In this tutorial, we will show you how to install OpenVAS on Rocky Linux 9. For those of you who didn’t know, OpenVAS (Open Vulnerability Assessment System) is an open-source vulnerability scanner that can be used to scan a network or a single host for potential vulnerabilities. The tool provides a comprehensive solution for vulnerability assessment and management and is used by organizations and security professionals to perform regular security assessments and to identify and mitigate security risks.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘
sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of OpenVAS open-source vulnerability assessment and management solution on Rocky Linux. 9.
- A server running one of the following operating systems: Rocky Linux 9.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies for OpenVAS.
non-root sudo useror access to the
root user. We recommend acting as a
non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install OpenVAS on Rocky Linux 9
Step 1. The first step is to update your system to the latest version of the package list. To do so, run the following commands:
sudo dnf check-update sudo dnf config-manager --set-enabled powertools sudo dnf install epel-release
Step 2. Disable SELinux.
OpenVAS requires SELinux to be disabled, now run the following command below to disable it:
sudo setenforce 0 sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config sudo reboot
After reboot, check the current status of SELinux:
SELinux status: disabled
Step 3. Installing Atomicorp Repository.
The Atomic or A.R.T. (Atomic Rocket Turtle) RPM repository is an open-source unsupported archive of software packages specifically for the CentOS and Redhat communities. Run the following command to install Atomicorp to your Rocky Linux system:
wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo sh
Step 4. Installing OpenVAS Vulnerability Scanner on Rocky Linux 9.
Now run the following command below to install OpenVAS on your Rocky Linux system:
sudo dnf install gvm gvm-setup
During this process,
gvm will update the Network Vulnerability Tests feed from the Greenbone Security Feed/Community Feed this can take some time depending on your internet connection.
After the update process, you’ll need to set an admin password for the web GUI.
Step 5. Configure Firewall.
By default, OpenVAS listens on ports 80 and 443. If any firewall is installed and configured on your server, then you will need to allow both ports via firewalld. You can allow them with the following command:
sudo firewall-cmd --permanent --zone=public --add-service=http sudo firewall-cmd --permanent --zone=public --add-service=https sudo firewall-cmd --reload
You can verify by listing the current firewall settings:
sudo firewall-cmd --permanent --list-all
Step 6. Accessing OpenVAS Web Interface.
Once successfully installed, open your web browser and access the OpenVAS Web UI using the URL
https://your-IP-address. The default username and password for OpenVAS are admin and admin, respectively. You should see the following page:
Congratulations! You have successfully installed OpenVAS. Thanks for using this tutorial for installing OpenVAS open-source vulnerability management solution on your Rocky Linux 9 system. For additional help or useful information, we recommend you check the official OpenVAS website.