{"id":3080,"date":"2023-01-06T10:11:25","date_gmt":"2023-01-06T15:11:25","guid":{"rendered":"https:\/\/dft.wiki\/?p=3080"},"modified":"2025-11-06T15:29:31","modified_gmt":"2025-11-06T20:29:31","slug":"vulnerability-scanner-with-greenbone-openvas-on-ubuntu-20-04","status":"publish","type":"post","link":"https:\/\/dft.wiki\/?p=3080","title":{"rendered":"Vulnerability Scanner with GVM \/ OpenVAS"},"content":{"rendered":"<p><strong>Greenbone Vulnerability Manager<\/strong>, formerly <strong>OpenVAS<\/strong>, is a full-featured free open-source vulnerability scanner with enterprise-grade features [<a href=\"https:\/\/github.com\/greenbone\/openvas-scanner\">Link<\/a>].<\/p>\n<p>It is capable of unauthenticated and authenticated testing for internet and industrial protocols under various levels of intrusion.<\/p>\n<p><strong>Requirements<\/strong><\/p>\n<ul>\n<li>4 vCPU (2 in the minimum, but it does not work properly)<\/li>\n<li>8GB of RAM (less might crash the server)<\/li>\n<li>50GB of Storage (will be 25% utilized after deployment)<\/li>\n<\/ul>\n<hr \/>\n<p><strong>INSTALLING<\/strong><\/p>\n<p><strong>Ubuntu 24.04<\/strong><\/p>\n<pre>sudo apt update &amp;&amp; sudo apt upgrade -y\r\nsudo apt install ca-certificates curl gnupg -y\r\nfor pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt remove $pkg -y; done\r\nsudo install -m 0755 -d \/etc\/apt\/keyrings\r\ncurl -fsSL https:\/\/download.docker.com\/linux\/ubuntu\/gpg | sudo gpg --dearmor -o \/etc\/apt\/keyrings\/docker.gpg\r\nsudo chmod a+r \/etc\/apt\/keyrings\/docker.gpg\r\necho \"deb [arch=\"$(dpkg --print-architecture)\" signed-by=\/etc\/apt\/keyrings\/docker.gpg] https:\/\/download.docker.com\/linux\/ubuntu \"$(. \/etc\/os-release &amp;&amp; echo \"$VERSION_CODENAME\")\" stable\" | sudo tee \/etc\/apt\/sources.list.d\/docker.list &gt; \/dev\/null\r\nsudo apt update\r\nsudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y\r\nsudo usermod -aG docker $USER &amp;&amp; su $USER\r\nexport DOWNLOAD_DIR=$HOME\/greenbone-community-container &amp;&amp; mkdir -p $DOWNLOAD_DIR\r\ncurl -f -O -L https:\/\/greenbone.github.io\/docs\/latest\/_static\/docker-compose.yml --output-dir \"$DOWNLOAD_DIR\"\r\ndocker compose -f $DOWNLOAD_DIR\/docker-compose.yml up -d\r\ndocker compose -f $DOWNLOAD_DIR\/docker-compose.yml exec -u gvmd gvmd gvmd --user=admin --new-password='<strong>strong_password<\/strong>'<\/pre>\n<p><strong>Debian 12<\/strong><\/p>\n<pre>sudo apt update &amp;&amp; sudo apt upgrade -y\r\nsudo apt install ca-certificates curl gnupg -y\r\nfor pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt remove $pkg -y; done\r\nsudo install -m 0755 -d \/etc\/apt\/keyrings\r\ncurl -fsSL https:\/\/download.docker.com\/linux\/debian\/gpg | sudo gpg --dearmor -o \/etc\/apt\/keyrings\/docker.gpg\r\nsudo chmod a+r \/etc\/apt\/keyrings\/docker.gpg\r\necho \"deb [arch=\"$(dpkg --print-architecture)\" signed-by=\/etc\/apt\/keyrings\/docker.gpg] https:\/\/download.docker.com\/linux\/debian \"$(. \/etc\/os-release &amp;&amp; echo \"$VERSION_CODENAME\")\" stable\" | sudo tee \/etc\/apt\/sources.list.d\/docker.list &gt; \/dev\/null\r\nsudo apt update\r\nsudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y\r\nsudo usermod -aG docker $USER &amp;&amp; su $USER\r\nexport DOWNLOAD_DIR=$HOME\/greenbone-community-container &amp;&amp; mkdir -p $DOWNLOAD_DIR\r\ncurl -f -O -L https:\/\/greenbone.github.io\/docs\/latest\/_static\/docker-compose.yml --output-dir \"$DOWNLOAD_DIR\"\r\ndocker compose -f $DOWNLOAD_DIR\/docker-compose.yml up -d\r\ndocker compose -f $DOWNLOAD_DIR\/docker-compose.yml exec -u gvmd gvmd gvmd --user=admin --new-password='<strong>strong_password<\/strong>'<\/pre>\n<p>On the browser, navigate to <strong>http:\/\/10.10.10.1:9392<\/strong>.<\/p>\n<hr \/>\n<p><b>DATABASES UPDATE<\/b><\/p>\n<p>The first time the container is started it takes <span style=\"text-decoration: underline;\">several minutes<\/span> to download the latest vulnerability updates.<\/p>\n<p>Navigate to <strong>Administration<\/strong> &gt; <strong>Feed Status<\/strong>. Wait until the status of all of the feeds is up to date (&#8220;current&#8221;).