Josh Krigbaum
2016-02-04 00:34:24 UTC
Hi, I'm trying to install OpenVAS 8 on a VM running a new installation of Kali Linux. I followed the steps described at https://www.kali.org/penetration-testing/openvas-vulnerability-scanning/ and all seems to be installed correctly. However when I try to access http:127.0.0.1:9392 locally in Iceweasel I receive an error that the connection was reset. Any suggestions on how to resolve this? I'm attaching the results of openvas-check-setup below.
Thanks!Josh
***@kali:~# openvas-check-setup --server
openvas-check-setup 2.3.3
 Test completeness and readiness of OpenVAS-8
 (add '--v6' or '--v7' or '--v9'
  if you want to check for another OpenVAS version)
 Please report us any non-detected problems and
 help us to improve this check routine:
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
 Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.
Step 1: Checking OpenVAS Scanner ...
       OK: OpenVAS Scanner is present in version 5.0.4.
       OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
       OK: OpenVAS Scanner server certificate is valid and present as /var/lib/openvas/CA/servercert.pem.
       OK: redis-server is present in version v=3.0.6.
       OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/lib/redis/redis.sock
       OK: redis-server is running and listening on socket: /var/lib/redis/redis.sock.
       OK: redis-server configuration is OK and redis-server is running.
       OK: NVT collection in /var/lib/openvas/plugins contains 45546 NVTs.
       WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
       SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
       OK: The NVT cache in /var/cache/openvas contains 45546 files for 45546 NVTs.
Step 2: Checking OpenVAS Manager ...
       OK: OpenVAS Manager is present in version 6.0.5.
       OK: OpenVAS Manager client certificate is valid and present as /var/lib/openvas/CA/clientcert.pem.
       OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
       OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
       OK: Access rights for the OpenVAS Manager database are correct.
       OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
       OK: OpenVAS Manager database is at revision 146.
       OK: OpenVAS Manager expects database at revision 146.
       OK: Database schema is up to date.
       OK: OpenVAS Manager database contains information about 45546 NVTs.
       OK: At least one user exists.
       OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
       OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
       OK: xsltproc found.
Step 3: Checking user configuration ...
       OK: The password policy file at /etc/openvas/pwpolicy.conf contains entries.
Step 4: Checking Greenbone Security Assistant (GSA) ...
       OK: Greenbone Security Assistant is present in version 6.0.5.
Step 5: Checking OpenVAS CLI ...
       SKIP: Skipping check for OpenVAS CLI.
Step 6: Checking Greenbone Security Desktop (GSD) ...
       SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running ...
       OK: netstat found, extended checks of the OpenVAS services enabled.
       OK: OpenVAS Scanner is running and listening only on the local interface.
       OK: OpenVAS Scanner is listening on port 9391, which is the default port.
       WARNING: OpenVAS Manager is running and listening only on the local interface.
       This means that you will not be able to access the OpenVAS Manager from the
       outside using GSD or OpenVAS CLI.
       SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless you want
       a local service only.
       OK: OpenVAS Manager is listening on port 9390, which is the default port.
       OK: Greenbone Security Assistant is listening on port 9392, which is the default port.
Step 8: Checking nmap installation ...
       WARNING: Your version of nmap is not fully supported: 7.01
       SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.
Step 10: Checking presence of optional tools ...
       OK: pdflatex found.
       OK: PDF generation successful. The PDF report format is likely to work.
       OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
       WARNING: Could not find rpm binary, LSC credential package generation for RPM and DEB based targets will not work.
       SUGGEST: Install rpm.
       WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.
       SUGGEST: Install nsis.
It seems like your OpenVAS-8 installation is OK.
Thanks!Josh
***@kali:~# openvas-check-setup --server
openvas-check-setup 2.3.3
 Test completeness and readiness of OpenVAS-8
 (add '--v6' or '--v7' or '--v9'
  if you want to check for another OpenVAS version)
 Please report us any non-detected problems and
 help us to improve this check routine:
 http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
 Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.
Step 1: Checking OpenVAS Scanner ...
       OK: OpenVAS Scanner is present in version 5.0.4.
       OK: OpenVAS Scanner CA Certificate is present as /var/lib/openvas/CA/cacert.pem.
       OK: OpenVAS Scanner server certificate is valid and present as /var/lib/openvas/CA/servercert.pem.
       OK: redis-server is present in version v=3.0.6.
       OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/lib/redis/redis.sock
       OK: redis-server is running and listening on socket: /var/lib/redis/redis.sock.
       OK: redis-server configuration is OK and redis-server is running.
       OK: NVT collection in /var/lib/openvas/plugins contains 45546 NVTs.
       WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
       SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
       OK: The NVT cache in /var/cache/openvas contains 45546 files for 45546 NVTs.
Step 2: Checking OpenVAS Manager ...
       OK: OpenVAS Manager is present in version 6.0.5.
       OK: OpenVAS Manager client certificate is valid and present as /var/lib/openvas/CA/clientcert.pem.
       OK: OpenVAS Manager client certificate is present as /var/lib/openvas/CA/clientcert.pem.
       OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
       OK: Access rights for the OpenVAS Manager database are correct.
       OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
       OK: OpenVAS Manager database is at revision 146.
       OK: OpenVAS Manager expects database at revision 146.
       OK: Database schema is up to date.
       OK: OpenVAS Manager database contains information about 45546 NVTs.
       OK: At least one user exists.
       OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
       OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
       OK: xsltproc found.
Step 3: Checking user configuration ...
       OK: The password policy file at /etc/openvas/pwpolicy.conf contains entries.
Step 4: Checking Greenbone Security Assistant (GSA) ...
       OK: Greenbone Security Assistant is present in version 6.0.5.
Step 5: Checking OpenVAS CLI ...
       SKIP: Skipping check for OpenVAS CLI.
Step 6: Checking Greenbone Security Desktop (GSD) ...
       SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running ...
       OK: netstat found, extended checks of the OpenVAS services enabled.
       OK: OpenVAS Scanner is running and listening only on the local interface.
       OK: OpenVAS Scanner is listening on port 9391, which is the default port.
       WARNING: OpenVAS Manager is running and listening only on the local interface.
       This means that you will not be able to access the OpenVAS Manager from the
       outside using GSD or OpenVAS CLI.
       SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless you want
       a local service only.
       OK: OpenVAS Manager is listening on port 9390, which is the default port.
       OK: Greenbone Security Assistant is listening on port 9392, which is the default port.
Step 8: Checking nmap installation ...
       WARNING: Your version of nmap is not fully supported: 7.01
       SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.
Step 10: Checking presence of optional tools ...
       OK: pdflatex found.
       OK: PDF generation successful. The PDF report format is likely to work.
       OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
       WARNING: Could not find rpm binary, LSC credential package generation for RPM and DEB based targets will not work.
       SUGGEST: Install rpm.
       WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.
       SUGGEST: Install nsis.
It seems like your OpenVAS-8 installation is OK.