunetix can be configured to use OpenVAS to perform network scans of the Targets configured in Acunetix. The network scan results will be displayed in the Acunetix UI. The following will show how to configure OpenVAS on Ubuntu, Kali Linux, and using the Greenbone virtual appliance, and how to connect Acunetix to each one of these.

Installing OpenVAS on Ubuntu (version greater than 18.04.2 LTS)

  1. Install OpenVAS:
    sudo apt-get install openvas
  2. Launch the OpenVAS setup process:
    sudo openvas-setup
  3. During the installation take note of the password used to create the OpenVAS Administrator.
  4. Create or edit the following file:
    sudo nano /etc/openvas/openvassd.conf
  5. If the ‘kb_location’ is not present in openvassd.conf, add it as follows:
    kb_location=/var/run/redis/redis.sock
  6. Exit nano and save openvassd.conf.
  7. By default, OpenVAS listens on 127.0.0.1. If Acunetix is going to run on a different machine, OpenVAS needs to be configured to listen on the machine’s IP address. Open /lib/systemd/system/openvas-manager.service:
    sudo nano /lib/systemd/system/openvas-manager.service
  8. Change:
    ExecStart=/usr/sbin/openvasmd --listen=127.0.0.1 --port=9390 --database=/var/lib/openvas/mgr/tasks.db
    to:
    ExecStart=/usr/sbin/openvasmd --listen=internal_ip --port=9390 --database=/var/lib/openvas/mgr/tasks.db
  9. Run the following commands:
    sudo systemctl daemon-reload
    sudo openvas-stop
    sudo openvas-start
  10. On the Acunetix machine, open /home/acunetix/.acunetix/wvs.ini (sudo nano /home/acunetix/.acunetix/wvs.ini) if Acunetix is installed on Linux, or C:\ProgramData\Acunetix\settings.ini if Acunetix is installed on Windows
  11. Add the following at the end of the file. Change the ovas.address if OpenVAS is running on a different machine and change the ovas.user and ovas.password as needed.
    ovas.address=127.0.0.1
    ovas.port=9390
    ovas.user=admin
    ovas.password=[password from step 3 above]
    ovas.protocol=OMP

 

Installing OpenVAS on Kali Linux

  1. Install OpenVAS:
    sudo apt-get install openvas
  2. Launch the OpenVAS setup process:
    sudo openvas-setup
  3. During the installation take note of the password used to create the OpenVAS Administrator.
  4. By default, OpenVAS listens on 127.0.0.1. If Acunetix is going to run on a different machine, OpenVAS needs to be configured to listen on the machine’s IP address. Open /lib/systemd/system/openvas-manager.service:
    sudo nano /lib/systemd/system/openvas-manager.service
  5. Change:
    ExecStart=/usr/sbin/openvasmd --listen=127.0.0.1 --port=9390 --database=/var/lib/openvas/mgr/tasks.db
    to:
    ExecStart=/usr/sbin/openvasmd --listen=internal_ip --port=9390 --database=/var/lib/openvas/mgr/tasks.db
  6. Run the following commands:
    sudo systemctl daemon-reload
    sudo openvas-stop
    sudo openvas-start
  7. On the Acunetix machine, open /home/acunetix/.acunetix/wvs.ini (sudo nano /home/acunetix/.acunetix/wvs.ini) if Acunetix is installed on Linux, or C:\ProgramData\Acunetix\settings.ini if Acunetix is installed on Windows
  8. Add the following at the end of the file. Change the ovas.address if OpenVAS is running on a different machine and change the ovas.user and ovas.password as needed.
    ovas.address=127.0.0.1
    ovas.port=9390
    ovas.user=admin
    ovas.password=[password from step 3 above]
    ovas.protocol=OMP

               

Installing the GreenBone OpenVAS GCE VirtualAppliance

  1. Follow the instructions at https://www.greenbone.net/en/install_use_gce/ to install the OpenVAS Virtual Appliance
  2. During the initial setup, take note of the password used to create the OpenVAS Administrator.
  3. Take note also of the HTTP Admin credentials. These will need to be used later. If the creation of the HTTP Admin was not done at the initial setup, this can be created from the Greenbone OS Administration Menu. (Setup > User > Users > Admin User to create a new HTTP Admin)
  4. When the Greenbone OpenVAS installation is complete, it will trigger a feed update. This needs to finish in order for OpenVAS to work correctly. You can check the status of this operation from the Greenbone OS Administration Menu, in the About section. When the update is done, the About section will indicate the Feed Version that you are using and that “No system operation is currently running”
  5. In order for Acunetix to connect to OpenVAS, you will need to enable SSH on OpenVAS. This can be done from the Greenbone OS Administration Menu > Setup > Services > SSH > State. Change this to Enabled and Save the change.
  6. You will also need to enable GMP in OpenVAS. This needs to be done from the Greenbone OS shell, which can be accessed from the Greenbone OS Administration Menu > Advanced > Support > Shell > Continue. From the shell, enter the following command:
    gos-state-manager set public_gmp enabled
  7. On the Acunetix machine, open /home/acunetix/.acunetix/wvs.ini (sudo nano /home/acunetix/.acunetix/wvs.ini) if Acunetix is installed on Linux, or C:\ProgramData\Acunetix\settings.ini if Acunetix is installed on Windows
  8. Add the following at the end of the file. Change the ovas.address if OpenVAS is running on a different machine and change the ovas.user and ovas.password as needed.
    ovas.address=127.0.0.1
    ovas.port=22
    ovas.user=[httpadmin username from step 3 above]
    ovas.password=[password for the httpadmin from step 3 above]
    ovas.protocol=SSH

 

« Back to the Acunetix Support Page