一、gvm安装
为了方便先获取权限
中科大的源用不了,改用kali自己的源。进入源文件
去点kali源的注释,把中科大源注释掉。(i-修改 :wq保存修改并退出)
这个时候还不能安装,需要先更新源
安装gvm
apt-get install gvm
出现提醒
安装完成,运行设置
二、gvm初始设置
运行gvm-setup:
和上面安装中的提醒相关,是postgresql版本不匹配的问题
把13版本卸载,指定14版本为使用版本。然后再gvm-setup,运行起来了。但是显示postgresql还是有问题,后文更新安全文件到当前(可以自由活动几分钟了~)。
三、检验gvm初始设置,配置postgresql
运行完成,显示有个错误(error)
可以试着运行一下fix方案,但是没反应。
产生这个问题还是源于起初的gvm版本和postgresql版本不配套。查看相关资料发现postgresql使用的通信端口是5433,和gvm的通信端口5432对不上,因此我们选择改postgresql的端口。查看正在使用的端口。
查看进入postgresql设置文件(.conf)
修改端口号,保存退出。
修改配置之后还要重启postgresql才可以应用配置。再运行一下fix方案
成功了,然后可以检验gvm设置了
┌──(root💀kali)-[/home/kali]
└─# gvm-check-setup
gvm-check-setup 21.4.3
Test completeness and readiness of GVM-21.4.3
Step 1: Checking OpenVAS (Scanner)...
OK: OpenVAS Scanner is present in version 21.4.4.
OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
OK: _gvm owns all files in /var/lib/openvas/gnupg
OK: redis-server is present.
OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: _gvm owns all files in /var/lib/openvas/plugins
OK: NVT collection in /var/lib/openvas/plugins contains 96826 NVTs.
Checking that the obsolete redis database has been removed
OK: No old Redis DB
OK: ospd-OpenVAS is present in version 21.4.4.
Step 2: Checking GVMD Manager ...
OK: GVM Manager (gvmd) is present in version 21.4.5.
Step 3: Checking Certificates ...
OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data ...
OK: SCAP data found in /var/lib/gvm/scap-data.
OK: CERT data found in /var/lib/gvm/cert-data.
Step 5: Checking Postgresql DB and user ...
OK: Postgresql version and default port are OK.
gvmd | _gvm | UTF8 | zh_CN.UTF-8 | zh_CN.UTF-8 |
OK: At least one user exists.
Step 6: Checking Greenbone Security Assistant (GSA) ...
Oops, secure memory pool already initialized
OK: Greenbone Security Assistant is present in version 21.4.4.
Step 7: Checking if GVM services are up and running ...
Starting ospd-openvas service
Waiting for ospd-openvas service
OK: ospd-openvas service is active.
Starting gvmd service
Waiting for gvmd service
OK: gvmd service is active.
Starting gsad service
Waiting for gsad service
OK: gsad service is active.
Step 8: Checking few other requirements...
OK: nmap is present in version 21.4.4.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.
SUGGEST: Install nsis.
OK: xsltproc found.
WARNING: Your password policy is empty.
SUGGEST: Edit the /etc/gvm/pwpolicy.conf file to set a password policy.
It seems like your GVM-21.4.3 installation is OK.