<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-4954\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/001.png\" alt=\"\" width=\"1503\" height=\"437\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/001.png 1503w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/001-300x87.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/001-1024x298.png 1024w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/001-768x223.png 768w\" sizes=\"auto, (max-width: 1503px) 100vw, 1503px\" \/><\/p>\n<p>After a very long tims&#8230;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-4955\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/002.png\" alt=\"\" width=\"1505\" height=\"640\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/002.png 1505w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/002-300x128.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/002-1024x435.png 1024w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/002-768x327.png 768w\" sizes=\"auto, (max-width: 1505px) 100vw, 1505px\" \/><\/p>\n<hr \/>\n<p><strong>REFLECTIONS<\/strong><\/p>\n<p>Since the Docker Compose file was created, deploying and managing OpenVAS became extremely easy (it was very painful before). See official documentation for additional information [<a href=\"https:\/\/greenbone.github.io\/docs\/latest\/22.4\/container\/index.html\">Link<\/a>].<\/p>\n<p>If necessary, watch output logs in real-time for issues:<\/p>\n<pre>export DOWNLOAD_DIR=$HOME\/greenbone-community-container\r\ndocker compose -f $DOWNLOAD_DIR\/docker-compose.yml logs -f<\/pre>\n<p>There was an issue that haunted me for years and took me a long time to connect the dots. The feed update does not reliably succeed and mostly fails.<\/p>\n<p>The problem is that the feeds are pulled with the usage of <code>rsync<\/code> from the sources:<\/p>\n<ul>\n<li>Community NVT Feed\n<ul>\n<li>rsync:\/\/feed.community.greenbone.net:\/nvt-feed<\/li>\n<\/ul>\n<\/li>\n<li>SCAP Feed\n<ul>\n<li>rsync:\/\/feed.community.greenbone.net:\/scap-data<\/li>\n<\/ul>\n<\/li>\n<li>CERT Feed\n<ul>\n<li>rsync:\/\/feed.community.greenbone.net:\/cert-data<\/li>\n<\/ul>\n<\/li>\n<li>GVMD Data Feed\n<ul>\n<li>rsync:\/\/feed.community.greenbone.net:\/gvmd-data<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>If you are not paying for the license that gives you access to the enterprise repository (which is not public), the limited resources of these servers cause the sync to fail halfway through the sync.<\/p>\n<p>The solutions for this problem are:<\/p>\n<ul>\n<li>Self-host a mirror of the repository.\n<ul>\n<li>Deploy a service that will synchronize once every so often with the remote and serve the repository locally to all your consumers.<\/li>\n<\/ul>\n<\/li>\n<li>Pulling the container images to the latest before starting syncing will reduce the delta between the local and remote to the minimum, and it might be able to complete.\n<ul>\n<li>\n<pre>export DOWNLOAD_DIR=$HOME\/greenbone-community-container\r\ndocker compose -f $DOWNLOAD_DIR\/docker-compose.yml down\r\ndocker compose -f $DOWNLOAD_DIR\/docker-compose.yml pull\r\ndocker compose -f $DOWNLOAD_DIR\/docker-compose.yml up -d<\/pre>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Greenbone Vulnerability Manager, formerly OpenVAS, is a full-featured free open-source vulnerability scanner with enterprise-grade features [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-3080","post","type-post","status-publish","format-standard","hentry","category-hacking"],"_links":{"self":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/3080","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3080"}],"version-history":[{"count":10,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/3080\/revisions"}],"predecessor-version":[{"id":5154,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/3080\/revisions\/5154"}],"wp:attachment":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3080"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3080"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3080"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}