How to Install and Use a Vulnerability Scanner in Linux

Gvm Feature Image

One of the greatest things about Linux is the amount of open source tools at your disposal, although they might not be installed. In this how-to, we will install OpenVas, an open-source vulnerability scanning and management application, and then run your first vulnerability scan.

First things first, we have to choose our base Linux distro. This walkthrough will use Ubuntu. Some other distros, such as Kali Linux, may already have it installed.

In addition to our Ubuntu installation we will need to choose which version of OpenVas we will be working with. Currently, there are three versions in circulation. For this tutorial we will be using the newest – the Greenbone Vulnerability Management (GVM) version 10. To read more details on OpenVas or GVM, they can be found here.

Also read: How to Scan a Linux Server for Malware and Rootkit

Getting Started

In order to begin the installation of GVM, we also will need to install the proper required repository, which GVM is dependent on. To do this we will begin opening a terminal session by pressing Ctrl + Alt + T and run the following command:

sudo add-apt-repository ppa:mrazavi/gvm

The output of the above command will give text-based instruction for GVM but also give you optional instructions.

Updating Your Ubuntu Installation

Starting with a fresh installation of Ubuntu 18.04, we will want to make sure that we are fully updated. To do this, run the following command:

sudo apt-get update

Also read: How to Use the Nessus Vulnerability Scanner on Linux

Installation of OpenVas

At this point, we are ready to install GVM. The default database used for GVM is SQLite. If you prefer another database for use with this solution, you can find additional instructions at the link provided above.

To install GVM, run the following:

sudo apt install gvm

During your installation, you will be prompted with additional configuration steps:

To configure the Unix Socket, select “Yes.”

Unix Socket

To configure GVMD-sqlite, select “Yes.”

Gvmd Sqlite

To configure GVMD-sqlite-cert, select “Yes.”

Gvmd Sqlite Cert

To configure GVMD-sqlite-scap, select “Yes.”

Gvmd Sqlite Scap

When the installation completes, the final step is to update the greenbone nvt/cert/scap data with the following set of commands:

sudo greenbone-nvt-sync
sudo greenbone-scapdata-sync
sudo greenbone-certdata-sync

Also read: 5 Must-Have Security Tools for Your Linux PC

Running Your First scan

Congratulations on completing the installation of GVM – now the fun begins. First, to give ourselves the warm fuzzies, let’s check the status of our installation. All properly-running applications should show a green dot or ‘active’ status when run. We can do that by launching the following-

systemctl status gvmd # manager
systemctl status openvas-scanner # scanner
systemctl status gsad # web ui

GVM gives users the ability to use a Web interface. To access the Web interface, navigate your web browser to:

https://localhost:4000

Web Gui

Login with the following credentials:

Username: admin
Password: admin

Once logged in using the admin credentials, we can now set up our first scan. To do this, select “Scan -> Tasks” from the application menu.

Scan Task

Then from the task window, find the ‘wand’ icon and select Task Wizard.

Task Wizard

When the Task Wizard window appears, we will enter the IP address of our host. Since we are only using one machine, we will scan our local host. To do this, confirm that 127.0.0.1 is entered. If not, manually enter it in the space provided.

Ip Address Hostname

Click “Start Scan” and wait. This may take a few minutes, depending on whether you used a fresh install of Ubuntu or an existing machine.

Once the scan has completed, you will see a page similar to the following notifications.

Task Done

Now to see your results, go to “Scans -> Reports.” Due to the fact that this is a new test machine, my results have no findings. If you run a scan on an existing machine on your company or home network, you may have different results.

Scan Reports

To conclude, we have just hit the tip of the iceberg in what GVM can do for finding system vulnerabilities. I challenge you to configure different scans and uncover things you may not have known existed. You will be surprised at what you find, I guarantee. Happy Scanning!

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Josh Grimes

Josh Grimes is a freelance writer with an uncontrollable passion for technology. Whether Windows or Linux, gaming or cyber-security, Josh is an advocate to "making TECH easier." You can see some of his other work at www.havocinfosec.com.