Installing and Configuring OpenVAS

1 hour
  • 2 Learning Objectives

About this Hands-on Lab

In this lab, we’ll be installing OpenVAS, an open source vulnerability scanner. Then we’ll configure it to scan `localhost` and export the scan task to our Downloads directory.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Install OpenVAS.

Run the following commands:

  • `sudo add-apt-repository ppa:mrazavi/openvas (press ENTER when prompted)”
  • sudo apt-get update
  • sudo apt-get install -y sqlite3
  • sudo apt-get install -y openvas9 (select YES when prompted)
  • sudo service openvas-manager restart

If you are installing for a production system, you will need to run the below commands. However, it will take about an additional hour for Greenbone to download all of the data. We are not going to do this as part of the lab since it’s not necessary to complete the tasks.

  • sudo greenbone-nvt-sync
  • greenbone-scapdata-sync
  • greenbone-certdata-sync
  • sudo openvasmd --rebuild --progress
  • sudo service openvas-manager restart
Create an OpenVAS scan of `localhost` and export the task to your Downloads directory.
  1. Open a web browser on your Ubuntu lab host and go to When prompted about an unsecure connection select Advanced, then Add Exception, then Confirm Security Exception

  2. Login with the username admin and password of admin

  3. Within OpenVAS, click on Scans, then Tasks. (You can close out the pop-up welcome message)

  4. Click on the star icon and select New Task.

  5. Fill out the following scan information:
    Name: LabScan
    Scan Targets: (click on the star icon next to "Target)", replace "unnamed" with "localhost", then click "Create".
    Schedule: Check the box next to "Once"
    Alterable Task: Mark "Yes"

  6. Click the Create button.

  7. That completes the tasks in this lab.

Additional Resources

In order to improve security in your organization's environment, your CISO has decided to start performing weekly internal vulnerability scans. You are tasked with installing OpenVAS vulnerability scanner on a server and creating a task to scan the server itself using localhost as your scan target.

You will then need export that task to the Downloads directory so the developers can review the XML format OpenVAS is using.

Connecting to the lab:

  • Use VNC on your computer to connect to the public IP address of the instance on port 5901 (x.x.x.x:5901).
  • Log in with the username and password generated by the lab.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?