Install GVM 21.4.2 Ubuntu 20.04

Created a guide using the official documentation from Greenbone. All credit goes to Greenbone and using my guide is in no way official nor holds any warranty for any issues. I recommend everyone to read their official documentation to get a good insight on how-to build from source.

The few updates I had to make for it to work on Ubuntu 20.04 was the following (since last release):

  • install libnet1-dev
  • install libunistring-dev (for openvas-smb)
  • Manually install python3-psutil version 5.7.2 (pip install --upgrade psutil==5.7.2)
  • Modify the scanner to correct ospd-openvas.sock path (ā€“scanner-host=/run/ospd/ospd-openvas.sock)
  • Iā€™ve also included the generation of GVM (GSA) certificates to enable HTTPS (which require a few changes to the start up script of GSA

Edit:

Added support for exporting reports in PDF format by installing the optional packages:

  • xmlstarlet
  • texlive-fonts-recommended
  • texlive-latex-extra

Youā€™ll find the guide here.

Thanks Greenbone community,
and best regards,
Fredrik

5 Likes

Thanks Fredrik, when I was writing our docs it was partly inspired by your guide :slight_smile: So it is nice to see that you are catching up from my work now :+1:

5 Likes

Iā€™ve used the official documentation to runs it in a Debian 10 Buster machine. Tested and works fine.
Great Job!

2 Likes

I followed the guide to the Create GVM admin step, how do I resolve this message?

1 Like

Add /usr/local/lib/ in /etc/ld.so.conf.d/gvm.conf or run ldconfig

1 Like

Working on the updated version of the documenation where all credit goes to Greenboneā€™s offical docs. Any feedback or issue in regard to building GVM 21.4.2 on Ubuntu 20.04 before I update the live docs would be more than appreciated.

Dev environment found here: https://www.libellux.dev/openvas/

Best regards,
Fredrik

2 Likes

Updated the docs for GVM 21.4.3 so far I havenā€™t had any issues with the setup. If you find any issue please ping :slight_smile: The docs are available at the live environment: https://libellux.com

Best regards,
Fredrik

1 Like

Updated the docs once again but for GVM 21.4.4 (gvmd). I also found a few typos I corrected and did update the pictures so the feed status is now correctly updated and all works as it should. Havenā€™t been able to identify any issues at least. Enjoy! https://libellux.com

Best regards,
Fredrik

1 Like

Hi libellux,
this morning i tried your installation guide. Thank you for sharing your work :slight_smile: seems to work, except that all my scans result in a 0.0 severity. Did you face the same issue?
Yesterday i tried this guideline from the Greenbone docs. Got the same problem, every scan results in a 0.0 severity. Do you know why?

best regards

@alessio Hey! Thanks for the feedback. Hm yes youā€™ll need to set the severity level somewhere let me check and get back to you was awhile I tested myself but did work after I made this changeā€¦ So iā€™ll check it up for you and then Iā€™ll update my documentation as well.

In the meantime you can search this forum - people had the same issue and was explained how to set the severity for the scanner (still at work so goto run :slight_smile:)

Best regards,
Fredrik

2 Likes

Hi libellux,
so what i did so far is cloning the scan-configuration ā€œfull and fastā€, and enabled all strategies. But thats not what you meant i think. Can you show me where in the menu i find the severity level to modify it? :slight_smile:

best regards

Hm but the scan is running on a test-vm where the credentials are default ā€œadmin/adminā€. Even if i set the severityā€¦ at least this vulnerability should be found i guess? So i think something different is not working (i enabled brute force and actuall everything for this scan-config).

best regards

Hello @alessio I just re-built a totally new VM following my guide (works with the official guide as well). Did as the people mentioned in the other thread to clone the full and fast and enable all the stategies. Then I created a new scan towards my external local OSSEC (host intrustion detection system) test server.

I get the notifications to Slack so I can see all the vulnerability tests being executed towards this virtual machine as well to see its found vulnerabilities in the report.

See attached screenshots and unfortuntely I cannot find or reproduce that it doesnā€™t work :confused:


I hope you resolve itā€¦ maybe youā€™re running a local scan against your GVM server? havenā€™t tried that myself - if thats the case try run against an local external VM machine. Just make sure that your firewall doesnā€™t block it.

Edit: when i say external I mean running a scan towards any other server or client in your network besides the local GVM server.

Best regards,
Fredrik

1 Like

Hi Fredrik,
thank you for your support :slight_smile:
Yes the first scan i do is always against the gvm itself (firewall disabled), tried several other hosts, but now the scan gets stuck at 0%
I will simply do a new setup with your guideline.

thanks and best regards

1 Like

Setup is done, scanning works like a charm :slight_smile: So scanning against the greenbone itself is not possible i guess? It was in 20.08 that makes me wonderingā€¦anyway everthings fine, thank you again for your support!
One more thing in your guideline you suggest to modifiy the scanner for the ospd.sock

# Todo:
# Test modify scanner (ā€“scanner-host=/run/ospd/ospd-openvas.sock) to avoid:
# write_to_client_unix: failed to write to client: Broke error
# Action: 
# sudo gvmd --get-scanners
# 08b69003-5fc2-4037-a479-93b440211c73  OpenVAS  /var/run/ospd/ospd.sock  0  OpenVAS Default <- THIS UUID
# sudo gvmd --modify-scanner=08b69003-5fc2-4037-a479-93b440211c73 --scanner-host=/opt/gvm/var/run/ospd.sock

In my case /opt/gvmā€¦ does not exist. I changed it to /var/run/ospd/ospd-openvas.sock

best regards

2 Likes

Im glad you got it to work! Thanks for the feed back iā€™ll make sure to update that part :slight_smile:

Best regards

1 Like

Made some minor updates to install GVM (gvmd 21.4.4) on Ubuntu 20.04 thanks to comments from you readers. If curious youā€™ll find the section here: Greenbone Vulnerability Manager | Libellux

2 Likes

A post was split to a new topic: Systemd[1]: gsad.service: Start request repeated too quickly

Hello Iā€™m not able to start gsad service. with error bellow systemd[1]: gsad.service: Start request repeated too quickly. systemd[1]: gsad.service: Failed with result ā€˜exit-codeā€™. Any suggestion?

Hi @pwk and welcome to the forum :slight_smile:

Iā€™ve moved your post from the tutorial thread here to a new thread with part of the error message as the topic (you can change that in an edit if youā€™d like) and have some questions. Which version of GVM are you using and which operating system and version did you install it on? Also, how did you install it?

Thanks!

Edit to add- if the original thread was the method and versions you used, please let me know and Iā€™ll move it back. :slight_smile: